How PHI Is Scrubbed

All PHI scrubbing happens automatically on your device before any data is sent to the AI. You do not need to configure anything — it works out of the box every time you use the extension.

What Gets Scrubbed

• Patient names — detected using frequency-based analysis and pattern matching
• Ages — all ages removed (not just 89+)
• Contact information — email addresses, phone numbers in all formats
• Identifiers — Social Security numbers, medical record numbers, Medicare/Medicaid numbers, patient IDs
• Addresses — street addresses, PO boxes, city/state/ZIP combinations
• Dates — dates of birth, visit dates, and other date formats
• Current field values — replaced with “(has content - not shown for privacy)“

How Name Detection Works

Names are detected using a two-pass approach:

1. High-confidence patterns are scrubbed immediately without frequency checks. These include names paired with credentials (e.g., “Jane Smith, PT”), names with patient IDs (e.g., “John Doe (290)”), and names in form fields.

2. Frequency-based detection identifies names that appear three or more times in the document. Patient names typically repeat throughout clinical documentation, while medical terms like “Heart Rate” or “Blood Pressure” appear only once or twice.

Medical Terms Are Preserved

A whitelist of over 90 common medical terms ensures that clinical language passes through to the AI. Terms like “Range of Motion,” “Weight Bearing,” and “Blood Pressure” are never mistakenly scrubbed.

What the AI Receives Instead

After scrubbing, the AI sees field labels, field types, section headers, dropdown options, and whether a field is empty or filled — but never the actual patient-identifying content. This gives the AI enough context to generate accurate notes without ever accessing PHI.