Built for healthcare. Audited like it.

Replicate.Health is built for healthcare. We assume PHI from day one, design every system around minimum-necessary access, and treat every external action as a logged, reviewable event. Our security program follows the HIPAA Security Rule, NIST CSF, and the AICPA Trust Services Criteria for SOC 2.

HIPAA

We operate as a Business Associate. BAAs are signed with every covered entity prior to handling PHI.

SOC 2 Type II In progress

Type II audit in progress. Report available under NDA once complete.

HITRUST CSF In progress

Currently in assessment.

NIST CSF

Aligned across Identify, Protect, Detect, Respond, and Recover functions.

Encryption

TLS 1.3 in transit. AES-256 at rest. Keys managed in dedicated KMS with strict rotation.

Residency

PHI processed in US-based regions only. No cross-border transfer.

Retention

Customer-defined retention windows. Defaults align with HIPAA minimum-necessary rule.

PHI minimization

Agents access only the fields needed for the task. PHI is automatically redacted from logs where it is not required for audit.

RBAC

Role-based access control with least-privilege defaults.

MFA

Multi-factor authentication required for all employee and customer accounts.

SSO

SAML/OIDC supported on enterprise plans. Okta and Microsoft Entra ID tested.

Audit logs

Every action — every prompt, every external call, every approval, every output — is logged, immutable, and exportable.

A current list of subprocessors is maintained at /legal/subprocessors. Customers are notified of additions before they take effect.

Penetration testing In progress

Annual third-party penetration testing scheduled.

Dependency scanning

Continuous SCA on every commit. Critical CVEs patched within 24 hours.

Incident response

24-hour notification of confirmed security incidents affecting customer data; full forensic report within 30 days.

No PHI training

Customer PHI is never sent to general-purpose foundation models for training.

BAA-covered LLM access

Where third-party LLM APIs are used (e.g., AWS Bedrock, Azure OpenAI), they are accessed under signed BAAs with zero data retention configured.

Prompt logging

Prompts and outputs are logged in our environment, not the vendor's. Logs are auditable and PHI-redacted by default.

Red-team practices

Adversarial review of agent behavior on edge cases — refusal, escalation, hallucination, and prompt injection.

BAA template

Available on request.

Security whitepaper

PDF available on request.

Audit request

Use the form on /demo or email security@replicate.health to request an audit.