iBridge DigitaliBridge Digital
← back

Security and HIPAA

Built aroundone principle:PHI never persiststo the platform.

Most voice AI platforms hold patient data by default. We don't. Patient information lives in a sealed boundary for the duration of one interaction, then is destroyed before any database is written. Reasoning, persistence, audit, and customer-facing surfaces operate on structured proofs — never on PHI.

Architecture

Watch a call resolve.
PHI never crosses the boundary.

ZONE 01 / BOUNDARYThe boundary.Where reality is touched.listenPHI · EPHEMERAL · DESTROYED PER CALL↑ EVAPORATEZONE 02 / COREThe core.Reasoning on typed proofs. PHI absent by architecture.REASONKNOWEMITPHI · ABSENT · ENFORCED BY ARCHITECTUREAUDIT · HASH-CHAINED · APPEND-ONLY0xa30xb40xc50xd60xe70xf80x100x110x120x130x∎∎PHI evaporates here. Architecturally enforced.Reasoning operates on typed proofs only.Each link cryptographically signed. Tamper-evident.

A call enters the boundary, where patient information is held briefly in process memory. The colleague reasons on the call, decides what to extract, and emits a structured proof to the core. PHI is destroyed before any persistent system writes the call. The core reasons, persists, and serves customer-facing surfaces — all on typed proofs that contain no patient identifying information. Every state transition is captured in a hash-chained audit log.

Knowledge architecture

Knowledge that compounds.
Without leaking.

Consumer AI shares everything by default. Walled-garden vendors share nothing. We do neither. A four-layer model lets verified-public knowledge propagate across tenants while private workflows, customer-specific rules, and patient data stay isolated to the tenant that owns them. Every cross-tenant flow is approved by a human, cross-validated, audit-logged, and reversible.

A

Foundation knowledge

Vendor-supplied

Contents

  • +English language and dialect handling
  • +US healthcare conventions and terminology
  • +Common payer behaviors at category level
  • +Standard CPT, ICD-10, and HCPCS taxonomies

Propagation

Updated by iBridge. Same for every tenant. Read-only.

B

Verified-public knowledge

Shared across tenants · customer-graduated

Contents

  • +Payer IVR maps and menu-tree changes
  • +Common refusal patterns and recovery moves
  • +Escalation rules validated across N tenants
  • +Identified bugs in payer systems and workarounds

Propagation

Promoted by tenant training authority review. Cross-validated. Audit-logged. Reversible by the contributing tenant.

C

Tenant knowledge

Private to one customer

Contents

  • +Your scope policy and authority chart
  • +Your workflows and routing rules
  • +Your authorization criteria and clinical edits
  • +Your specialty mix, payer concentration, and ops cadence

Propagation

Stays within your tenant boundary. Never propagates. Cross-tenant access is architecturally impossible.

D

Conversation knowledge

Ephemeral · single interaction

Contents

  • +PHI heard during one call
  • +Patient identifiers, callback numbers, addresses
  • +Clinical context exchanged in conversation
  • +Decisions made within the interaction

Propagation

Lives only at the boundary. Destroyed before any persistent system writes. Reasoning operates on typed proofs.

How a Layer C discovery becomes Layer B

Five stages. Every step audit-logged. Every step reversible.

LIFECYCLE · LAYER C TO LAYER B01 · DISCOVEREDIn one tenant'sconversationLayer C · private02 · REVIEWEDBy tenant'straining authorityHuman approval required03 · VALIDATEDCross-tested againstN other tenantsNo PHI in test set04 · LOGGEDHash-chained auditentry createdOrigin · approver · timestamp05 · GRADUATEDLayer B · verified-publicAll tenants benefitReversible · opt-outableAny step can be reversed by the originating tenant.

A discovery doesn't become public because one tenant says so. It becomes public after a human in the originating tenant explicitly promotes it, cross-validation confirms it doesn't encode tenant-specific data or PHI, and the audit chain records the full provenance. Any contributing tenant can reverse the promotion.

Three commitments

Compounding is opt-in, opt-out, and reversible.

01

Revoke a public promotion

Any tenant that contributed to a Layer B entry can revoke it. The entry is removed from the verified-public layer and a reversal event is hash-chain logged. Other tenants are notified.

