PHI Data Flow Analysis — SGA Dental Partners Platform

CIO Concerns

Four key risk areas requiring attention before platform build proceeds.

High

Call Recordings Through External AI

Voice calls across 260 practices (~65,000 call-minutes/day) are routed through Peer Logic, RingCentral, 8x8, and Weave, then transcribed via OpenAI Whisper. Audio recordings contain unfiltered verbal PHI — patient names, conditions, insurance details — sent directly to external API without redaction.

Action Required

Verify OpenAI Whisper BAA explicitly covers audio data. Research real-time audio redaction or on-premise transcription alternatives.

High

Four Vendors Without BAAs

Cloudinary (dental photos including facial images), Swell (patient reviews with health details), Cinnamon (call analytics with conversation content), and Dental Intel (practice analytics with patient data) all process PHI without confirmed Business Associate Agreements.

Action Required

Execute or verify BAAs with all four vendors before any PHI flows are established. If BAAs are unavailable, identify HIPAA-compliant alternatives.

Medium

PHI Surface Area Breadth

The platform spans 6 PHI sources, 8 processing services, and 7 destination categories across 260 dental practices. Daily volume: ~13,000 patient messages and ~65,000 call-minutes. Each integration point is a potential compliance exposure.

Action Required

Implement comprehensive PHI flow monitoring. Add PHI detection to the Kafka event bus with automated alerting for unexpected data exposure.

Medium

PHI Filter as Single Point of Trust

The AI Service PHI Filter uses regex + NER to strip protected health information before prompts reach the Claude API. This is the sole barrier preventing PHI from reaching external LLM services. A single bypass or failure mode could expose patient data.

Action Required

Implement defense-in-depth: evaluate OursPrivacy or Freshpaint as a secondary PHI check. Conduct penetration testing focused on filter bypass scenarios.

PHI Surface Area

Data sources, processing services, and destinations handling protected health information.

6 PHI Sources

High PMS Systems (NexHealth + Sikka)

High Phone Systems (4 vendors)

High Staff Content Capture

Med Patient Communications

Med Review Platforms (Swell)

Med Phone Analytics (3 vendors)

8 Processing Services

Crit AI Service + PHI Filter

High Voice AI Service (Whisper)

High Content Engine

Med Practice Data Hub

Med Communications Service

Med H-Score Engine

Med Event Bus (Kafka/MSK)

Low Compliance & Audit Layer

7 Destinations

High External AI APIs (Claude, Whisper)

High Cloudinary (no BAA)

High Vendors Without BAAs (3)

Med Patient-Facing Messages

Low Executive Dashboards

Low Audit Logs (S3/Glacier)

Low Analytics Data Lake

PHI Data Flow Map

Click any node to expand details. Flows move from sources through processing to destinations.

High Risk

Medium Risk

Low Risk

Critical Control

Critical Path: Phone Systems → Voice AI (Whisper) → Claude API — unfiltered audio with verbal PHI sent to external transcription service.

Sources

Phone Systems High

Peer Logic, RingCentral, 8x8, Weave

Click to expand

PHI Types Call recordings with verbal PHI — patient names, conditions, insurance, appointment details

Volume ~65,000 call-minutes/day across 260 practices

Controls Call recording consent varies by state; no audio redaction pre-transcription

PMS Systems High

NexHealth + Sikka ONE

Click to expand

PHI Types Patient records, DOB, SSN, insurance info, appointments, procedures, clinical notes

Volume 260 practices, continuous sync

Controls API-level authentication; BAA verification needed for both vendors

Staff Content Capture High

Before/after dental photos, facial images

Click to expand

PHI Types Patient facial photographs, dental images, biometric identifiers

Volume Variable per practice; estimated hundreds per day network-wide

Controls Photo consent forms; de-identification pipeline in Content Engine

Patient Communications Med

Twilio / SES — SMS, calls, forms

Click to expand

PHI Types Appointment confirmations, patient-submitted forms, two-way SMS

Volume ~13,000 messages/day

Controls Twilio HIPAA-eligible; message hashing; consent engine

Review Platforms Med

Swell — patient reviews

Click to expand

PHI Types Patient reviews mentioning procedures, conditions, provider names

Volume Moderate; varies by practice

Controls No BAA confirmed — verification required

Phone Analytics Med

Cinnamon, Patient Prism, Dental Intel

Click to expand

PHI Types Call scoring, conversion metrics, patient interaction data

Volume Derived from call volume; aggregate + per-call metrics

Controls Multiple BAA gaps — Cinnamon and Dental Intel unconfirmed

Processing

AI Service + PHI Filter Critical

Strips PHI before LLM calls; Redis mapping for re-association

Click to expand

Function Regex + NER-based PHI detection; token replacement; Redis map for response re-association

Risk Single point of failure — bypass means PHI reaches Claude API

Controls Logging, but no secondary verification layer. Defense-in-depth recommended.

