Start free

Products

Observability

Trace every LLM call. Cost, latency, hallucination.

Guardrails

HIPAA, FDCPA, FINRA, GDPR — enforced in-process.

Prompts

Version-controlled prompts with A/B testing and rollback.

Resources

Live demoBlogDocsGitHub
Sign inStart free →
← All posts
complianceJune 1, 2026·5 min read

What Peekr's HIPAA Pack Actually Blocks: The Patterns, Not the Promise

Saying 'HIPAA enforced' is easy. Here are the exact regex patterns, required disclosure rules, and prohibited output checks that run on every LLM call when you enable Peekr's HIPAA compliance pack.

HIPAAAI complianceLLM guardrailsPythonhealthcare AIcompliance patterns

Most AI compliance tools tell you what they comply with. Few show you how. This post shows the exact patterns inside Peekr's HIPAA pack — the regex rules, the regulatory citations behind each one, what a violation looks like in a span, and how to test it locally before going to production.

If you're evaluating AI compliance tooling for a healthcare product, this is the page that answers "but what does it actually check?"

The Three Rule Types

Peekr's compliance packs use three distinct rule types. Understanding them is the prerequisite for trusting any compliance system:

prohibited_output — regex matched against the LLM's response. If it matches, the guardrail fires. For HIPAA this catches diagnosis statements, PHI in responses, and prescription language.

prohibited_input — regex matched against what goes into the model. HIPAA has fewer of these (EEOC and ADA have more), but any PHI that shouldn't enter the model context at all is caught here.

required_disclosure — a substring that must appear in the response. If the output doesn't contain this string, the guardrail fires a warning. For HIPAA this enforces the disclaimer and provider referral.

The HIPAA Pack: Every Rule, With Its Citation

Here are all eight rules in Peekr's HIPAA pack, verbatim:

Prohibited outputs

pattern: (diagnos(is|ed with)|you have|the patient has).{0,60}
         (cancer|HIV|AIDS|diabetes|depression|bipolar|schizophrenia)
citation: HIPAA Privacy Rule — AI stating diagnosis as fact without authorization

pattern: (this (app|tool|assistant|system) (can|will)) (diagnose|treat|cure|prevent|mitigate)
citation: FDA 21 CFR — Prohibited medical device claim without clearance

pattern: (FDA[- ]approved|FDA[- ]cleared|clinically proven).{0,40}(this|our)
citation: FDA — False clearance claim

pattern: (prescribe|recommend you take) .{0,30}(mg|dose|medication|drug)
citation: HIPAA — AI prescribing medication

pattern: \b\d{3}-\d{2}-\d{4}\b
citation: HIPAA — SSN in output — automatic PHI violation

pattern: (MRN|medical record number|patient ID).{0,20}\d+
citation: HIPAA — Medical record number in output

Required disclosures

text: "This is not a diagnosis or medical advice"
citation: HIPAA — Required disclaimer for health information

text: "Consult a licensed healthcare provider"
citation: FDA/HIPAA — Required referral to licensed care

These are not conceptual — they're the literal patterns fetched by the SDK at instrument() time and matched against every LLM span.

What a Violation Looks Like

When a rule fires, Peekr doesn't just log it — it writes structured data to the span so you can query, alert, and audit it. Here's what the span attributes look like after a HIPAA violation:

# Span attributes after "you have diabetes" appears in an LLM response

span.attributes = {
    "model": "gpt-4o",
    "input": "The patient asked about their A1C results...",
    "output": "Based on your A1C of 8.2, you have diabetes and should...",

    # Guardrail result — stored BEFORE the error propagates
    "guardrail_violations": [
        "HIPAA: AI stating diagnosis as fact — matched: 'you have diabetes'"
    ],

    "eval_scores": {"Hallucination": 0.91},
    "tokens_total": 412,
    "cost_usd": 0.00082,
}

The violation is stored on the span regardless of what action is configured. If action="raise", a GuardrailError is raised after storage — so you always have the audit trail, even when the call is blocked.

