Claude HIPAA compliance is achievable โ€” but it requires deliberate architecture, not just a signed agreement with Anthropic. Healthcare organisations deploying Claude for clinical documentation, patient communication, medical record analysis, or any use case involving protected health information (PHI) must build a compliant infrastructure stack, not just a compliant AI model. This guide covers what HIPAA actually requires for Claude deployments, where Anthropic's responsibility ends and yours begins, and how to build the technical and administrative safeguards that will satisfy an OCR audit.

The short version: Anthropic can sign a Business Associate Agreement (BAA) with you. That's necessary but not sufficient. HIPAA compliance for your Claude deployment is your responsibility โ€” and it encompasses your infrastructure, your applications, your staff training, and your operational procedures, not just your AI vendor's data handling policies.

Key Takeaways

  • Anthropic can execute a BAA for Claude API and Claude Enterprise โ€” required before processing any PHI
  • HIPAA compliance covers three sets of safeguards: technical, physical, and administrative โ€” all three apply to Claude deployments
  • Claude does not store conversation history between sessions by default โ€” but your application infrastructure likely does
  • De-identification before sending PHI to Claude APIs is the highest-assurance approach โ€” anonymise first, analyse second
  • Clinical decision support applications may require FDA oversight separate from HIPAA compliance
  • Our Security & Governance service designs HIPAA-compliant Claude architectures

HIPAA Basics Applied to Claude Deployments

HIPAA applies to covered entities โ€” healthcare providers, health plans, and healthcare clearinghouses โ€” and their business associates, which includes any vendor that handles PHI on their behalf. If your organisation is a covered entity and you send PHI to Claude, Anthropic becomes a business associate and must sign a BAA before you process any PHI through Claude's services.

PHI is any individually identifiable health information โ€” names, dates, geographic data, contact information, account numbers, biometric data, or any other information that could reasonably identify a patient when combined with health information. It's broader than most people assume. A CSV of patient visit dates with ZIP codes and diagnoses is PHI. A conversation log where a user asks Claude "summarise the records for John Smith, DOB 1/15/1965" is PHI. Design your Claude applications with PHI identification in mind from the start.

HIPAA's safeguard requirements divide into three categories: technical safeguards (access controls, audit controls, integrity controls, transmission security), physical safeguards (facility access controls, workstation security), and administrative safeguards (security management, assigned security responsibility, workforce training, contingency planning). All three apply to your Claude deployment, not just the technical components.

Anthropic's BAA and What It Covers

Anthropic executes Business Associate Agreements for customers using Claude Enterprise and the Claude API in healthcare applications. The BAA defines Anthropic's obligations as a business associate: implementing appropriate safeguards to protect PHI, reporting breaches, ensuring subcontractors also have BAAs, and returning or destroying PHI when the relationship ends.

What the BAA does and doesn't cover matters precisely. Anthropic's BAA covers the Claude API infrastructure โ€” the systems that receive and process your API requests. It does not cover your application code, your database, your logging infrastructure, or any other component you build and operate yourself. If your application receives PHI from a user, processes it, stores it in your database, sends it to Claude, stores Claude's response, and presents it in a UI โ€” all of those components except the Claude API itself are your responsibility.

Critical: Get the BAA Before You Process PHI

Using Claude to process PHI without a signed BAA is a HIPAA violation, regardless of whether Anthropic is technically capable of signing one. Establish the BAA before you build the application, not after you've already deployed it. This is not a retroactive process.

For Claude accessed through AWS Bedrock or Google Cloud Vertex AI, the BAA structure is different โ€” you execute a BAA with the cloud provider, not directly with Anthropic. AWS and Google have established BAA frameworks for their healthcare customers. Your legal and procurement teams should confirm which BAA structure applies to your specific deployment path and that it covers Claude specifically as a service running on that cloud platform.

Technical Safeguards for Claude Healthcare Deployments

HIPAA's technical safeguards require: access controls that allow only authorised users to access systems containing PHI, audit controls that record and examine activity in systems containing PHI, integrity controls that protect PHI from improper alteration or destruction, and transmission security that protects PHI transmitted over networks.

