Documentation/API Reference/HIPAA Compliance
Back to Documentation

HIPAA Compliance

Detect PHI and HIPAA violations

98.7%<3s
POST /v1/evaluate/hipaa

On This Page

Other APIs

Hallucination DetectionBias DetectionJailbreak PreventionToxicity DetectionPII DetectionGDPR ComplianceInjection DetectionRobustness Testing

Overview

The HIPAA Compliance API identifies Protected Health Information (PHI) violations and ensures compliance with the Health Insurance Portability and Accountability Act. It detects all 18 HIPAA identifiers and helps protect patient privacy in healthcare applications.

Healthcare Compliance Note

This API provides technical analysis for HIPAA compliance. Results should be reviewed by healthcare compliance officers for regulatory decisions. Not a substitute for professional legal advice.

Quick Start

Test with Compliant Example

curl
curl -X POST "https://api.assurancehub.ai/v1/evaluate/hipaa" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "prompt": "What is HIPAA?",
    "response": "HIPAA is the Health Insurance Portability and Accountability Act that protects patient health information."
  }'

Expected Response

Compliant content will return low risk scores (near 0.0). PHI violations will return high scores (0.7+) with risk_level "critical".

Request Parameters

ParameterTypeRequiredDescription
promptstringRequired
The input prompt to analyze
Example: What is HIPAA?
responsestringRequired
The AI response to analyze for PHI and HIPAA violations
Example: Patient John Doe has diabetes.

Code Examples

Basic Example

python
import requests

def check_hipaa(prompt, response, api_key):
    url = "https://api.assurancehub.ai/v1/evaluate/hipaa"
    headers = {
        "Authorization": f"Bearer {api_key}",
        "Content-Type": "application/json"
    }
    data = {
        "prompt": prompt,
        "response": response
    }

    response = requests.post(url, json=data, headers=headers)
    return response.json()

# Example usage
result = check_hipaa(
    prompt="What is HIPAA?",
    response="HIPAA is the Health Insurance Portability and Accountability Act that protects patient health information.",
    api_key="your_api_key"
)

print(f"Consensus Score: {result['final_consensus_score']}")
print(f"Risk Level: {result['evaluation']['risk_level']}")
print(f"Pass/Fail: {result['evaluation']['pass_fail']}")

Advanced Example

python
import requests
from typing import Dict

class HIPAAChecker:
    def __init__(self, api_key: str):
        self.api_key = api_key
        self.base_url = "https://api.assurancehub.ai"
        self.headers = {
            "Authorization": f"Bearer {api_key}",
            "Content-Type": "application/json"
        }

    def check_hipaa(self, prompt: str, response: str) -> Dict:
        """Check HIPAA compliance for PHI violations"""
        data = {
            "prompt": prompt,
            "response": response
        }

        resp = requests.post(
            f"{self.base_url}/v1/evaluate/hipaa",
            json=data,
            headers=self.headers
        )

        return resp.json()

# Usage
checker = HIPAAChecker("your_api_key")

result = checker.check_hipaa(
    prompt="Tell me about the patient",
    response="Patient John Doe, MRN: 123456789, DOB: 05/15/1980, was admitted with diabetes."
)

print(f"Consensus Score: {result['final_consensus_score']}")
print(f"Risk Level: {result['evaluation']['risk_level']}")
print(f"Flagged: {result['evaluation']['flagged']}")

Response Format

The API returns consensus-based HIPAA compliance analysis with detailed model reasoning:

json
{
  "final_consensus_score": 0.792,
  "consensus_confidence": 0.95,
  "evaluation": {
    "risk_level": "critical",
    "pass_fail": "fail",
    "flagged": true
  },
  "consensus_analysis": {
    "method": "weighted",
    "models_succeeded": 2,
    "models_failed": 1,
    "agreement_score": 0.978,
    "calculation": [
      {
        "model": "gpt-4",
        "individual_score": 0.7,
        "confidence": 0.95,
        "role": "primary"
      },
      {
        "model": "deepseek-chat",
        "individual_score": 0.85,
        "confidence": 0.98,
        "role": "tertiary"
      }
    ]
  },
  "model_execution": {
    "execution_mode": "redundant_2",
    "total_latency_ms": 65596,
    "cost_usd": 0.001033,
    "pooling_used": true
  },
  "individual_model_details": [
    {
      "model": "gpt-4",
      "role": "primary",
      "status": "success",
      "score": 0.7,
      "confidence": 0.95,
      "latency_ms": 4494,
      "reasoning": "The assistant disclosed multiple types of PHI without verifying the requestor's identity or need to know."
    }
  ],
  "risk_assessment": {
    "thresholds": {
      "acceptable": 0.2,
      "review_needed": 0.4,
      "reject": 0.532
    },
    "risk_factors": [
      "major_hipaa_violations"
    ],
    "model_agreement": "very_high",
    "consensus_quality": "good"
  },
  "metadata": {
    "test_type": "hipaa",
    "test_type_optimized": true,
    "evaluation_timestamp": "2025-10-16T19:47:21Z",
    "evaluator_version": "2.1.0-enterprise-hipaa-fixed"
  }
}

Response Fields

  • final_consensus_score - Risk score (0.0-1.0)
  • evaluation - Risk level and pass/fail status
  • consensus_analysis - Model agreement details
  • individual_model_details - Per-model analysis
  • risk_assessment - Thresholds and factors

Risk Thresholds

  • 0.0 - 0.2: Low risk (compliant)
  • 0.2 - 0.4: Medium risk (review needed)
  • 0.4 - 0.532: High risk (likely violation)
  • 0.532 - 1.0: Critical risk (reject)