PADISO.ai: AI Agent Orchestration Platform - Launching May 2026
Back to Blog
Guide 31 mins

HIPAA and Claude in Healthcare AI Applications

Complete guide to HIPAA compliance with Claude AI in healthcare. Controls, audit prep, implementation steps and practical compliance patterns.

The PADISO Team ·2026-06-01

Table of Contents

  1. Why HIPAA Matters for Claude Deployments
  2. Understanding HIPAA’s Core Requirements
  3. Claude’s Healthcare Positioning and Capabilities
  4. Technical Controls for HIPAA Compliance
  5. Data Handling and Privacy Patterns
  6. Audit Preparation and Evidence Collection
  7. Implementation Framework: PADISO’s Approach
  8. Common Pitfalls and How to Avoid Them
  9. Real-World Deployment Scenarios
  10. Next Steps: Getting Audit-Ready

Why HIPAA Matters for Claude Deployments {#why-hipaa-matters}

Healthcare organisations deploying AI—particularly large language models like Claude—operate in one of the most regulated sectors in the world. The Health Insurance Portability and Accountability Act (HIPAA) isn’t a suggestion; it’s a legal requirement backed by civil penalties ranging from $100 to $50,000 per violation, and criminal penalties for knowing violations.

When you introduce Claude into healthcare workflows, you’re essentially creating a new data processing pathway. Every time Protected Health Information (PHI) enters Claude, every API call, every response, and every storage decision becomes part of your compliance posture. The stakes are concrete: in 2023 alone, the U.S. Department of Health and Human Services Office for Civil Rights settled HIPAA violations exceeding $100 million across multiple organisations.

What makes Claude different from traditional software systems is that it’s a generative model—it learns patterns from input, and those patterns could theoretically be retained or reflected in future outputs. This creates compliance complexity that standard database systems don’t face. You can’t simply encrypt data at rest and assume HIPAA compliance; you need to understand how Claude processes information, where it flows, and how your architecture prevents unauthorised access or disclosure.

The good news: Claude can absolutely be deployed in HIPAA-compliant ways. Anthropic has explicitly positioned Claude for healthcare and life sciences applications, and organisations like yours are already running production healthcare AI systems with Claude at the core. The path forward requires clarity on what HIPAA actually mandates, how Claude fits into that framework, and what evidence you need to demonstrate compliance to auditors.

Understanding HIPAA’s Core Requirements {#understanding-hipaa}

The HIPAA Ruleset: Privacy, Security, and Breach Notification

HIPAA consists of three main regulatory pillars. Understanding each is essential because they create different obligations for Claude deployments.

The Privacy Rule defines what constitutes Protected Health Information (PHI) and establishes patient rights over that information. PHI includes any health information that can identify an individual—names, medical record numbers, dates of service, diagnoses, treatment plans, lab results, and more. The Privacy Rule requires organisations to use and disclose PHI only for permitted purposes (treatment, payment, healthcare operations, and a narrow list of others) and to obtain patient authorisation for other uses.

The Security Rule is where Claude deployments get technical. It mandates administrative, physical, and technical safeguards to protect electronic PHI (ePHI). These safeguards must ensure confidentiality, integrity, and availability of ePHI. The Security Rule doesn’t prescribe specific technologies; instead, it requires a risk-based approach. You must identify where ePHI flows, assess threats to that data, and implement controls proportionate to the risk. This is where HIPAA Administrative Simplification standards become practical: they define the minimum standards for encryption, access controls, audit logging, and incident response.

The Breach Notification Rule requires organisations to notify affected individuals, the media, and the HHS Office for Civil Rights if unsecured PHI is accessed, acquired, used, or disclosed without authorisation. A breach is presumed if there’s no reasonable basis to conclude that unauthorised persons did not acquire information. This rule creates accountability: if Claude processes PHI and that data is exposed, you’re legally obligated to disclose it—and the notification process itself becomes evidence in any regulatory investigation.

Covered Entities and Business Associates

HIPAA distinguishes between two types of organisations: Covered Entities and Business Associates. Covered Entities include healthcare providers (hospitals, clinics, therapists), health plans (insurance companies, HMOs), and healthcare clearinghouses. Business Associates are organisations that handle PHI on behalf of a Covered Entity—think billing companies, cloud storage providers, or AI service providers.

This distinction matters for Claude deployments. If you’re a healthcare provider using Claude to analyse patient notes, you’re a Covered Entity and you’re directly liable for HIPAA compliance. If you’re a third-party vendor providing Claude-powered services to healthcare providers, you’re likely a Business Associate, and you need a Business Associate Agreement (BAA) in place with your customers.

