Privacy Policy

Our Privacy Philosophy

Audit Sentinel AI provides AI-powered medical coding audit and compliance tools to healthcare professionals through auditsentinel.ai. This Privacy Policy explains what information we collect, how we handle it, and what we deliberately do not collect or store.

Our guiding principle is simple: we never need to see your patients’ identities to audit your coding. The Platform is engineered so that protected health information (PHI) is stripped from clinical text before it ever reaches an AI model or our database. We call this approach PHI-safe-by-design.

Information We Collect and Store

We collect only the minimum data necessary to operate the Platform, deliver audit results, manage your account, and process payments.

2.1 Account Data

• Your full name, as provided during registration
• Your email address, used for login, notifications, and support
• Your plan slug (e.g., starter, pro, scale)
• Your audit usage count for the current billing period

2.2 Audit Metadata (after de-identification)

• The de-identified clinical note — all 18 PHI identifiers replaced with placeholders
• Audit report in JSON format (findings, recommendations, risk flags)
• Numeric accuracy grade (0–100)
• Submitted CPT and ICD-10 codes
• Encounter type (e.g., office visit, inpatient)
• Timestamp of audit submission
• WordPress user ID — a numeric reference only, not your name or email

2.3 Payment Data

Payment processing is handled entirely by Stripe via ProfilePress. Audit Sentinel AI does not store, process, or have access to your credit card number, CVV, or full billing details. See Section 6 for details.

2.4 Server Logs

Our servers automatically record basic access information including IP addresses, browser type, referring URLs, and pages visited. These logs are used solely for security monitoring and performance — never correlated with audit content or clinical data.

Data We Never Store — By Design

What we don’t store is as important as what we do. Our architecture is specifically designed to ensure the following data never enters our database:

How Clinical Notes Are Handled

4.1 Pass 1: HIPAA Safe Harbor De-Identification

The first operation in our AI pipeline — before any clinical analysis begins — is automated de-identification following the HIPAA Safe Harbor method (45 CFR § 164.514(b)(2)). All 18 categories of PHI identifiers defined by HHS are detected and replaced with standardized bracketed placeholders:

Names · Geographic data smaller than a state · All dates (except year) related to an individual · Telephone numbers · Fax numbers · Email addresses · Social Security numbers · Medical record numbers · Health plan beneficiary numbers · Account numbers · Certificate and license numbers · Vehicle identifiers · Device identifiers · Web URLs · IP addresses · Biometric identifiers · Full-face photographs · Any other unique identifying number, characteristic, or code.

4.2 After De-Identification

The scrubbed note is sent to Google Vertex AI (Gemini) for coding analysis. The resulting audit report and de-identified note are stored in our database as described in Section 2.2. The original, unmodified clinical note is not stored, cached, or logged at any point.

4.3 Session-Level Processing

The raw clinical text exists only in your active browser session for the duration of the de-identification step. Once Pass 1 completes, the original text is discarded. There is no server-side persistence of the raw note and no deferred processing that retains identifiable content.

Google Vertex AI (Gemini)

What Google receives: Only the de-identified clinical text, submitted CPT/ICD-10 codes, and encounter type. No patient names, dates of birth, SSNs, MRNs, or any other direct identifier.

Google’s data commitments under their DPA:

• Google does not use Vertex AI customer data to train or improve general-purpose models
• Data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
• Google Cloud holds SOC 1, SOC 2, SOC 3, ISO 27001, ISO 27017, ISO 27018, and HIPAA compliance certifications

Full details: cloud.google.com/terms/data-processing-addendum

Payment Processing

Subscription payments are processed by Stripe, Inc. via ProfilePress. When you enter payment information, that data is transmitted directly to Stripe’s PCI DSS Level 1-certified infrastructure.

Audit Sentinel AI receives only a tokenized reference and basic transaction metadata (plan type, payment status, billing date). We do not store, process, or have access to your full credit card number, CVV, or banking details.

Stripe’s privacy policy: stripe.com/privacy

Purpose of Processing

We use the information described in Section 2 for the following purposes only:

• Deliver audit results — processing your de-identified note and codes through our AI pipeline
• Manage your account — authentication, plan enforcement, and account communications
• Process payments — activating, renewing, or cancelling your subscription via Stripe metadata
• Improve the Platform — aggregate, non-identifiable usage patterns (e.g., audit volume by encounter type, average accuracy scores) analyzed at the population level only
• Maintain security — monitoring server logs to detect and respond to unauthorized access and abuse

Retention, Deletion, and Your Data Rights

8.1 Audit Records

De-identified audit records are retained for a maximum of 7 days from the date of submission, then automatically and permanently purged.

