Security & Compliance

HIPAA Compliance

BillAudit AI is built from the ground up to protect Protected Health Information (PHI). We are fully HIPAA-compliant and utilize Microsoft Azure’s HIPAA-compliant cloud infrastructure to process all data. Our systems adhere to the HIPAA Security Rule and Privacy Rule requirements for technical, physical, and administrative safeguards.

Data Deletion & Retention

Your privacy is our priority. Unlike other AI services, we do not store your medical bills indefinitely.

• Immediate Deletion: Your original uploaded medical bill file is automatically and permanently deleted from our servers immediately after the audit processing is complete.
• In-Memory Processing: Whenever possible, files are processed in secure memory environments and are never written to long-term disk storage during extraction.
• Zero Data Training: We use Enterprise-grade AI models (Google Gemini via API) that are strictly prohibited from using your data to train their models.

Encryption Standards

We use industry-leading encryption to protect your data at every stage:

• In Transit: All data sent to or from our servers is encrypted using TLS 1.2 or higher.
• At Rest: Any temporary data stored during the 60-second processing window is encrypted using 256-bit AES encryption, the same standard used by banks and government agencies.

Responsible AI

Our AI is designed to augment human decision-making, not replace it. We provide the citations and reasoning behind every flagged error so you can verify the results yourself. We continuously audit our algorithms for accuracy and fairness.

Contact Security

Have questions about our security practices? Contact our security team at thankyou.billauditai@gmail.com.