Anthropus doesn’t provide a standard BAA for Claude API access. This means if you’re processing PHI through Claude’s standard API, you’re technically violating HIPAA because there’s no contractual assurance that Anthropic will safeguard that data. However, Anthropic’s healthcare positioning suggests they’re developing healthcare-specific infrastructure. The path forward for many organisations is either: (1) using Anthropic’s healthcare-grade offerings if available in your region, (2) deploying Claude through a vendor that has a HIPAA-compliant wrapper and BAA in place, or (3) architecting your system so that PHI never directly enters Claude’s API.

De-identification and Minimum Necessary

Two concepts underpin practical HIPAA compliance with Claude. De-identification means removing or obscuring identifiers so that information can no longer reasonably identify an individual. HIPAA recognises two methods: the Safe Harbor method (removing 18 specific identifiers) and the Expert Determination method (having a qualified statistician certify de-identification).

If you de-identify patient data before sending it to Claude, you’ve removed it from HIPAA’s scope. A de-identified note that reads “Patient presents with hypertension, on lisinopril 10mg daily” is no longer PHI. Claude can process it freely, and you’ve eliminated a major compliance risk. The trade-off: de-identification reduces the clinical utility of Claude’s analysis in some cases, because context clues that would help Claude provide better recommendations are removed.

The Minimum Necessary principle requires that you use and disclose only the PHI necessary to accomplish a specific purpose. If Claude needs to analyse a patient’s medication list but not their entire medical history, send only the medication list. This principle applies to every Claude interaction: you’re not just complying with HIPAA by accident; you’re actively designing workflows to minimise PHI exposure.

Claude’s Healthcare Positioning and Capabilities {#claude-healthcare}

Anthropic’s Healthcare Infrastructure

Anthropic has announced Claude for Healthcare and Life Sciences, signalling a commitment to regulated healthcare deployments. This positioning matters because it means Anthropic understands the compliance landscape and is building infrastructure to address it.

Key capabilities in Anthropic’s healthcare offering include:

  • HIPAA-ready infrastructure: Anthropic is developing deployment options that include contractual assurances around data handling, encryption, and audit logging—the foundations of a HIPAA-compliant relationship.
  • Life sciences knowledge: Claude has been trained on biomedical literature, clinical guidelines, and healthcare domain knowledge, making it more capable than general-purpose models for clinical tasks.
  • Compliance-aware design: Anthropic’s healthcare offering is designed with compliance in mind, including features like audit trails, data retention controls, and regional data residency options.

However, availability varies by region and use case. If you’re in Australia or operating under specific healthcare regulations (like the TGA for medical devices), you’ll need to verify that Anthropic’s healthcare infrastructure meets your local requirements.

What Claude Can and Cannot Do in Healthcare

Understanding Claude’s capabilities and limitations is essential for compliance. Claude excels at:

  • Clinical documentation analysis: Reviewing notes, extracting relevant information, and summarising findings for clinical decision support.
  • Guideline interpretation: Referencing clinical guidelines, protocols, and evidence-based practices to support treatment decisions.
  • Patient education: Generating explanatory materials, discharge instructions, and educational content tailored to patient populations.
  • Workflow automation: Triaging incoming messages, scheduling appointments, and routing cases to appropriate clinicians.
  • Research support: Analysing published literature, identifying relevant studies, and synthesising findings for clinicians.

Claude cannot and should not:

  • Replace clinical judgment: Claude’s outputs are suggestions, not diagnoses. Clinicians must review and validate every recommendation.
  • Handle real-time critical care: Claude is not suitable for emergency departments or intensive care units where millisecond latency and 100% reliability are non-negotiable.
  • Guarantee privacy through obscurity: Claude’s outputs should never be treated as inherently private; they’re only private if your architecture ensures it.
  • Provide regulatory guarantees: Anthropic cannot promise that Claude will never be breached, that data will never be accessed, or that your organisation will pass a compliance audit. Those are your responsibilities.

The practical implication: Claude is a tool within a larger healthcare system. It amplifies clinician capability, but it doesn’t replace the governance, architecture, and operational discipline that HIPAA requires.

Technical Controls for HIPAA Compliance {#technical-controls}

Data Classification and Flow Mapping

Before you write a single line of code, you need a precise map of where PHI flows in your Claude deployment. This isn’t optional—it’s the foundation of your risk assessment and your audit evidence.

Start by classifying data at every stage:

  • Input data: What information enters Claude? Patient names, medical record numbers, diagnoses, lab values, medication lists, clinical notes?
  • Processing: How does Claude process that data? Is it sent to Anthropic’s API, processed locally, or handled through a third-party wrapper?
  • Output data: What does Claude return? Does it include identifiers, clinical recommendations, or de-identified summaries?
  • Storage: Where are inputs and outputs stored after processing? In your EHR, a data warehouse, logs, or a combination?
  • Retention: How long is PHI retained? When is it deleted?
  • Access: Who can access data at each stage? Clinicians, administrators, developers, auditors?

