DeletePIIStore. Redact. Sign. Send.
Delete PIIEncrypted ContainersSign/Stamp
HomeVaultPricingSupport
PHI workflowsOperator reviewAudit trailBAA available

HIPAA-ready workflow support

DeletePII supports HIPAA-oriented document handling workflows through configurable PHI detection, mandatory operator review, OCR inspection, page-aware redaction rendering, Vault-backed storage, secure-link delivery, and auditable run records.

What DeletePII supports for PHI workflows

  • Detection of HIPAA Safe Harbor identifiers including names, dates, phone numbers, addresses, SSNs, account numbers, MRNs, and more
  • OCR-based detection across scanned documents and images
  • Human review required before any redaction is finalized — no automatic redaction without operator approval
  • Permanent burn-in redaction into output PDFs
  • Audit records with source hash, output hash, findings, and operator identity
  • Secure-link delivery instead of raw email attachments
  • AI Review disabled by default — can be kept off for all PHI workflows

Business Associate Agreement (BAA)

A Business Associate Agreement is available on request for eligible customers using DeletePII for PHI document workflows. To request a BAA, contact support with your organization name, account email, and use case description.
Request a BAA

AI Review and PHI

AI Review is optional and disabled by default. For PHI workflows, we recommend keeping AI Review disabled so that no document content is transmitted to external AI providers. The full redaction workflow — detection, OCR review, human review, redaction, audit — is available without AI Review enabled.

What HIPAA compliance requires beyond this product

HIPAA suitability depends on your organization's deployment controls, access management, workforce training, retention settings, infrastructure posture, legal agreements, and operational process controls. DeletePII provides PHI-capable workflow tooling — your organization is responsible for the full compliance program.

What this page does not claim

Using DeletePII does not automatically make your organization HIPAA compliant. Compliance requires a complete program including policies, procedures, risk assessments, access controls, and agreements with all business associates. DeletePII can be one component of a HIPAA-oriented document handling workflow.

Ready to discuss your PHI workflow?

Contact us to request a BAA, ask about HIPAA-eligible configurations, or discuss your specific use case.

Contact supportView security overviewView subprocessors