Why We Scrub PHI Before the AI Even Starts Thinking

Inside Audit Sentinel’s Pass 1 architecture and the HIPAA Safe Harbor method

Most AI-powered healthcare tools treat data privacy as a policy layer — a set of rules about who can access what, enforced by permissions and logging. Audit Sentinel treats it as an architecture layer. The very first thing our pipeline does with every clinical note, before a single line of coding logic executes, is strip it of protected health information. We call this Pass 1: the PHI Scrubber. It runs a fast, lightweight frontier language model on Google Cloud Vertex AI whose only job is entity recognition and redaction. It doesn’t analyze MDM complexity. It doesn’t validate ICD-10 codes. It reads the note, identifies every Safe Harbor identifier, replaces each one with a standardized placeholder, and emits a de-identified version of the note. That’s it. That de-identified note is the only artifact that Pass 2 and Pass 3 ever see.

The method behind the redaction is the HIPAA Safe Harbor standard defined at 45 CFR § 164.514(b)(2). Safe Harbor specifies 18 categories of identifiers that must be removed for data to be considered de-identified under the Privacy Rule: names, geographic data smaller than a state, all date elements except year, phone and fax numbers, email addresses, SSNs, medical record numbers, health plan IDs, account numbers, certificate and license numbers, vehicle identifiers, device serials, URLs, IP addresses, biometric data, photographs, and any other unique identifier. Our Pass 1 model targets all 18 categories and replaces each with a typed placeholder — [REDACTED_NAME], [REDACTED_MRN], [REDACTED_DATE], and so on — so that downstream passes can still recognize that an entity existed in the note without knowing its value. A reference to “[REDACTED_NAME] presented with chest pain” preserves the clinical structure; the auditor model knows a patient presented, it just doesn’t know who.

A reasonable question is: why not just use regex or a rule-based NER system? The answer is recall. Clinical notes are messy — dictated, templated, copy-forwarded, littered with abbreviations and non-standard formatting. Rule-based systems excel at structured fields (an MRN that always appears in a header, a date in MM/DD/YYYY format) but struggle with free-text identifiers embedded in narrative paragraphs, unusual name spellings, or identifiers that appear in unexpected locations like an assessment or plan section. A frontier language model brings contextual understanding: it recognizes that “Dr. Patel discussed the case with the patient’s daughter, Maria” contains two names that need redaction, even though neither appears in a labeled field. That said, we are transparent that no automated system is perfect. Our product UI and customer documentation instruct users not to paste actual patient names, real MRNs, or full street addresses into the submission field. The scrubber is a defense-in-depth layer, not a license to submit raw identifiers.

What happens to the raw note after Pass 1? It’s gone. The original text is held only in volatile memory for the duration of the scrubbing inference and is discarded the moment the de-identified output is emitted. It is not written to any database, not logged, not cached, and not available to any Audit Sentinel engineer or support agent. The de-identified note is persisted as part of the audit record; the raw note is not. Customer submissions are also never used to train, fine-tune, or update the underlying foundation models — a commitment backed by our sub-processor agreement with Google Cloud. We built Pass 1 this way because we believe the strongest privacy posture isn’t “we promise not to look at your PHI.” It’s “we architecturally cannot, because it doesn’t exist past the first ten seconds.”

Audit Sentinel AI is an educational and advisory audit tool. It is not a substitute for a certified coder, licensed attorney, or payer determination. For methodology details, see our Audit Methodology White Paper.

How Audit Sentinel Turns a Clinical Note Into a Compliance Score in Seconds

A look inside the three-pass AI pipeline that powers every audit

Every E/M audit starts the same way: a clinical note goes in, and a judgment about coding accuracy comes out. Traditionally that judgment takes a certified coder 15–20 minutes per note — reading the documentation, mapping it against the AMA’s MDM grid, cross-checking ICD-10 specificity, and comparing everything to the billed codes. Audit Sentinel compresses that cycle into seconds using a three-pass AI pipeline built on Google Cloud Vertex AI. The architecture isn’t a single model prompt that tries to do everything at once. It’s three distinct stages, each with a narrow job, running in sequence so that privacy, clinical accuracy, and grading logic never compete for the same inference call.

Pass 1 is the PHI Scrubber. Before any clinical reasoning begins, a fast frontier language model scans the raw note and redacts all 18 HIPAA Safe Harbor identifier categories — names, dates, SSNs, MRNs, device IDs, and everything in between. Each identifier is replaced with a standardized placeholder like [REDACTED_NAME] or [REDACTED_DATE]. The output is a de-identified note, and that de-identified note is the only version that moves forward. The raw text is held in volatile memory for the duration of Pass 1 and then discarded. No downstream pass — and no human at Audit Sentinel — ever sees the original PHI. This isn’t a feature bolted on after launch; it’s the first stage of every single audit, by design.

Pass 2 is the E/M and ICD-10 Auditor. A high-capability frontier reasoning model reads the de-identified note and performs a full clinical coding analysis: MDM complexity across all three elements (Problems, Data, Risk), time-based code selection where documented, ICD-10 validation for specificity and clinical support, modifier appropriateness, CCI bundling edits, and medical necessity linkage. The output is what we call the “ideal analysis” — the coding picture that the documentation supports, independent of what the provider actually billed. Pass 2 doesn’t know what was billed; it only knows what the note says. That separation is deliberate: it prevents anchoring bias, where a model might rationalize the submitted code instead of reading the chart on its own terms.

