Assistant chat UI
Familiar chat interface for clinicians, ops staff, lawyers, anyone on your team. Same model lineup as the API; same per-org rate limits and credit accounting.
The governed AI workspace
for regulated chat and documents.
HASP gives your whole team — clinicians, ops, compliance — a familiar chat interface and document analysis tool they can actually use on patient records. Every message scanned for PHI, every action logged to a signed audit chain, under a BAA you countersign in-app.
HASP AssistantHIPAA
Before HASP
ChatGPT works.
The liability doesn't.
- No BAA by default — standard ChatGPT has no covered-entity agreement in place
- No audit trail — you can't prove what was asked or answered
- No org controls — any staff member can paste anything
- No per-tenant document isolation — your files share an index with all other users
With HASP
Same familiar chat.
Actually compliant.
- BAA included — real PHI permitted the moment your org countersigns
- Every turn signed and chained — hand exports to your auditor
- Org-level model allowlists and prompt templates enforced at the gateway — see the full model catalog
- Per-org vector index — documents never leave your isolated tenant
Document library
Any document.
Instantly queryable.
Upload a PDF, a DOCX, a transcript to your team's document library. HASP extracts the text, runs PHI scanning before any embedding happens, and indexes it into your per-org vector index. Once indexed, any team member can query it by name from chat.
- PHI scanned before embedding — entity detection runs on extracted text before it touches the vector index
- Per-org isolation — documents live in your tenant's dedicated data plane, not a shared index
- Ingestion itself is audited — every upload, every chunk, every retrieval logged to your signed audit chain
- Formats supported — PDF, DOCX, plain text, Markdown, most code formats
UploadPDF · DOCX · TXTdischarge-notes.pdf
PHI Scan18 HIPAA categories3 entities redacted in logs
Embedper-org vector index47 chunks indexed
ReadyQuery in chat47 pages · 12 KB
Use cases
What your team does
on day one
Clinical teams
Nurses and physicians query discharge summaries, referral packets, and clinical notes without copy-pasting into a consumer AI tool. Ask in plain language. Get structured answers. Every query logged — including what PHI was in the prompt.
"Summarize the post-op care plan from Tuesday's consult"
Operations & admin
Prior-auth teams, billing, and coordinators upload policy documents, payer contracts, and denial letters. Then query them — "What's the coverage criteria for CPT 27447 under Plan X?" — instead of searching 80-page PDFs manually.
"What does the United contract say about home health authorizations?"
Compliance & audit prep
Compliance officers chat with HASP about specific incidents, generate summaries of access patterns, and pull the signed audit chain for any time window. Then hand the plain-JSON export to auditors who verify it on their own machine.
"Which staff accessed the March intake records last week?"
Everything in Assistant
Document upload + RAG
Drop PDFs, DOCX, plain text, transcripts. Ingestion runs PHI scanning + embedding into your per-org vector index. Retrieval happens inside your tenant.
PHI scanning before every prompt
Inbound text is scanned inside your environment for HIPAA Safe Harbor identifiers, with healthcare-specific recognizers tuned for clinical language. Your org chooses what happens on detection — allow under BAA, redact pre-model, or block — and every decision lands on the audit chain. The pipeline is HASP-owned, not rented from a third-party gateway.
Conversation history per user
Threads scoped to the user, accessible to admins for audit, exportable to the signed audit chain. Nothing trains any model — yours, your provider's, or anyone else's.
Slash commands and prompt templates
Org-published prompt templates for repeat workflows (intake → summary, denial → appeal). Templates themselves get scanned and audited.
Model selection with allowlists
Pin allowed model IDs per organization — including limiting to only models covered by your inherited BAA chain. Enforcement at the Gateway, not in client code.
Why this surface, on this platform
- Multi-model, no lock-in. Switch between BAA-covered inference providers per chat — and when one has an outage, your team keeps working on another.
- BAA up front, every model on your allowlist. Real PHI permitted from the moment your org countersigns — the BAA chain covers every model you've allowed, not just one provider.
- Nothing trains on your data. Zero-retention agreements with every provider mean your conversations, uploads, and PHI never become training data — yours, theirs, or anyone's.
FAQ
All supported models are covered by the BAA — see the full model catalog for the current list, credit multipliers, and default-on vs admin-opt-in status. Higher-tier models are OFF by default at every tier; admins opt-in per org. Token allotments are denominated in standard-model-equivalent units, with lighter models consuming less and higher-tier models consuming more.
PDF, DOCX, plain text, Markdown, and most code formats. Two upload modes: inline context — documents are passed directly to the model in the conversation (best when you want the model to reason over specific files right now); knowledge base — documents are chunked, embedded into your per-org vector index, and retrieved on demand across future conversations (best for building a persistent, searchable library your team keeps adding to). PHI scanning runs on extracted text in both modes before anything leaves your tenant.
Per-tenant, encrypted at rest and in transit, isolated from other organizations. Solo, Professional, and Business orgs share a multi-tenant data plane with row-level isolation; Enterprise orgs get a dedicated per-org data plane with no shared cluster. Admins can export or delete history via the admin UI; the deletion event itself is logged to the audit chain.
Yes, on every tier. HASP includes governed web retrieval — the AI can search the web and fetch page content when it needs current or external information. Two independent PHI scans protect every search query before it leaves HASP: one on the full conversation context before inference, and a second on the exact query string the model constructs — catching any PHI the model might assemble into a tool argument even after the first scan ran. PHI never reaches web search providers. Retrieval results are injected into the model's context and cited in responses; citations persist with the conversation so you can verify sources after the fact. Org admins can disable web search entirely if they prefer the model to draw only from their own knowledge base.
Web search uses 5 credits per search and web fetch uses 2 credits, plus normal credit usage for the content retrieved and added to context. A typical search costs around 6–10 credits total — a small fraction of any plan's included allotment.
The other product surfaces
Same compliance layer, same BAA, same audit chain across every surface. Assistant + Studio ship on the Platform plan for teams. Public API + Agent SDK ship on the separate API plan for developers building regulated AI into their own software. Orgs can hold one plan or both.
AI Studio
Describe the internal tool you need and watch it build live. No developers required — AI Studio generates a working app inside HASP, audited from the first keystroke.
View AI Studio →API
Add HIPAA-compliant AI to your own software. Drop in your existing AI SDK code, get PHI controls and a full audit trail enforced at the gateway — your integration stays clean.
View API →Agent SDK
Connect external agents, automation pipelines, and A2A-protocol clients to HASP's policy gate. Every tool invocation is authorized, identity-scoped, and recorded to the signed audit chain — whether the caller is a human, a Studio app, or a fully autonomous agent.
View Agent SDK →Audit & Trust
A tamper-evident record of every action across every surface — signed, chained, and independently verifiable. The thing procurement teams stop scrolling for.
View Audit & Trust →Try chat & documents on Free Evaluation.
Evaluate every product surface across both plans (Assistant + Studio + Public API + Agent SDK) against non-production data until you convert. See the pricing page for current evaluation limits. Real PHI waits for an in-app countersigned BAA — same safeguards as production traffic.