AI that knows the chart.
Any model. Never the patient.
MedScrub is a desktop app that gives your AI the real chart over FHIR — so it can surface care gaps, risks, and the metrics that matter. PHI is stripped before anything leaves your walls. No BAA required.
Epic · Cerner (Oracle) · athenahealth · eClinicalWorks · Windows · macOS · Linux · iOS & Android
de-identified before it leaves · re-identified on return
The whole chart, de-identified before a token leaves the device.
MedScrub loads every FHIR resource, strips PHI on-device, and shows the exact path each request takes: Patient → local de-id → model → re-identified for you.

Architecture
PHI never crosses this line.
The proxy runs inside your infrastructure. Models — any of them — only ever see reversible tokens; identity returns only on your side of the wall. HIPAA's minimum-necessary standard, at consumer LLM pricing.
Sees tokens only. No BAA required — there's no PHI to protect.
Audio scribes transcribe what you said. MedScrub reads what your patient actually has.
Freed, Heidi, Nabla and Suki start from a recording of your conversation. MedScrub starts from the clinical record — the actual labs, diagnoses and coverage — the only input that supports population health, prior auth and CCM.
| Feature | MedScrub | Audio scribes |
|---|---|---|
| Data source | Patient EHR record via FHIR | Recording of your conversation |
| PHI handling | Self-hosted — never leaves infra | Cloud (vendor servers) |
| Population health analytics | Yes | No |
| MIPS / HEDIS / CCM tracking | Yes | No |
| Prior authorization support | Yes | No |
| Persistent patient context (CDR) | Yes | No |
Bring the model you trust. Keep the PHI you can't share.
Claude, GPT-4, Gemini or a fully on-device Ollama model — every provider routes through the local proxy, so requests are de-identified before a single token leaves the machine.
- Swap providers without touching your workflow
- Run fully local with Ollama — nothing leaves the device
- No BAA required with any model vendor

Workflows you can't build from a transcript.
Population health screening
11+ HEDIS/MIPS/USPSTF measures checked automatically across your panel — before patients walk out.
Prior authorization prep
Reads payer requirements and tells you what documentation you need before you submit.
SOAP notes from the chart
Structured notes grounded in real labs and diagnoses, with ICD-10 and E/M coding support.
CCM documentation
Generate the documentation CPT 99490/99491 requires — from live EHR data, not memory.
Clinical Data Repository
Persistent patient context so the model works from the whole chart, not a single prompt.
Care team, one workspace
HIPAA-safe messaging for MDs, MAs and front desk — stored on your own proxy.
De-identification for your stack, in an afternoon.
REST API, FHIR support and a native MCP server. Self-hosted Docker — no BAA negotiations, no vendor lock-in, no PHI ever leaving your infrastructure. 500 free credits on sign-up.
# de-identify · PHI replaced with tokens
curl -X POST https://your-proxy/api/deidentify -H "X-API-Key: msk_live_..." -d '{"text":"Patient Jane Doe, DOB 1985-03-12"}'
# response
{ "text":"Patient [NAME_1], DOB [DATE_1]", "sessionId":"ses_abc123" }
Built to the HIPAA Safe Harbor method.
All 18 identifiers specified in 45 CFR §164.514(b)(2) are removed before any request reaches a model. The design is auditable, documented, and something a hospital CISO can sign off on.
18 Safe Harbor identifiers
Names, dates, MRNs, SSNs, addresses and more removed per 45 CFR §164.514(b)(2).
In-memory sessions
Encrypted session store, 24-hour auto-expiration, no PHI in logs or persistent storage.
Self-hosted by design
Runs as Docker in your environment. No BAA with a model vendor required.
Reversible tokenization
Re-identify locally after the model responds — including LLM-modified output.
Who uses it
A workspace that reads the whole chart.
SOAP notes, prior-auth prep, CCM documentation and MIPS/HEDIS gaps — grounded in your real EHR data, running on your infrastructure.
For physiciansFor developersBuild clinical AI on a PHI proxy.
MCP server, FHIR client and REST API on a CDR with persistent context and de-identification — no BAA negotiations, no compliance headaches.
For developers