HIPAA Compliance · LLM Applications

What HIPAA requiresfrom your LLM app.

LLMs create three new PHI exposure surfaces that traditional HIPAA controls don't cover: PHI injected into prompts, PHI echoed in model outputs, and PHI captured in telemetry spans. Peekr enforces rules on all three — in your Python process, with no proxy.

Three surfaces where LLMs touch PHI

HIPAA's Security Rule covers any system that creates, receives, maintains, or transmits electronic PHI. LLM applications touch PHI in ways that most compliance frameworks don't address.

PHI in the prompt

User messages or tool outputs inject names, DOBs, or SSNs into the model context before the API call.

Required control

Block prohibited inputs before the model sees them.

# prohibited_input rule fires before the API call
pattern: "\b\d{3}-\d{2}-\d{4}\b"   # SSN in prompt
action: "block"                          # GuardrailError raised
PHI in the output

The LLM echoes patient data, states a diagnosis as fact, or generates text containing SSN or DOB from its training context.

Required control

Block or redact prohibited outputs before they reach your caller.

# prohibited_output rule fires after the API call
pattern: "you (have|are diagnosed with)"  # diagnosis as fact
action: "block"                           # response never leaves process
PHI in telemetry spans

Observability SDKs capture the full prompt and completion by default. Without redaction, PHI flows into your trace store.

Required control

Redact PHI from spans before they are exported.

# PIIRedact strips PHI in-place on the span
# SSN, DOB, phone, email, credit card — redacted
# before the span leaves your process
peekr.guard.PIIRedact()

Four controls in the Peekr HIPAA pack

Enabled with a single compliance=["HIPAA"] argument. All four run synchronously inside your process — no PHI leaves your infrastructure.

PHI input blocking

Patterns matched against the full prompt before the model sees it. If SSN, phone, DOB, or email appear in the user message or tool output, the call is blocked and a violation is logged.

Prohibited output blocking

Patterns matched against model responses before they reach your caller. Diagnosis-as-fact language and prescription suggestions are blocked. Missing required care-referral disclaimers are flagged.

PHI redaction in spans

PIIRedact runs on every span before export, stripping SSN, DOB, phone, and email from the prompt and completion fields stored in your trace backend.

Tamper-evident audit log

Every violation — blocked input, blocked output, or redaction — is written to an append-only audit log on the span before any error propagates. Your compliance officer has a record even if the caller catches the exception.

Enable HIPAA compliance in 2 lines

Pass compliance=["HIPAA"] to peekr.instrument(). PHI input blocking, output blocking, span redaction, and audit logging are all active immediately — no additional configuration.

import peekr
from peekr.guard import GuardrailError

peekr.instrument(
    exporter=peekr.HTTPExporter(
        endpoint="https://peekr.starkspherelabs.com",
        api_key="pk_live_...",
    ),
    compliance=["HIPAA"],   # ← all 4 controls active
    guardrails=[
        peekr.guard.PIIRedact(),  # scrub PHI from spans
    ],
)

# HIPAA pack runs on every LLM call automatically.
# GuardrailError carries the rule name + regulatory citation.
try:
    resp = client.chat.completions.create(...)
except GuardrailError as e:
    # e.guardrail_name: "HIPAA.prohibited_output"
    # e.citation: "45 CFR §164.514(b)"
    log.warn(f"[HIPAA] {e}")

Common questions

Does Peekr make my LLM app HIPAA-compliant?

Peekr is a technical control — it enforces the PHI-specific rules your LLM generates and logs. Full HIPAA compliance also requires a BAA, access controls, encryption at rest, and workforce training. We're the LLM output layer, not a certification.

Does PHI travel to Peekr's servers?

No. The compliance rules are loaded from Peekr Cloud at startup and enforced locally in your process. Only PII-redacted span metadata (after PIIRedact runs) is exported. No raw PHI leaves your infrastructure.

Which HIPAA regulations does the pack cover?

The pack targets HIPAA Security Rule §164.312 (technical safeguards) and Privacy Rule §164.514(b) (PHI de-identification). Specifically: PHI in outputs (SSN, DOB, phone, email), diagnosis-as-fact language, prescription mentions, and missing care-referral disclaimers.

What if I need custom HIPAA rules for my product?

The dashboard has a Custom Rules editor where you add regex patterns, blocked terms, or required disclosures specific to your clinical workflow — no code deploy needed. Rules are fetched at the next SDK startup.

Go deeper

Enforce HIPAA on every LLM call — free

10,000 spans/month free. All HIPAA controls included. No proxy, no credit card, no PHI leaves your stack.