This mapping becomes your control inventory. For each data flow, you’ll identify HIPAA requirements and map them to specific technical controls. If patient names flow into Claude and then into logs, you need controls to ensure those logs are encrypted, access-restricted, and audited. If de-identified data flows into Claude, you need evidence that de-identification was performed correctly.

Encryption: In Transit and At Rest

Encryption is a foundational HIPAA control. The Security Rule requires that you encrypt ePHI in transit (over networks) and at rest (in storage). This is non-negotiable.

In-transit encryption means using TLS 1.2 or higher for all communication between your systems and Claude’s API, between your frontend and backend, and between any systems that exchange PHI. This should be automatic if you’re using standard HTTPS connections and modern libraries, but you need to verify it. Test your API calls; confirm that they’re using TLS 1.2 or higher. If you’re integrating Claude through a third-party healthcare wrapper, verify their encryption standards.

At-rest encryption means encrypting data stored in databases, logs, backups, and archives. The standard approach:

  • Use AES-256 encryption for databases containing PHI.
  • Encrypt application logs that might contain PHI (or better: don’t log PHI at all).
  • Encrypt backups and ensure encryption keys are stored separately from backups.
  • Encrypt temporary files created during Claude processing.

Key management is critical. Encryption keys must be:

  • Stored separately from encrypted data (not in the same database or file system).
  • Rotated regularly (at least annually, more frequently for highly sensitive environments).
  • Access-controlled so that only authorised systems and administrators can retrieve them.
  • Audited so that every key access is logged and reviewed.

Many healthcare organisations use cloud key management services (AWS KMS, Azure Key Vault, Google Cloud KMS) to handle this. These services provide audit trails, automatic rotation, and access controls that are difficult to replicate in-house.

Access Controls and Authentication

HIPAA requires that only authorised individuals access PHI. This means:

  • Role-based access control (RBAC): Define roles (clinician, administrator, analyst) and assign permissions based on role. A clinician should access their own patient’s data; an administrator should access system configuration but not clinical data.
  • Multi-factor authentication (MFA): Require MFA for any user accessing systems that process PHI. This prevents credential compromise from leading to unauthorised access.
  • Principle of least privilege: Give users the minimum access necessary to perform their job. If a clinician only needs to see medication lists, don’t give them access to entire medical records.
  • Session management: Automatically log out inactive sessions, limit session duration, and prevent session hijacking through secure session tokens.
  • API authentication: If Claude is accessed through APIs, use strong authentication (OAuth 2.0, API keys with rotation, mutual TLS) and restrict API access to authorised applications only.

For Claude specifically, this means:

  • Restrict Claude API access to specific applications or services that have been vetted for HIPAA compliance.
  • Use separate API keys for different environments (development, staging, production) and rotate them regularly.
  • Log all Claude API calls, including the user/service that initiated the call, the timestamp, and the type of data processed.
  • Implement rate limiting and anomaly detection to catch unusual access patterns that might indicate compromise.

Audit Logging and Monitoring

Audit logs are your evidence that HIPAA controls are working. They’re also your early warning system for breaches. The Security Rule requires that you log and review access to PHI.

Minimum audit log requirements:

  • What: Record what action was taken (read, write, delete, export).
  • Who: Record which user or service performed the action (use unique identifiers, not shared accounts).
  • When: Record the exact timestamp (use NTP-synchronised clocks).
  • Where: Record which system or resource was accessed.
  • Result: Record whether the action succeeded or failed.

For Claude deployments, audit logs should include:

  • Every Claude API call that processes PHI, including the user/service that initiated it, the timestamp, and a hash or summary of the input (not the full input, to avoid logging PHI).
  • Every access to stored Claude outputs or related data.
  • Every modification to access controls or encryption keys.
  • Every failed authentication attempt.
  • Every system alert or anomaly detection event.

Logs must be:

  • Stored separately from production systems (so a breach of production doesn’t compromise logs).
  • Encrypted and access-restricted.
  • Retained for at least 6 years (HIPAA requirement).
  • Reviewed regularly (at least monthly, ideally continuously through automated monitoring).

Automated monitoring tools can alert you to suspicious patterns: multiple failed login attempts, access to PHI outside normal hours, unusual data volumes, or API calls from unexpected locations. These alerts should trigger investigation and documentation.

Data Handling and Privacy Patterns {#data-handling}

De-identification Strategies

De-identification is one of the most powerful compliance tools available. If you can de-identify data before it reaches Claude, you’ve eliminated a major HIPAA risk.