Pass 3 is the Billing Comparator and Grader. It takes the provider’s submitted codes and holds them against the Pass 2 ideal analysis, applying a fixed deduction table — not a subjective AI judgment — to produce a 0–100 numeric score and a letter grade from A to F. Over-coding deductions are intentionally steep (up to 35 points for a two-level over-code) because the compliance exposure is asymmetric: under-coding costs the provider revenue, but over-coding creates payer and regulatory risk. If the findings cross a severity threshold, a compliance flag is asserted, signaling that a qualified human should review the encounter before the claim goes out. The result is a structured JSON report with the score, the grade, every deduction itemized with a reason code, and a plain-language narrative — ready to hand to a compliance officer, drop into a trend dashboard, or export as a PDF for the audit file.

Audit Sentinel AI is an educational and advisory audit tool. It is not a substitute for a certified coder, licensed attorney, or payer determination. For methodology details, see our Audit Methodology White Paper.

Audit Sentinel AI launches

FOR IMMEDIATE RELEASE

Brightcore AI Launches Audit Sentinel AI — A Three-Pass Artificial Intelligence Engine That Audits E/M Clinical Notes for Coding Accuracy and Compliance Risk

Platform brings institutional-grade chart audit capability to solo auditors, HIM departments, and compliance firms at a fraction of traditional audit costs

April 17, 2026 — Brightcore AI today announced the official launch of Audit Sentinel AI (auditsentinel.ai), an AI-powered evaluation and management (E/M) coding audit platform designed for healthcare professionals, credentialed medical coders, HIM departments, and compliance organizations. The platform applies a proprietary three-pass artificial intelligence pipeline to clinical documentation, validating E/M code selection against 2023/2026 AMA CPT guidelines, identifying documentation deficiencies, and delivering a structured compliance report with letter grade in seconds.

Audit Sentinel AI is immediately available with a 7-day free trial at auditsentinel.ai.

The Problem: E/M Coding Errors Cost the Industry Billions

Evaluation and management coding errors remain one of the highest-risk areas in healthcare compliance. The OIG Work Plan consistently identifies E/M documentation as a top target for Medicare audit activity, with significant overpayment and underpayment errors identified across practice settings every year. Manual chart audits are time-intensive, expensive, and often inconsistent — creating a gap between the volume of notes produced and the volume that can realistically be reviewed.

“The industry needed something that could do what a seasoned auditor does, but at scale,” said Douglas Holland, founder of Brightcore AI. “Audit Sentinel AI doesn’t replace auditors — it makes them faster, sharper, and able to defend every finding with a structured, AI-generated rationale.”

How It Works: A Three-Pass AI Pipeline

Audit Sentinel AI applies a sequential, three-stage analysis to every submitted clinical note:

Pass 1 — PHI De-Identification. Before any clinical analysis begins, the platform automatically detects and replaces all 18 categories of protected health information (PHI) defined under the HIPAA Safe Harbor method (45 CFR § 164.514(b)(2)). Patient names, dates of birth, medical record numbers, and all other direct identifiers are replaced with standardized placeholders. The de-identified note — never the original — proceeds to analysis.

Pass 2 — E/M Audit and Documentation Analysis. The de-identified clinical narrative is submitted to Google Vertex AI (Gemini) for comprehensive coding analysis. The AI evaluates medical decision-making (MDM) complexity across all three MDM components, validates E/M level selection against the submitted CPT code, assesses ICD-10 code appropriateness and medical necessity, and identifies documentation gaps that create compliance or reimbursement risk.

Pass 3 — Grading and Comparator Analysis. A second AI model reviews the findings from Pass 2 and produces a structured audit report including a numeric compliance score (0–100), a letter grade, risk classification, CDI recommendations, and an ideal billing analysis comparing the documented level with the submitted code.

The complete three-pass audit completes in under 90 seconds for most clinical notes.

PHI-Safe-by-Design Architecture

Unlike platforms that store raw clinical data and rely on access controls to protect it, Audit Sentinel AI is built on a PHI-safe-by-design architecture. The de-identification step executes before any data leaves the user’s session. Raw clinical notes containing patient-identifiable information are never written to the platform’s database, never transmitted to Google Vertex AI, and never retained at rest.

“The strongest protection against a PHI breach is not having PHI,” said Holland. “We eliminated the risk at the source.”

The platform does not use third-party advertising trackers, behavioral analytics, or marketing pixels. Business Associate Agreements (BAAs) are available upon request for Scale plan subscribers and enterprise engagements.

Pricing and Availability

Audit Sentinel AI launches with four subscription tiers:

All plans include the full three-pass AI audit engine. Annual billing is available at a 20% discount. A 7-day free trial with no credit card required is available at auditsentinel.ai.

About Brightcore AI

Brightcore AI is a healthcare technology company specializing in AI-powered compliance and administrative automation tools for medical practices, HIM departments, and audit firms. Brightcore AI is the developer of Audit Sentinel AI and operates at the intersection of artificial intelligence and clinical compliance.

Website: auditsentinel.ai Email: doug@brightcoreai.com LinkedIn: linkedin.com/company/brightcore-consulting-llc Facebook: facebook.com/people/Brightcore-AI/61565779636163 YouTube: youtube.com/@BrightcoreAI

This press release contains forward-looking statements. Audit Sentinel AI is designed for informational and educational use by qualified healthcare professionals and does not constitute legal, medical, or compliance advice. Organizations should consult qualified legal counsel for compliance guidance specific to their operations.

Media Contact Douglas Holland Brightcore AI doug@brightcoreai.com auditsentinel.ai