How to Deploy AI in a HIPAA-Compliant Environment

By

Healthcare organizations deploying AI face a fundamental tension: AI is most valuable when it accesses patient data, but patient data comes with HIPAA obligations. According to the HHS Office for Civil Rights, healthcare data breaches cost an average of $10.9 million per incident.

This guide covers the requirements, architectures, and decisions for HIPAA-compliant AI deployment.

What HIPAA Requires of AI Vendors

HIPAA doesn't specifically mention AI, but its requirements apply to any system handling Protected Health Information (PHI):

The Privacy Rule

Limits how PHI can be used and disclosed. For AI systems:

  • PHI used to train or query AI must follow minimum necessary standards
  • Patients have rights to know how their data is used
  • AI outputs containing PHI inherit the same protections as source data

The Security Rule

Requires safeguards for electronic PHI (ePHI). For AI systems:

  • Administrative safeguards: Policies for AI data access, workforce training
  • Physical safeguards: Physical security of servers running AI
  • Technical safeguards: Encryption, access controls, audit logging

The Breach Notification Rule

Requires notification if PHI is compromised. For AI systems:

  • Log access to PHI by AI systems
  • Monitor for unauthorized access or data exfiltration
  • Have incident response procedures ready

PHI and the Cloud AI Problem

The standard enterprise AI architecture—send data to a cloud LLM—creates significant HIPAA challenges:

What Counts as PHI

PHI includes any individually identifiable health information:

  • Names, addresses, dates (except year)
  • Phone numbers, email addresses
  • Medical record numbers, account numbers
  • Biometric identifiers
  • Full face photos
  • Health conditions, treatments, payments

In practice, most healthcare operational data contains PHI.

The Cloud AI Problem

When you send a query to a cloud AI service:

  1. The query (potentially containing PHI) leaves your environment
  2. The AI service processes it (PHI now on their servers)
  3. The response returns (may echo PHI)

Even with encryption in transit, the cloud vendor has access to unencrypted PHI during processing. This triggers HIPAA obligations.

[SCENARIO: A healthcare system deploys a cloud AI assistant to help nurses with clinical documentation. The nurse types "Patient John Smith in Room 312 has a BP of 180/110, what should I check for?" The query—containing name, location, and vital signs—is transmitted to a cloud AI service. That's a PHI disclosure requiring HIPAA safeguards.]

BAA Requirements and How to Enforce Them

If you use a cloud AI service that handles PHI, you need a Business Associate Agreement (BAA):

What a BAA Must Include

Per 45 CFR 164.504(e):

  • Description of permitted uses of PHI
  • Prohibition on uses/disclosures not permitted by agreement
  • Requirement to implement safeguards
  • Requirement to report security incidents
  • Assurance that subcontractors comply
  • Termination provisions

Enforcement in Practice

Getting a BAA signed isn't enough:

Verify technical implementation: Does the vendor actually implement the safeguards they claim?

Audit regularly: Review vendor compliance annually at minimum

Document everything: Maintain records of your due diligence

Know your exclusions: Many AI vendors exclude certain features from BAA coverage (read the fine print)

Who Will and Won't Sign BAAs

Vendor BAA Available? Notes
Microsoft Azure OpenAI Yes (Enterprise tier) Specific configurations required
Google Cloud AI Yes Healthcare & Life Sciences tier
AWS AI Services Yes Healthcare tier
OpenAI API No Consumer/business tier only
Most AI startups Varies Ask explicitly; many can't

On-Prem Deployment as the Default

For healthcare organizations, on-premises AI deployment eliminates the PHI-in-cloud problem entirely:

Advantages of On-Prem

PHI never leaves your environment: No cloud transmission means no cloud vendor BAA requirements for AI

Simplified compliance: Your existing HIPAA controls extend to the AI system

Full audit control: You own all logs and can meet any auditor request

Reduced vendor risk: You're not dependent on vendor compliance

On-Prem Architecture

With on-prem deployment:

  • PHI stays inside your existing HIPAA perimeter
  • AI system falls under your existing security controls
  • No BAAs needed for AI processing (only for source systems you already manage)

On-Prem Model Options

Open-source models suitable for healthcare AI:

  • Llama 3 (70B and 405B)
  • Mixtral 8x22B
  • Domain-specific models fine-tuned for healthcare

Performance approaches cloud models for most enterprise use cases. More on on-prem deployment.

Checklist for HIPAA-Compliant AI Procurement

Before deploying AI that will handle PHI:

Legal/Compliance

  • BAA signed (if cloud deployment)
  • Data use permitted under existing patient authorizations
  • Privacy notices updated to include AI use
  • AI system documented in Notice of Privacy Practices if required

Technical

  • Encryption at rest and in transit verified
  • Access controls integrated with existing identity management
  • Audit logging capturing all PHI access
  • De-identification procedures documented (if using for analytics)

Administrative

  • Workforce training on AI and PHI policies
  • Incident response procedures updated for AI-related incidents
  • Vendor management procedures in place for AI vendors
  • Regular audit schedule established

Risk Assessment

  • AI-specific risk assessment completed
  • PHI data flows mapped for AI system
  • Minimum necessary analysis documented
  • Patient rights procedures updated (access requests, etc.)

The Integration with Existing Healthcare AI

Healthcare AI doesn't exist in isolation. Integration with existing systems:

Epic AI integration: Epic's AI features are covered under your existing Epic BAA. Additional AI layers need separate consideration.

Clinical decision support: AI that influences clinical decisions has additional regulatory considerations beyond HIPAA (FDA, state medical board regulations).

Patient identity resolution: AI systems that link patient data across systems need robust identity resolution—a key capability of institutional knowledge layers.

Getting Started

For healthcare organizations deploying AI, the safest default is on-premises deployment with robust access controls and audit logging. This approach simplifies compliance by keeping PHI inside your existing HIPAA perimeter.

See how Phyvant works with healthcare data → Book a call

Ready to make AI understand your data?

See how Phyvant gives your AI tools the context they need to get things right.

Talk to us