The Safe Harbor method removes 18 specific identifiers:

  1. Names
  2. Medical record numbers
  3. Health plan beneficiary numbers
  4. Account numbers
  5. Certificate or license numbers
  6. Vehicle identifiers and serial numbers
  7. Device identifiers and serial numbers
  8. Web URLs
  9. Internet Protocol (IP) addresses
  10. Biometric identifiers
  11. Full-face photographic images
  12. Any other unique identifying numbers, characteristics, or codes
  13. Dates (except year) related to an individual
  14. Telephone numbers
  15. Fax numbers
  16. Electronic mail addresses
  17. Social Security numbers
  18. Geographic subdivisions smaller than state

If you remove all 18 identifiers, the data is de-identified under HIPAA and no longer requires the same protections. For Claude deployments, this is valuable: you can send de-identified clinical notes to Claude for analysis without triggering HIPAA obligations around Business Associate Agreements or encryption.

In practice, de-identification for Claude might look like:

Original note:
"John Smith (MRN 12345) presents with hypertension. 
Visit date: 2024-01-15. Lives in Sydney NSW 2000. 
On lisinopril 10mg daily. BP 145/92."

De-identified version:
"Patient presents with hypertension. Visit year: 2024. 
On lisinopril 10mg daily. BP 145/92."

Claude can still provide useful clinical analysis on the de-identified version, but the compliance burden is dramatically reduced.

The Expert Determination method offers more flexibility. If a qualified statistician certifies that the risk of re-identification is very small, you can retain more information while still being de-identified. This is more complex and requires expert involvement, but it can preserve clinical utility when Safe Harbor is too aggressive.

Handling PHI in Claude Workflows

When you do need to send PHI to Claude (because de-identification isn’t sufficient), you need architectural patterns that minimise risk.

Pattern 1: Request-Response with No Retention

Send PHI to Claude for a specific task, receive the response, and immediately delete the input. This is the simplest pattern:

1. User requests: "Summarise this patient's medications"
2. Application sends PHI to Claude API
3. Claude processes and returns summary
4. Application receives summary and deletes the PHI from memory
5. Application stores only the summary (which may be de-identified)

This pattern works for one-off analysis tasks. The compliance advantage: PHI is never stored in your systems, only transmitted. Your audit trail shows that PHI was processed, but it doesn’t contain the actual PHI.

Pattern 2: Tokenised Processing

Replace PHI with tokens before sending to Claude, then map tokens back to PHI only when necessary:

1. Original: "Patient John Smith (MRN 12345) has diabetes"
2. Tokenised: "Patient [TOKEN_PATIENT_1] (MRN [TOKEN_MRN_1]) has diabetes"
3. Send tokenised version to Claude
4. Claude processes tokenised data
5. Map tokens back to original identifiers only in secure, audited context

This pattern allows Claude to understand context (the model knows it’s processing patient information) while PHI never appears in Claude’s input. Your logs contain only tokens, not identifiers.

Pattern 3: Federated Analysis

Keep PHI in your secure environment and have Claude analyse only aggregated or derived data:

1. Your system: Query database for all patients with hypertension
2. Your system: Generate summary statistics (mean age, medication distribution)
3. Send summary to Claude
4. Claude: "Based on this population, consider X treatment approach"

This pattern is most useful for population health and quality improvement analyses. PHI never leaves your secure environment; only aggregated insights reach Claude.

Business Associate Agreements and Vendor Management

If you’re using Claude through a third-party vendor (not directly through Anthropic), that vendor should have a Business Associate Agreement (BAA) in place. A BAA is a contract that establishes:

  • What data the vendor will process (scope of PHI).
  • How the vendor will protect that data (encryption, access controls, audit logging).
  • What happens if there’s a breach (notification, remediation, liability).
  • The vendor’s obligations to cooperate with audits and investigations.

If you’re a healthcare provider and you’re using a Claude-powered service to process PHI, you need a BAA. If the vendor doesn’t offer one, you cannot legally send PHI to that service.

When evaluating vendors, ask:

  • Do you have a BAA template?
  • What encryption standards do you use?
  • How long do you retain data?
  • What audit certifications do you have (SOC 2, ISO 27001)?
  • How do you handle breaches?
  • Can you provide evidence of your controls (audit reports, security documentation)?
  • What’s your incident response process?

PADISO’s Security Audit service helps healthcare organisations get audit-ready, including vendor assessment and BAA management. If you’re building a Claude-powered healthcare system, you’ll need to assess not just your own controls but also the controls of any third-party services you use.