Access Controls

Every user who accesses a Claude application processing PHI must be uniquely identified and authenticated. Shared accounts are not permitted. Role-based access control should limit what PHI each user can access โ€” a nurse who needs Claude to help document patient notes shouldn't have access to the billing records that the finance team uses Claude to process. Implement automatic logout for idle sessions and require multi-factor authentication for any application that processes PHI.

For Claude API access, your application should authenticate users through your identity provider before granting access to Claude functionality. API keys for the Claude API itself should be stored in secrets management (AWS Secrets Manager, HashiCorp Vault, Azure Key Vault) โ€” not in environment variables or code repositories. Rotate API keys on a schedule or when team members who knew them leave the organisation.

Audit Controls

HIPAA requires hardware, software, and procedural mechanisms that record and examine activity in systems that contain or use ePHI. For Claude applications, this means logging every interaction that involves PHI with enough detail to reconstruct what happened during an incident investigation. See our detailed guide on Claude audit logging for enterprise for implementation specifics. For HIPAA purposes, retention is typically 6 years for documentation of policies and procedures and actions taken under them.

Transmission Security

All communication between your application and the Claude API must use TLS 1.2 or higher. Anthropic's API endpoints enforce TLS. Your internal communication โ€” between your application servers, databases, and any other components โ€” must also use encrypted channels. Don't send PHI over internal networks without encryption just because they're inside your perimeter.

The De-Identification Architecture: Highest Assurance Approach

The highest-assurance approach to using Claude with healthcare data is to de-identify before processing. Send Claude de-identified data, get Claude's analysis, then re-identify the output if needed for presentation. This approach eliminates or substantially reduces your HIPAA exposure for the Claude interaction itself โ€” de-identified data is not PHI, so HIPAA doesn't apply to it.

HIPAA defines two methods for de-identification: Safe Harbor (removing all 18 specified identifiers) and Expert Determination (a qualified expert determines the data is sufficiently de-identified). Safe Harbor is simpler but more aggressive โ€” removing names, dates more specific than year, geographic subdivisions smaller than a state, and many other fields can significantly limit the analytical value of the data. Expert Determination allows more data to be retained but requires documented statistical analysis.

For many clinical NLP use cases โ€” document summarisation, clinical note analysis, medication reconciliation assistance โ€” Safe Harbor de-identification can be applied before sending to Claude while preserving the clinically relevant content. A clinical note that says "62-year-old female with Type 2 diabetes and HTN, presenting with chest pain" loses its PHI designation when the identifiers are removed, but the clinical information Claude needs to assist with summarisation or coding is preserved.

Build your de-identification pipeline as a preprocessing step. Maintain a secure mapping from the de-identified records back to patient identifiers if re-identification is needed, and protect that mapping with the same controls as PHI itself. This architecture is worth the engineering investment โ€” it significantly simplifies your compliance posture for the Claude integration.

Build Your HIPAA-Compliant Claude Architecture

We design healthcare AI deployments with BAA frameworks, de-identification pipelines, audit infrastructure, and documented compliance evidence for OCR review.

Book a Healthcare AI Consultation โ†’

Claude Use Cases in HIPAA-Regulated Environments

Healthcare organisations are deploying Claude across a wide range of clinical and administrative functions. The regulatory treatment differs significantly between use cases โ€” some are straightforward, others carry additional regulatory layers beyond HIPAA.

Clinical Documentation Assistance

Using Claude to assist clinicians with drafting, summarising, or structuring clinical notes is one of the most common healthcare AI use cases. Over 50% of Claude Code usage at Epic is by non-developer roles, reflecting how broadly clinical teams are adopting AI assistance. For documentation assistance, the PHI handling requirements are clear: BAA in place, access controls by role, audit logging, and transmission security. The clinical workflow decision (whether to accept Claude's suggested documentation) remains with the clinician.

Medical Record Analysis

Using Claude to analyse longitudinal records, identify patterns, or surface relevant history for clinical decision-making involves large volumes of PHI and typically requires more sophisticated access control and audit architecture. De-identification before analysis is particularly valuable here when the specific analysis task permits it. Where PHI must be retained for the analysis to be clinically valid, ensure your audit architecture can reconstruct exactly what data was processed and what outputs were produced.

