SELF-HOSTED PHI PROXY · FHIR-NATIVE

AI that knows the chart.
Any model. Never the patient.

MedScrub is a desktop app that gives your AI the real chart over FHIR — so it can surface care gaps, risks, and the metrics that matter. PHI is stripped before anything leaves your walls. No BAA required.

Epic · Cerner (Oracle) · athenahealth · eClinicalWorks  ·  Windows · macOS · Linux · iOS & Android

Patient record · live
"name": "Jane Doe""[NAME_1]"
"dob": "1985-03-12""[DATE_1]"
"mrn": "04412208""[MRN_1]"
"tel": "(415) 555-0132""[PHONE_1]"

de-identified before it leaves · re-identified on return

The product

The whole chart, de-identified before a token leaves the device.

MedScrub loads every FHIR resource, strips PHI on-device, and shows the exact path each request takes: Patient → local de-id → model → re-identified for you.

MedScrub patient chart with chart-aware AI and the de-identification flow

Architecture

PHI never crosses this line.

The proxy runs inside your infrastructure. Models — any of them — only ever see reversible tokens; identity returns only on your side of the wall. HIPAA's minimum-necessary standard, at consumer LLM pricing.

Your infrastructure
EHR
FHIR R4
CDR
persistent context
MedScrub proxy
de-identify · re-identify
Session vault
in-memory · 24h expiry
"name": "Jane Doe" — identity only ever exists here
your walls
"[NAME_1]" →
de-identified request
← "[NAME_1] is due for…"
tokened response
Any model
OpenAIClaudeGeminiOllama · local

Sees tokens only. No BAA required — there's no PHI to protect.

No PHI in logs24-hour ephemeral sessionsNo BAA with model vendorsReversible tokenization18/18 Safe Harbor identifiers
Why MedScrub

Audio scribes transcribe what you said. MedScrub reads what your patient actually has.

Freed, Heidi, Nabla and Suki start from a recording of your conversation. MedScrub starts from the clinical record — the actual labs, diagnoses and coverage — the only input that supports population health, prior auth and CCM.

MedScrub compared to audio scribes
FeatureMedScrubAudio scribes
Data sourcePatient EHR record via FHIRRecording of your conversation
PHI handlingSelf-hosted — never leaves infraCloud (vendor servers)
Population health analyticsYesNo
MIPS / HEDIS / CCM trackingYesNo
Prior authorization supportYesNo
Persistent patient context (CDR)YesNo
Any model

Bring the model you trust. Keep the PHI you can't share.

Claude, GPT-4, Gemini or a fully on-device Ollama model — every provider routes through the local proxy, so requests are de-identified before a single token leaves the machine.

  • Swap providers without touching your workflow
  • Run fully local with Ollama — nothing leaves the device
  • No BAA required with any model vendor
MedScrub AI model connectivity settings
What real data unlocks

Workflows you can't build from a transcript.

Population health screening

11+ HEDIS/MIPS/USPSTF measures checked automatically across your panel — before patients walk out.

Prior authorization prep

Reads payer requirements and tells you what documentation you need before you submit.

SOAP notes from the chart

Structured notes grounded in real labs and diagnoses, with ICD-10 and E/M coding support.

CCM documentation

Generate the documentation CPT 99490/99491 requires — from live EHR data, not memory.

Clinical Data Repository

Persistent patient context so the model works from the whole chart, not a single prompt.

Care team, one workspace

HIPAA-safe messaging for MDs, MAs and front desk — stored on your own proxy.

For developers & builders

De-identification for your stack, in an afternoon.

REST API, FHIR support and a native MCP server. Self-hosted Docker — no BAA negotiations, no vendor lock-in, no PHI ever leaving your infrastructure. 500 free credits on sign-up.

terminal · deidentify

# de-identify · PHI replaced with tokens

curl -X POST https://your-proxy/api/deidentify -H "X-API-Key: msk_live_..." -d '{"text":"Patient Jane Doe, DOB 1985-03-12"}'

# response

{ "text":"Patient [NAME_1], DOB [DATE_1]", "sessionId":"ses_abc123" }

Compliance

Built to the HIPAA Safe Harbor method.

All 18 identifiers specified in 45 CFR §164.514(b)(2) are removed before any request reaches a model. The design is auditable, documented, and something a hospital CISO can sign off on.

18 Safe Harbor identifiers

Names, dates, MRNs, SSNs, addresses and more removed per 45 CFR §164.514(b)(2).

In-memory sessions

Encrypted session store, 24-hour auto-expiration, no PHI in logs or persistent storage.

Self-hosted by design

Runs as Docker in your environment. No BAA with a model vendor required.

Reversible tokenization

Re-identify locally after the model responds — including LLM-modified output.

Frontier AI on the whole chart — without the compliance risk.

Connect your EHR, keep PHI on your infrastructure, and put any model to work on real clinical data.