Audit Preparation and Evidence Collection {#audit-preparation}

Building Your Compliance Evidence Portfolio

When a HIPAA auditor arrives (or when you’re preparing for an enterprise healthcare customer to conduct due diligence), you need evidence that your Claude deployment is compliant. This evidence includes:

  • Risk Assessment Documentation: A written risk assessment that identifies where PHI flows, what threats exist, and what controls mitigate those threats. This should be specific to your Claude deployment, not a generic healthcare risk assessment.
  • Policies and Procedures: Written policies covering data handling, access controls, encryption, breach response, and vendor management. These should reference Claude specifically where relevant.
  • System Architecture Diagrams: Visual documentation of how Claude integrates with your systems, where PHI flows, and what controls are in place at each step.
  • Encryption Evidence: Documentation of encryption standards used (TLS version, cipher suites, key management), including test results or security assessments.
  • Access Control Configuration: Documentation of user roles, permissions, and authentication mechanisms, including audit logs showing that access controls are enforced.
  • Audit Logs: Months of audit logs (typically 6 months minimum) showing all access to PHI, all Claude API calls, and all system changes.
  • Incident Response Records: Documentation of any security incidents, how they were investigated, and what remediation was taken.
  • Training Records: Evidence that staff have been trained on HIPAA and Claude-specific compliance requirements.
  • Vendor Assessments: Documentation of third-party vendors (including Anthropic if you’re using their healthcare offering), their compliance certifications, and their BAAs.
  • Penetration Test Results: Third-party security testing results showing that your systems can withstand attacks.

This evidence portfolio is built continuously, not assembled at audit time. You’re collecting evidence as you build and operate your system.

Working with Vanta and Compliance Platforms

PADISO works with Vanta to help organisations achieve SOC 2 and ISO 27001 compliance, and these certifications are increasingly expected by healthcare customers even if they’re not HIPAA-specific.

Vanta is a compliance automation platform that continuously monitors your systems and generates evidence for compliance audits. For Claude deployments, Vanta can:

  • Monitor encryption status of databases and backups.
  • Track access controls and user permissions.
  • Collect and analyse audit logs.
  • Monitor patch management and system updates.
  • Verify multi-factor authentication enforcement.
  • Generate audit-ready reports.

The advantage: instead of manually collecting evidence, Vanta continuously verifies compliance and generates reports that auditors can review. This is particularly valuable for healthcare organisations because compliance is ongoing, not a one-time event.

If you’re building a Claude-powered healthcare system and you need to demonstrate compliance to enterprise customers, SOC 2 Type II certification (which includes a 6-month audit period) is a strong signal. It doesn’t replace HIPAA compliance, but it demonstrates that your security controls are independently verified.

Preparing for Regulatory Investigations

If there’s a breach or a complaint, regulators will investigate. Preparation means:

  • Incident Response Plan: A written, tested plan for responding to security incidents. This should cover detection, containment, investigation, notification, and remediation.
  • Breach Assessment Procedures: A documented process for determining whether an incident constitutes a breach under HIPAA (i.e., whether unsecured PHI was accessed).
  • Notification Procedures: A process for notifying affected individuals, media, and regulators within the required timeframes (typically 60 days).
  • Forensic Readiness: Systems and procedures that allow you to investigate incidents thoroughly, including log retention, chain of custody for evidence, and access to forensic tools.

For Claude specifically, your incident response plan should address:

  • What happens if Claude’s API is compromised? (Answer: your encryption and access controls prevent PHI from being exposed even if the API is breached.)
  • What happens if a user accidentally sends PHI to Claude? (Answer: you have procedures to request deletion, notify affected individuals, and investigate how the accident occurred.)
  • What happens if your authentication is compromised and an attacker gains access to your Claude API key? (Answer: you have audit logs showing the attacker’s activities, you can rotate the key, and you can investigate what data was accessed.)

Implementation Framework: PADISO’s Approach {#implementation-framework}

Phase 1: Assessment and Architecture Design

When PADISO partners with healthcare organisations deploying Claude, we start with a comprehensive assessment. This isn’t a checkbox exercise; it’s a deep dive into your current state, your compliance obligations, and your desired Claude use cases.

The assessment covers:

  • Current State: What systems do you have? Where is PHI stored? Who accesses it? What are your existing compliance controls?
  • Threat Landscape: What are the realistic threats to your Claude deployment? (Insider threats, external attacks, accidental disclosure, vendor compromise.)
  • Use Case Analysis: What specific problems are you solving with Claude? How much PHI does each use case require? Can de-identification work?
  • Regulatory Landscape: Are you subject to HIPAA? Other regulations? What do your healthcare customers require?
  • Compliance Gaps: Where are your current controls insufficient? What needs to be built or improved?

Based on this assessment, we design an architecture that:

  • Minimises PHI exposure (through de-identification where possible, tokenisation where necessary, and request-response patterns with no retention).
  • Implements defence-in-depth (encryption, access controls, audit logging, monitoring).
  • Is operationally sustainable (your team can manage it, audit it, and respond to incidents).
  • Provides evidence for compliance (every control generates audit trails and documentation).

