Security & Compliance

Table of Content

Table of Content

Table of Content

PHI Guard

PHI Guard: Optional Policy Management for PHI Protection

PHI Guard is an optional feature that controls how Protected Health Information (PHI) is handled during AI processing.

How PHI Guard Works

When PHI Guard is enabled, CompliantChatGPT follows a controlled anonymization and de-anonymization process during AI interactions:

  1. Step 1: User Query

You ask a healthcare-related question or submit clinical information. CompliantChatGPT reads your query.

  1. Step 2: PHI Detection and Anonymization

The system identifies PHI in your message and replaces sensitive data with temporary tokens to anonymize the content.

  1. Step 3: AI Processing

The anonymized message is sent to the AI model. The model never receives raw PHI.

  1. Step 4: AI Response

We receive the response generated by the AI model based on the anonymized content.

  1. Step 5: De-anonymization

The system replaces the tokens with the original data, reintroducing the PHI securely and generating the final response shown to the user.

This process ensures PHI is protected during AI processing while preserving usability for the end user.

How PHI Guard Is Configured

PHI Guard configuration depends on the policy set by the Team Owner and, if allowed, individual Team Members.

Team Owner Configuration

Team Owners define the PHI Guard policy for the organization. There are three available options:

Enforce OFF

PHI Guard is disabled for all members.
The AI model processes full PHI context, maximizing accuracy and response quality. Standard HIPAA protections still apply through BAAs, encryption, and access controls.

Enforce ON

PHI Guard is enabled for all members.
PHI is anonymized before AI processing and securely restored afterward. This maximizes data confidentiality, but AI accuracy may be reduced due to limited context.

Individual Control

Team members are allowed to manage their own PHI Guard settings. The organization enables flexibility while still maintaining HIPAA-compliant protections.

Team Member Configuration

If Individual Control is enabled by the Team Owner, each team member can choose whether PHI Guard is enabled or disabled for their own interactions.

This allows users to balance accuracy and confidentiality based on the specific context of their work.

Important Considerations

  • Enabling PHI Guard can negatively impact AI output quality in some cases due to PHI anonymization.

  • PHI Guard is optional and not required to maintain HIPAA compliance.

  • Regardless of PHI Guard status, user inputs are never used to train AI models.

CompliantChatGPT

Use Cases

Pricing

Models

Features

Zoom Documentation

Media ToolKit

CompliantChatGPT API

API Catalog

How our API works

API Pricing

API FAQ

Company

Whitepaper

LinkedIn

YouTube

Terms and Conditions

Support

Resource Center

Built by

Light-it company logo

© 2025 CompliantAI, LLC. All rights reserved. Privacy Policy.

CompliantChatGPT Logo
CompliantChatGPT Logo
CompliantChatGPT

Use Cases

Pricing

Models

Features

Zoom Documentation

Media ToolKit

CompliantChatGPT API

API Catalog

How our API works

API Pricing

API FAQ

Company

Whitepaper

LinkedIn

YouTube

Terms and Conditions

Support

Resource Center

Built by

Light-it company logo

© 2025 CompliantAI, LLC. All rights reserved. Privacy Policy.

CompliantChatGPT Logo
CompliantChatGPT Logo
CompliantChatGPT

Use Cases

Pricing

Models

Features

Zoom Documentation

Media ToolKit

CompliantChatGPT API

API Catalog

How our API works

API Pricing

API FAQ

Company

Whitepaper

LinkedIn

YouTube

Terms and Conditions

Support

Resource Center

Built by

Light-it company logo

© 2025 CompliantAI, LLC. All rights reserved. Privacy Policy.

CompliantChatGPT Logo
CompliantChatGPT Logo