Healthcare

PHI never reaches
the model.

Evedy enforces HIPAA, HITECH, and 42 CFR Part 2 guardrails across every clinical and operational AI workflow.

HIPAA· §164.502 / 514HITECH· breach notice42 CFR Part 2· SUDGDPR· Art. 9

The risks we shut down

RISK · 01

Patient identifiers in clinical co-pilots

MRNs, ICD-10, and demographic data masked before egress to vendor LLMs.

RISK · 02

Unauthorized prescribing assistance

Block diagnostic and prescribing prompts from unlicensed roles.

RISK · 03

PHI in revenue cycle automation

Billing agents redact PHI before reaching pricing models.

RISK · 04

Cross-tenant data bleed in multi-hospital systems

Per-tenant policy isolation with cryptographic provenance.

Outcome

What you get on day one.

▸Designed for BAA-managed deployments
▸PHI entity packs (MRN, ICD-10, CPT, SNOMED)
▸Per-tenant policy isolation
▸HIPAA risk assessment tooling

policy-bundle.yaml

apiVersion: evedy.com/v1
kind: PolicyBundle
metadata: { name: healthcare-default }
spec:
  packs: [hipaa, hitech, 42-cfr-part-2]
  redaction:
    entities: [MRN, ICD10, CPT, SNOMED, DOB, NAME_PERSON]
    action: mask
  rbac:
    clinical_only: [diagnose, prescribe, refer]
  audit:
    breach_threshold: any-unmasked-phi

Book a briefing tailored to your sector.

30 minutes with our compliance engineers.

Deploy Evedy Book Executive Briefing

PHI never reachesthe model.