Voice AI Service High

Whisper transcription, real-time call handling

Click to expand

Function Receives raw audio from phone systems, sends to OpenAI Whisper for transcription

Risk Audio contains unfiltered verbal PHI — cannot be pre-filtered like text

Controls BAA verification needed for Whisper covering audio specifically

Content Engine High

Photo processing, de-identification pipeline

Click to expand

Function Processes dental photos and facial images; runs de-identification pipeline

Risk Images route to Cloudinary (no BAA); facial images are biometric identifiers under HIPAA

Controls De-identification pipeline; but Cloudinary storage lacks BAA coverage

Practice Data Hub Med

PostgreSQL Multi-AZ — central patient store

Click to expand

Function Central database for patient records from all 260 practices

Controls AES-256 encryption at rest, row-level security, hosted on AWS (BAA confirmed)

Communications Service Med

Twilio HIPAA — message hashing, consent engine

Click to expand

Function Routes patient SMS, calls, form submissions via Twilio HIPAA-eligible service

Controls Message content hashing, patient consent engine, Twilio BAA available

H-Score Engine Med

Review + call analytics composite scoring

Click to expand

Function Aggregates review and call data into practice health scores

Controls Operates on derived/aggregated data; some patient-level detail present in source feeds

Event Bus (Kafka/MSK) Med

Cross-workstream PHI events, 7–30 day retention

Click to expand

Function Kafka topics carry PHI events between services for real-time processing

Controls AWS MSK (BAA covered); retention 7–30 days; no PHI detection on event payloads currently

Compliance & Audit Layer Low

PHI detection, consent verification, access logging

Click to expand

Function Monitors all PHI access; verifies consent status; maintains audit trail

Controls AWS-hosted logging to S3/Glacier; 7-year retention for HIPAA compliance

Destinations

External AI APIs High

Claude (filtered text) + Whisper (unfiltered audio)

Click to expand

PHI Types Filtered text prompts (Claude); raw audio with verbal PHI (Whisper)

Risk Claude receives filtered text; Whisper receives unfiltered audio. Audio is the primary concern.

BAA Status Anthropic — verify; OpenAI Whisper — verify (must cover audio)

Cloudinary High

Patient dental photos — no BAA

Click to expand

PHI Types Before/after dental photos, facial images (biometric identifiers)

BAA Status No BAA available — HIPAA violation risk for storing patient images

Alternative Consider AWS S3 with server-side image processing, or HIPAA-eligible CDN

Vendors Without BAAs High

Swell, Cinnamon, Dental Intel

Click to expand

PHI Types Patient reviews (Swell), call analytics (Cinnamon), practice metrics (Dental Intel)

BAA Status None confirmed; verification or alternatives required for all three

Patient-Facing Messages Med

SMS & email — appointment confirmations

Click to expand

PHI Types Patient names, appointment dates/times, practice locations

Controls Twilio HIPAA-eligible; minimal PHI in message body; consent engine

Executive Dashboards Low

Power BI, React — aggregated metrics

Click to expand

PHI Types Aggregated/de-identified practice metrics; no individual patient data

Controls Role-based access; data aggregation removes individual PHI

Audit Logs Low

S3/Glacier — 7-year retention

Click to expand

PHI Types Access logs containing user IDs, timestamps, PHI access records

Controls AWS BAA covered; AES-256 encryption; immutable storage; 7-year HIPAA retention

Analytics Data Lake Low

ClickHouse — de-identified data

Click to expand

PHI Types De-identified analytics; no direct patient identifiers

Controls De-identification at ingestion; ClickHouse Cloud BAA to be evaluated

Business Associate Agreement Status

Compliance status for all vendors processing or storing protected health information.