Clinical Decision Support

When Claude's outputs influence clinical decisions about patient diagnosis or treatment, you may be building a clinical decision support (CDS) tool subject to FDA oversight. The FDA's guidance on software as a medical device (SaMD) and clinical decision support software is complex โ€” the key question is whether the software's purpose is to replace clinical judgement or support it. If Claude is surfacing information that a clinician then uses to make a decision, that's generally outside FDA oversight. If Claude is making autonomous recommendations that clinicians are expected to follow without independent clinical judgement, FDA oversight is more likely to apply. Get regulatory counsel involved early for any clinical AI application.

Administrative and Revenue Cycle Applications

Using Claude for prior authorisation drafting, coding assistance, claims analysis, or patient communication (appointment reminders, billing inquiries) involves PHI but is generally further from FDA oversight territory. These use cases have clear value propositions and relatively straightforward HIPAA compliance requirements. They're often the right starting point for healthcare organisations new to Claude โ€” clear ROI, manageable compliance complexity, real operational impact.

Administrative Safeguards: Policies, Training, and Incident Response

HIPAA's administrative safeguards require a security management process, assigned security responsibility, information access management, workforce training and management, and contingency planning. These apply to your Claude deployment as part of your broader information security programme โ€” you don't create a separate HIPAA programme for Claude, you incorporate Claude into your existing programme.

Workforce Training

Every staff member who accesses a Claude application processing PHI must receive HIPAA training appropriate to their role. This should cover: what PHI is and how to recognise it, the permitted uses of the Claude application, what to do if they suspect a breach, and the specific rules for their role (for example, that clinical staff should not enter PHI into Claude applications that haven't been approved for PHI processing). Document this training and retain records โ€” training documentation is routinely requested in OCR investigations.

Breach Response Planning

HIPAA's Breach Notification Rule requires covered entities to notify affected individuals, the Secretary of HHS, and sometimes the media within 60 days of discovering a breach. Business associates must notify the covered entity within 60 days of discovering a breach involving PHI. Your incident response plan for Claude deployments should include specific procedures for: detecting and investigating a potential breach, determining whether a breach occurred, and triggering the notification process if required. This plan should be tested annually โ€” not just documented.

Vendor Management Beyond Anthropic

Your Claude deployment likely involves multiple vendors beyond Anthropic. If your application logs run through a logging service (Datadog, Splunk, CloudWatch), and those logs may contain PHI, those vendors also need BAAs. If you use cloud services (AWS, Azure, GCP) to host your application, ensure your BAA with the cloud provider covers your Claude application's infrastructure. Map every data flow from PHI source to final storage, and ensure every vendor that touches PHI in that chain has a BAA.

HIPAA Compliance Checklist for Claude Deployments

Use this as a starting point โ€” not a complete substitute for legal review and risk assessment:

  • Execute BAA with Anthropic (or relevant cloud provider) before processing PHI
  • Map all PHI data flows through the Claude application
  • Execute BAAs with all other vendors in the PHI data flow
  • Implement unique user identification and MFA for all PHI system access
  • Implement role-based access controls appropriate to job functions
  • Configure audit logging for all PHI interactions with Claude
  • Set log retention to minimum 6 years for HIPAA documentation
  • Implement TLS for all data transmission
  • Document and test automatic logout procedures
  • Evaluate de-identification approach for high-PHI use cases
  • Conduct HIPAA training for all users of the Claude application
  • Develop and test breach incident response procedures
  • Assess FDA regulatory status for clinical decision support applications
  • Conduct annual risk assessment incorporating Claude deployment
  • Review and update policies to reference Claude applications

Related Articles

Healthcare

Claude for Healthcare

Clinical documentation, research assistance, and healthcare workflow automation with Claude.

 Security

Claude Audit Logging Guide

Complete implementation guide for HIPAA-compliant audit logging of Claude interactions.

 Security

Claude AI Safety Guide

Constitutional AI, guardrail architecture, and responsible deployment for enterprise.

 Compliance

Claude for Regulated Industries

Financial services, healthcare, and government deployment considerations.
๐Ÿฅ

ClaudeImplementation Team

Claude Certified Architects with healthcare AI deployments across health systems, payers, and life sciences. About us โ†’