For healthcare organisations in Boston, we’ve helped biotech and pharma companies design HIPAA-aware data platforms with Claude integration. In Philadelphia, we’ve worked with healthcare systems to build clinical pipeline integrations with SOC 2 architecture. In Houston, we’ve designed HIPAA-aware data pipelines for healthcare operations.

Phase 2: Technical Implementation

Once architecture is defined, we implement the technical controls. This includes:

  • Infrastructure Setup: Secure cloud environments (AWS, Azure, GCP) with encryption, network isolation, and audit logging configured from day one.
  • Claude Integration: Connecting Claude through secure channels, implementing tokenisation or de-identification where needed, and setting up request-response patterns that don’t retain PHI.
  • Access Control Implementation: Building role-based access control, multi-factor authentication, and API authentication for Claude.
  • Encryption: Implementing AES-256 encryption for data at rest, TLS 1.2+ for data in transit, and secure key management.
  • Audit Logging: Setting up comprehensive logging for all PHI access, Claude API calls, and system changes.
  • Monitoring and Alerting: Implementing real-time monitoring for suspicious activity, failed access attempts, and anomalies.

In San Diego, we’ve built secure isolated data platforms for biotech companies that integrate Claude while maintaining HIPAA compliance. In San Francisco, we’ve designed production AI platforms with the evals, observability and cost control that diligence expects.

Phase 3: Compliance and Audit Readiness

Once technical controls are in place, we build the compliance evidence portfolio:

  • Documentation: Writing risk assessments, policies, procedures, and architecture documentation specific to your Claude deployment.
  • Evidence Collection: Setting up systems to continuously collect audit logs, access control configurations, and compliance metrics.
  • Vendor Assessment: Evaluating Anthropic’s healthcare offering (if you’re using it) and any third-party vendors, ensuring BAAs are in place.
  • Testing: Conducting penetration tests, security assessments, and compliance walkthroughs to identify gaps before auditors do.
  • Training: Ensuring your team understands HIPAA requirements, your specific controls, and their role in maintaining compliance.

PADISO’s AI Quickstart Audit is a fixed-fee, 2-week diagnostic that tells you where you actually are, what to ship first, what to retire, and what 90 days could unlock. For healthcare organisations, this audit includes a HIPAA compliance assessment specific to your Claude deployment.

Phase 4: Ongoing Operations and Compliance

Compliance isn’t a one-time event. We help healthcare organisations establish ongoing compliance operations:

  • Continuous Monitoring: Using tools like Vanta to continuously verify that encryption is in place, access controls are enforced, and audit logs are being collected.
  • Regular Audits: Conducting internal compliance audits quarterly to identify drift or new risks.
  • Incident Response: Testing your incident response plan, maintaining forensic readiness, and responding quickly if incidents occur.
  • Vendor Management: Regularly assessing third-party vendors, reviewing their security posture, and ensuring BAAs remain current.
  • Training and Awareness: Keeping your team current on HIPAA requirements and Claude-specific risks.

Common Pitfalls and How to Avoid Them {#common-pitfalls}

Pitfall 1: Sending PHI Directly to Claude Without a BAA

The Risk: You send patient data to Claude’s standard API. Anthropic doesn’t have a BAA with you, so you’ve violated HIPAA. If there’s a breach, you’re liable.

How to Avoid It: Before sending any PHI to Claude, verify that you have a contractual relationship (BAA) in place. If you’re using Anthropic’s standard API, either de-identify data first or use Anthropic’s healthcare-specific offering (if available in your region). If you’re using a third-party vendor, ensure their BAA is in place and reviewed by your legal team.

Pitfall 2: Logging PHI in Application Logs

The Risk: Your application logs Claude inputs and outputs for debugging. Those logs contain PHI. Logs are stored unencrypted in a shared logging service. An attacker gains access to logs and exfiltrates PHI.

How to Avoid It: Don’t log PHI. If you need to log Claude interactions for debugging, log only hashes or summaries of inputs, not the actual data. Encrypt all logs that might contain PHI. Restrict access to logs. Retain logs only as long as necessary (typically 90 days for debugging, 6 years for compliance).

Pitfall 3: Assuming Encryption is Enough

The Risk: You encrypt data at rest and in transit. You assume you’re compliant. But you don’t have access controls, so any employee can decrypt and access any patient’s data. You don’t have audit logging, so you don’t know who accessed what.

How to Avoid It: Encryption is necessary but not sufficient. Implement defence-in-depth: encryption + access controls + audit logging + monitoring. Each layer should work independently so that a breach of one layer doesn’t compromise everything.