02

Opt out of Layer B entirely

Any tenant can configure their colleague to operate on Layer A and their own Layer C only — no consumption of cross-tenant knowledge. The colleague remains fully functional, just without the compounding benefit.

03

Audit every cross-tenant flow

Every promotion event is logged with originating tenant, approving human, validation evidence, and timestamp. Every consumption event is logged with the receiving tenant. The full chain is queryable by any tenant for any entry that touches them.

Boundary model

Two zones.
PHI lives in only one of them.

Zone 01 / Boundary

Where reality is touched.

The boundary is where the platform meets the outside world — inbound and outbound voice, integration endpoints, customer-supplied context. PHI may be present here, briefly, in process memory, scoped to a single interaction.

On completion, the boundary destroys all transient PHI and emits a structured, redacted, typed proof to the core. A destruction receipt is hashed into the audit log.

PHI present · ephemeral · process memory · destruction-proven

Zone 02 / Core

Where everything else happens.

The core is everything else: reasoning, workflow orchestration, persistence, learning, audit, and every surface a customer ever sees. The core operates exclusively on structured proofs — typed events that contain no patient identifying information.

This is enforced architecturally, not by policy. Engineers cannot read PHI from production systems. The persistence schema does not contain PHI fields.

PHI absent · enforced by architecture · not by policy

Audit log

Every state transition across both zones is captured in a hash-chained, append-only log. Tamper-evident. Customer-queryable. Retention configurable per contract.

HIPAA posture

We sign BAAs.
Without exception.

Business Associate Agreements are executed with every customer that processes PHI through our platform. A standard BAA is available on request, and we accommodate customer paper where reasonable.

Subprocessors in our chain are also BAA-covered. We notify customers in writing 30 days before adding or changing a subprocessor that materially handles PHI.

Minimum-necessary access is enforced architecturally. The core never receives PHI. Engineers cannot read PHI from production. Customer support sees audit metadata only.

Subprocessor categories

The categories below describe the types of services in our chain. Specific vendor identities are disclosed under NDA during procurement review and in the executed BAA.

Category
Purpose
BAA
Telephony and voice transport
Real-time call infrastructure
Yes
Speech recognition
Real-time transcription, US region
Yes
Voice synthesis
Text-to-speech, US region
Yes
Reasoning models
Zero-retention API access
Yes
Cloud infrastructure
Compute and storage, US-only regions
Yes
Audit and metadata store
Hash-chained audit log
Yes

Controls

Encryption

TLS 1.3 in transit. AES-256 at rest. Cloud-native key management with annual rotation.

Data residency

All processing, persistence, and telephony in US-only cloud regions. No cross-border movement of PHI.

Audit logging

Hash-chained, append-only, customer-queryable log of every state transition. Retention configurable per contract.

Tenant isolation

Single-tenant deployments today; database-level row-level security policies for shared deployments rolling out Q3 2026.

Access control

Role-based access. Mandatory MFA. SSO via SAML for customer-facing dashboards. Least-privilege by default.

Vulnerability management

Dependency scanning on every build. Critical advisories patched within 72 hours. Annual third-party penetration test.

Incident response

24-hour notification SLA on confirmed incidents involving customer data. Post-incident report within 14 days.

Backup and recovery

Encrypted daily backups. 30-day retention. Quarterly restore drills. RPO 24h, RTO 4h for core services.

What we don't do

Equally important.

  • ×We do not store raw call audio after structured outputs are emitted, unless the customer explicitly opts in.
  • ×We do not retain prompt or response logs containing PHI beyond the call.
  • ×We do not use customer data to train models, ours or any third party's.
  • ×We do not move customer PHI outside US infrastructure.

Roadmap

Q3 2026

SOC 2 Type I

In progress with a qualified third-party auditor. Targeting completion this quarter.

Q1 2027

SOC 2 Type II

Six-month observation window begins after Type I. Report expected H1 2027.

2027

HITRUST

Pursued where customer demand requires. Scoped to platform components handling PHI.

Procurement and security

BAAs, vendor questionnaires, subprocessor disclosure, vulnerability reports. Email digital@ibridgedigital.com. We respond within one business day.