8.2 Account Data

Retained for the duration of your active account and a reasonable period after cancellation for financial record-keeping compliance, then deleted.

8.3 User-Initiated Deletion

You may request deletion of your audit records and/or your account at any time. Upon receiving a verified request, we will permanently remove the specified data within 30 calendar days and confirm in writing. Deletion of audit records is irreversible.

8.4 Data That Is Never Retained

HIPAA Position Statement

9.1 Our Position

Audit Sentinel AI is not a HIPAA Covered Entity in the traditional regulatory sense. We do not provide healthcare treatment, process health insurance claims, or operate as a healthcare clearinghouse. We do not store, transmit, or maintain PHI as defined under 45 CFR § 160.103.

The data we store — de-identified clinical text with placeholder tokens — does not meet the regulatory definition of PHI because it cannot be used to identify an individual patient, alone or in combination with other reasonably available information.

9.2 Your HIPAA Obligations

Audit Sentinel AI is designed to integrate into HIPAA-compliant workflows without creating additional compliance risk. Because de-identification occurs before data leaves your session, the Platform supports your obligation to apply the minimum necessary standard to PHI disclosure.

9.3 Business Associate Agreements

For customers on the Scale plan or enterprise engagements who require a formal BAA as part of their compliance program, we offer one upon request. Contact us at the address in Section 15.

9.4 HIPAA Safe Harbor Compliance

Our de-identification methodology follows 45 CFR § 164.514(b)(2). When the 18 enumerated identifiers are removed and the covered entity has no actual knowledge that the remaining information could identify an individual, the data is no longer considered PHI under the HIPAA Privacy Rule. Our pipeline is designed to satisfy this standard for every note processed.

Technical Safeguards

• Encryption in transit: TLS 1.2+ between your browser and our servers, and to Google Vertex AI
• Encryption at rest: AES-256 for all stored data including de-identified audit records and account information
• Access controls: Production database access restricted to authorized personnel via MFA and role-based least-privilege controls
• Session security: Secure, HttpOnly cookies with appropriate expiration; tokens invalidated on logout
• Incident response: Documented plan for identifying, containing, and remediating security events; affected users notified per applicable law

Your Data Rights

• Right of access — request a copy of your account data and de-identified audit history
• Right of correction — request correction of inaccurate account information
• Right of deletion — request deletion of your account and/or audit records (see Section 8.3)
• Right to data portability — request your audit data in structured JSON format where technically feasible
• Right to withdraw consent — where processing is based on consent, you may withdraw at any time without affecting prior processing

To exercise any of these rights, contact us using the information in Section 15. We respond to verified requests within 30 calendar days. Identity verification may be required before fulfilling a request to protect against unauthorized disclosure.

Cookies and Tracking

We use only the following functionally necessary cookies:

• Session cookies — maintain your authenticated login state; expire when you close your browser or after session timeout
• Preference cookies — remember UI preferences; contain no personal or clinical data
• Security cookies — support CSRF protection and secure form submissions

We do not use persistent tracking cookies, fingerprinting techniques, or any technology designed to follow your activity across other websites.

Children’s Privacy

Audit Sentinel AI is a professional tool designed for licensed healthcare professionals, credentialed medical coders, billing specialists, and compliance officers. The Platform is not directed at individuals under the age of 18, and we do not knowingly collect personal information from children.

If you believe a minor has provided us with personal data, please contact us at the address in Section 15 and we will take immediate steps to delete that information.

Policy Updates

We may update this Privacy Policy to reflect changes in our Platform, business practices, or applicable law. When we make material changes, we will:

• Post the revised policy with a new “Last Updated” date
• Notify registered users by email at least 14 days before material changes take effect
• Clearly identify what has changed in a summary at the top of the revised policy

Continued use of the Platform after the effective date constitutes acceptance of the updated terms. If you do not agree with a material change, you may cancel your account and request deletion of your data per Section 8.3.

Questions? We’re Here.

If you have questions about this Privacy Policy, wish to exercise your data rights, or need to request a Business Associate Agreement:

Email: doug@brightcoreai.com
Website: auditsentinel.ai

We aim to respond to all privacy-related inquiries within 5 business days. For urgent security matters, include “SECURITY” in the subject line for expedited handling.