HIPAA Compliance
Enterprise-grade security and absolute privacy for your patient data.
Our Security Philosophy
At Anot Health, security isn't a feature—it's the foundation of our platform. We understand the critical nature of Protected Health Information (PHI) and have built our systems to exceed industry standards for healthcare data protection.
SOC 2 Type II
Independently audited for security, availability, and confidentiality.
Encryption
AES-256 at rest and TLS 1.3 in transit. Your data is never unencrypted.
1. Business Associate Agreement (BAA)
Anot Health enters into a standard Business Associate Agreement with every provider and healthcare organization we serve. This agreement outlines our shared responsibilities in protecting patient data under HIPAA regulations.
2. Access Controls
We implement strict Least Privilege Access (LPA) policies. Only authorized human validators (certified medical scribes) have temporary, audited access to de-identified clinical notes solely for the purpose of clinical verification.
3. AI Safety & Privacy
Your clinical data is never used to train public AI models. Our proprietary models are hosted in private, HIPAA-eligible virtual clouds, ensuring that your patient conversations and chart data remain within your secure environment.
4. Infrastructure Security
- Private Cloud: Dedicated instances for clinical processing.
- Audit Logs: Comprehensive logging of every data access event.
- Data Residency: All data is stored and processed within the United States.
5. Security Inquiries
For a copy of our SOC 2 report or to perform a security audit of our platform, please reach out to our security team at security@anothealth.ai.