Enabling It

import peekr

peekr.instrument(
    exporter=peekr.HTTPExporter(
        endpoint="https://peekr.starkspherelabs.com",
        api_key="pk_live_…",
    ),
    compliance=["HIPAA"],
)

# Your existing OpenAI / Anthropic / Bedrock code is now HIPAA-checked.
# No wrappers. No proxy. No latency overhead.

At startup, the SDK calls GET /v1/compliance/rules with your API key. The current pack patterns are fetched and compiled into in-process matchers. When regulations change, Peekr updates the pack — your SDK picks up the new rules on next restart, no code change required.

Testing a Rule Locally

Before deploying, verify a rule fires correctly:

import peekr
from peekr.guard import GuardrailError

# Point at local SQLite for testing
peekr.instrument(
    compliance=["HIPAA"],
    _compliance_rules=[
        # Inject rules manually in test — no network call needed
        {
            "rule_type": "prohibited_output",
            "pattern": r"(diagnos|you have).{0,60}(diabetes|cancer)",
            "description": "HIPAA: AI stating diagnosis as fact",
            "action": "raise",
        }
    ],
)

# Simulate what an LLM would return
import unittest

class TestHIPAAGuardrail(unittest.TestCase):
    def test_diagnosis_statement_blocked(self):
        with self.assertRaises(GuardrailError) as ctx:
            # Trigger the guardrail directly
            peekr.guard._check_output(
                "Based on your results, you have diabetes and should monitor your blood sugar."
            )
        self.assertIn("HIPAA", str(ctx.exception))
        self.assertIn("diagnosis", str(ctx.exception).lower())

    def test_clean_response_passes(self):
        # Should not raise
        peekr.guard._check_output(
            "Your A1C value is in the range your doctor mentioned. "
            "This is not a diagnosis or medical advice. "
            "Consult a licensed healthcare provider for interpretation."
        )

The Missing Disclosure Case

Required disclosure rules are easy to get wrong. The guardrail fires when the required text is absent, not when it's wrong. A common failure mode:

# This PASSES the HIPAA check (disclaimer present)
response = "Your A1C reading is 8.2. This is not a diagnosis or medical advice. Consult a licensed healthcare provider."

# This FAILS the HIPAA check (disclaimer absent)
response = "Your A1C reading of 8.2 is elevated. You should speak with your doctor."
# → guardrail_violations: ["HIPAA: Required disclaimer missing — 'This is not a diagnosis or medical advice'"]

In warn mode, the response still goes through but the violation is logged. In raise mode, the SDK raises GuardrailError and the LLM response never reaches the user.

What the Pack Doesn't Cover

Peekr's HIPAA pack handles output content compliance — what the model says. It does not:

  • Encrypt PHI at rest — that's your database and Supabase configuration
  • Handle the Business Associate Agreement — Peekr provides a BAA for Pro and above
  • Cover HIPAA Security Rule technical safeguards — those apply to your infrastructure, not the LLM output layer
  • Guarantee zero PHI leakage — PIIRedact helps with structured PHI (SSNs, MRNs), but novel formats require custom Blocklist patterns

For a complete HIPAA posture, treat compliance packs as the LLM-output layer in a broader program. They're necessary but not sufficient.

The full list of pack rules — HIPAA, FDCPA, FINRA, GDPR, EU AI Act, EEOC, TILA/ECOA, Fair Housing — is visible in the Peekr guardrails documentation. If your regulated use case needs patterns not in the current packs, custom rules let you add regex patterns or required disclosures per-project from the dashboard.

Add compliance guardrails in two lines of code.

Free tier — 10k spans/month. No credit card required.

Get started free →Learn more

Related posts

compliance

UAE PDPL AI Compliance: A Developer's Guide (2025)

June 2, 2026 · 7 min

compliance

Dubai DHA AI Compliance for Healthcare: What Developers Need to Know (2025)

June 2, 2026 · 7 min