⚠ Vendors Requiring Immediate BAA Action

Cloudinary — Stores patient dental photos (biometric identifiers); no BAA available
Swell — Processes patient reviews with health details; BAA status unverified
Cinnamon — Call analytics with conversation content; BAA status unverified
Dental Intel — Practice analytics with patient data; BAA status unverified

No BAA — Action Required

4 vendors

Vendor	PHI Exposure	BAA Status	Risk	Action Needed
Cloudinary	Patient dental photos, facial images (biometric identifiers)	✗ No BAA	High	Obtain BAA or migrate to HIPAA-compliant image CDN (e.g., AWS S3 + CloudFront)
Swell	Patient reviews mentioning procedures, conditions	✗ No BAA — Verify	High	Contact vendor to verify if BAA is available; evaluate alternatives if not
Cinnamon	Call analytics with conversation content	✗ No BAA — Verify	High	Contact vendor to verify if BAA is available; evaluate alternatives if not
Dental Intel	Practice analytics with patient-level data	✗ No BAA — Verify	Med	Contact vendor to verify if BAA is available; assess PHI exposure scope

Needs Verification

4 vendors

Vendor	PHI Exposure	BAA Status	Risk	Action Needed
OpenAI (Whisper)	Audio transcription — receives raw call recordings with verbal PHI	⚠ Required — Verify	High	Verify BAA explicitly covers audio data, not just text
Anthropic (Claude)	Receives filtered text prompts via PHI Filter	⚠ Required — Verify	Med	Verify enterprise BAA covers filtered text prompt use case
NexHealth	Practice management data — patient records, scheduling	⚠ Required — Verify	Med	Obtain and review BAA terms for data integration use case
Sikka ONE	Practice management data — patient records, procedures	⚠ Required — Verify	Med	Obtain and review BAA terms for data integration use case

Evaluate

2 vendors

Vendor	PHI Exposure	BAA Status	Risk	Action Needed
ClickHouse Cloud	Analytics data lake — de-identified data	⚠ Evaluate	Low	Evaluate BAA availability; low risk given de-identified data
Temporal Cloud	Workflow orchestration — may handle PHI in task payloads	⚠ Evaluate	Low	Evaluate BAA availability; assess whether PHI passes through workflows

Confirmed

4 vendors

Vendor	PHI Exposure	BAA Status	Risk	Notes
AWS	Infrastructure — hosts all core services, databases, storage	✓ Confirmed	Low	Standard AWS BAA covers all HIPAA-eligible services
Twilio	Patient communications — SMS, voice, forms	✓ Confirmed	Low	HIPAA-eligible product; BAA available for enterprise tier
Datadog	Application monitoring — may capture PHI in logs	✓ Confirmed	Low	BAA available; ensure log scrubbing to minimize PHI exposure
Canva	Marketing content creation	N/A	Low	No PHI processed; BAA not required

Prioritized Recommendations

Action items organized by urgency. All items must be resolved before platform build proceeds to production.

Immediate — Before Build

Immediate

Execute BAAs with Cloudinary, Swell, Cinnamon, and Dental Intel before any PHI flows are established. If BAAs are unavailable, identify and migrate to HIPAA-compliant alternatives.

Legal + CTO

Not Started

Verify Anthropic Claude enterprise BAA explicitly covers filtered text prompts generated by the PHI Filter service.

Legal + Engineering

Not Started

Verify OpenAI Whisper BAA explicitly covers audio data containing verbal PHI — not just text-based inputs.

Legal + Engineering

Not Started

Verify NexHealth and Sikka ONE BAAs cover the data integration use case (bidirectional patient record sync across 260 practices).

Legal + Integrations

Not Started

Short-Term — First 90 Days

90 Days

Implement defense-in-depth for the PHI Filter: evaluate OursPrivacy or Freshpaint as a secondary PHI detection layer to eliminate single-point-of-failure risk.

Engineering

Not Started

Research and implement audio redaction for call recordings before transcription — even imperfect redaction reduces exposure surface for Whisper.

Engineering + AI Team

Not Started

Add PHI detection scanning to the Kafka event bus with automated alerting for unexpected PHI in event payloads.

Engineering + DevOps

Not Started

Conduct penetration testing focused specifically on PHI filter bypass scenarios — regex evasion, encoding attacks, prompt injection.

Security Team

Not Started

Ongoing

Continuous

Quarterly BAA compliance audits across all vendors — verify agreements remain current and cover evolving data flows.

Legal + Compliance

Not Started

Monthly PHI filter effectiveness testing with false negative rate tracking — measure how often real PHI passes through undetected.

Engineering + QA

Not Started

Annual third-party HIPAA security assessment covering the full platform including all vendor integrations.

CTO + External Auditor

Not Started

Continuous monitoring via the Compliance & Audit Layer dashboards — PHI access patterns, consent verification, anomaly detection.

DevOps + Compliance

Not Started