Pitfall 4: Not De-identifying When You Can

The Risk: You send full patient records to Claude for analysis, including names and medical record numbers. You implement all the technical controls, but you’ve created unnecessary compliance burden. You’ve also created unnecessary privacy risk because more people can potentially access the data.

How to Avoid It: Before you implement technical controls, ask: can this data be de-identified? If yes, de-identify it. This is often simpler and more effective than implementing complex encryption and access control schemes. Claude can often provide useful analysis on de-identified data.

Pitfall 5: Building Compliance Evidence Only at Audit Time

The Risk: You build a compliant system but don’t document it. When an auditor arrives, you scramble to collect evidence. You find that you didn’t retain audit logs, you don’t have documented policies, and you can’t prove that your controls work.

How to Avoid It: Build compliance evidence continuously. As you implement controls, document them. As you operate the system, collect audit logs. Use tools like Vanta to automate evidence collection. By the time an auditor arrives, your evidence portfolio is complete.

Pitfall 6: Misunderstanding De-identification

The Risk: You remove names from patient records and assume they’re de-identified. But you retain dates of service, diagnoses, and rare conditions. An attacker combines this with public records and re-identifies patients.

How to Avoid It: Use the Safe Harbor method (remove all 18 identifiers) or have a qualified statistician certify de-identification using the Expert Determination method. Don’t invent your own de-identification scheme. If you’re unsure whether data is de-identified, treat it as PHI and apply full HIPAA controls.

Real-World Deployment Scenarios {#deployment-scenarios}

Scenario 1: Clinical Documentation Summarisation

A healthcare provider wants to use Claude to automatically summarise clinical notes, reducing documentation burden on clinicians.

The Challenge: Clinical notes contain full PHI—names, medical record numbers, dates, diagnoses, treatment plans.

The PADISO Approach:

  1. De-identification: Remove identifiers from notes before sending to Claude. Replace dates with relative time (“3 days ago” instead of “2024-01-15”). Replace names with role descriptions (“patient” instead of “John Smith”).
  2. Request-Response Pattern: Send de-identified note to Claude, receive summary, delete the note from memory. Store only the summary.
  3. Audit Logging: Log that a note was summarised, by whom, and when. Don’t log the note content itself.
  4. Access Control: Only the clinician who wrote the note can request summarisation. Summaries are stored in the EHR with standard access controls.
  5. Evidence: Audit logs show all summarisation requests. De-identification procedures are documented. Claude is processing de-identified data, so HIPAA controls are simplified.

Outcome: Clinicians save 30% of documentation time. HIPAA compliance is straightforward because PHI never reaches Claude.

Scenario 2: Population Health Analytics

A health plan wants to use Claude to analyse population health trends and identify high-risk patients for intervention programs.

The Challenge: Identifying high-risk patients requires clinical data, but sending individual patient records to Claude creates compliance complexity.

The PADISO Approach:

  1. Federated Analysis: Keep patient records in the health plan’s secure environment. Query the database for aggregated statistics (e.g., “1,200 patients with hypertension, mean age 58, 45% on ACE inhibitors”).
  2. Claude Processing: Send aggregated statistics to Claude. Claude identifies patterns and recommends intervention strategies.
  3. Specific Patient Identification: Once Claude identifies a high-risk cohort (e.g., “older patients with hypertension not on ACE inhibitors”), the health plan queries its database to identify specific patients. Claude is not involved in individual patient identification.
  4. Audit Logging: Log that aggregated data was sent to Claude, what Claude recommended, and which patients were identified for intervention. Individual patient data never appears in logs.
  5. Evidence: Audit logs show only aggregated data processing. Individual PHI remains in the health plan’s secure environment. HIPAA controls are minimal because Claude never processes PHI.

Outcome: Health plan identifies 300 high-risk patients for intervention, preventing an estimated $2M in preventable complications. HIPAA compliance is straightforward because Claude processes only aggregated data.

Scenario 3: Multi-Tenant SaaS Platform

A healthcare software vendor builds a SaaS platform that uses Claude to provide clinical decision support across multiple healthcare organisations.

The Challenge: Each customer’s PHI must be isolated. Claude API access must be controlled. Audit logs must show which customer’s data was processed. Breach of one customer’s data must not affect others.

The PADISO Approach:

  1. Tenant Isolation: Each customer has a separate database schema, encryption keys, and API credentials. Customer A’s data is completely isolated from Customer B’s data.
  2. Tokenisation: Before sending data to Claude, the platform tokenises PHI. Tokens are unique per customer and per data element. Claude processes tokenised data, not actual PHI.
  3. Claude Integration: Each customer has separate Claude API credentials (or the platform has a single credential but logs which customer initiated each request). Requests are rate-limited and monitored per customer.
  4. Audit Logging: Every Claude API call is logged with the customer ID, user ID, timestamp, and a hash of the tokenised input. If a breach occurs, audit logs show exactly which customer’s data was affected.
  5. BAAs: The platform has BAAs with each customer, and each BAA references the specific controls (tokenisation, isolation, encryption, audit logging) that protect that customer’s data.
  6. Compliance Evidence: The platform provides each customer with evidence of their specific controls, audit logs for their data, and compliance certifications (SOC 2, ISO 27001).

Outcome: Healthcare organisations can confidently use the platform for clinical decision support. The platform achieves SOC 2 Type II certification and wins enterprise contracts. HIPAA compliance is demonstrated through technical controls and audit evidence.

Next Steps: Getting Audit-Ready {#next-steps}

Immediate Actions (Week 1-2)

  1. Map Your Data Flows: Document where PHI flows in your Claude deployment. Create a diagram showing inputs, processing, outputs, and storage.
  2. Classify Your Data: For each data flow, determine whether data is PHI, de-identified, or aggregated. If it’s PHI, document why de-identification isn’t feasible.
  3. Assess Your Current Controls: Document what encryption, access controls, and audit logging you currently have in place.
  4. Identify Gaps: Compare your current controls to HIPAA requirements. Where are you compliant? Where are you missing controls?
  5. Review Vendor Relationships: If you’re using Claude through a vendor, request their BAA and compliance documentation. If you’re using Anthropic directly, determine whether you need to use their healthcare offering or implement alternative controls.

Short-Term Actions (Week 3-8)

  1. Implement Technical Controls: Based on your gap analysis, implement encryption, access controls, and audit logging. Prioritise controls that address the highest risks.
  2. De-identify Where Possible: For data flows that can be de-identified, implement de-identification procedures. Test them to ensure they work correctly.
  3. Build Documentation: Write risk assessments, policies, procedures, and architecture documentation. Be specific about Claude.
  4. Set Up Compliance Monitoring: Implement audit logging and monitoring. Start collecting evidence that controls are working.
  5. Conduct Internal Testing: Perform penetration tests or security assessments to identify vulnerabilities before auditors do.

Medium-Term Actions (Week 9-16)

  1. Achieve Compliance Certifications: Work toward SOC 2 Type II or ISO 27001 certification. These provide independent verification of your controls and are increasingly expected by healthcare customers.
  2. Conduct Formal Compliance Audit: Have an independent auditor review your Claude deployment and provide a formal compliance assessment.
  3. Implement Incident Response: Test your incident response plan. Conduct tabletop exercises to prepare for breach scenarios.
  4. Train Your Team: Ensure everyone involved in Claude deployment understands HIPAA requirements and your specific controls.
  5. Establish Ongoing Compliance Operations: Set up quarterly compliance reviews, continuous monitoring, and regular vendor assessments.

Getting Help

If you’re building a Claude-powered healthcare system, consider partnering with experienced advisors. PADISO provides fractional CTO and CTO advisory services for healthcare, biotech, and pharma teams navigating regulated architecture and compliance. We’ve helped teams in Boston, Philadelphia, Houston, San Diego, San Francisco, Seattle, and Atlanta build compliant AI systems.

Our Security Audit service gets you audit-ready in weeks, not months, using PADISO + Vanta to achieve SOC 2, ISO 27001, and GDPR compliance. Our AI Quickstart Audit is a fixed-fee, 2-week diagnostic that tells you where you actually are with Claude compliance and what 90 days could unlock.

See how we’ve helped other healthcare organisations build, scale, and transform with AI and modern technology. Our Services page outlines the full range of support we provide: from CTO as a Service to custom software development to AI automation.

Conclusion: HIPAA Compliance is Achievable

HIPAA and Claude can coexist. Thousands of healthcare organisations are already deploying large language models in regulated environments. The path forward isn’t to avoid Claude; it’s to deploy Claude thoughtfully, with clear understanding of HIPAA requirements, deliberate architectural choices, and continuous evidence collection.

The organisations winning in healthcare AI aren’t the ones with the most sophisticated models; they’re the ones with the clearest compliance posture and the strongest evidence that their systems are secure. When you can demonstrate that your Claude deployment is encrypted, access-controlled, audited, and continuously monitored—and when you have evidence to back that up—you win enterprise deals, you pass audits, and you build trust with patients and regulators.

Start with your data flows. Understand what PHI you have and where it goes. De-identify where possible. Implement defence-in-depth controls where you can’t de-identify. Build compliance evidence continuously. And if you need guidance, reach out to PADISO. We’ve built this path for dozens of healthcare organisations, and we can help you navigate it too.

Want to talk through your situation?

Book a 30-minute call with Kevin (Founder/CEO). No pitch — direct advice on what to do next.

Book a 30-min call