Veritas Health

A Layer 7 gate to secure patient data and protect hospitals from HIPAA fines.

Comment

Inspiration

Doctors are drowning in paperwork and are now using AI to save time, but hospitals strictly block LLMs due to severe HIPAA regulations. If doctors are using public AI anyway, copy-pasting patient data into ChatGPT, they are unknowingly risking millions in federal data breach fines. I wanted to build a secure bridge: a tool that gives doctors the seamless AI experience they want, while giving hospital administrators the absolute visibility and control they need, all while maintaining Protected Health Information (PHI) records.

What it does

  • Veritas Health is an enterprise-grade Layer 7 network proxy featuring a dual-persona dashboard.
  • For the Doctor: It provides a clean, distraction-free clinical chatbot to summarize patient notes.
  • For the Admin: It provides a live "Command Center" that monitors network traffic in real-time.
  • When a doctor sends a prompt, Veritas intercepts the data before it leaves the firewall and routes it through Palantir's AIP to instantly scrub all Protected Health Information (PHI).
  • After the LLM summarizes the scrubbed data, our backend intercepts the response and intelligently re-hydrates the real patient names back into the text before the doctor sees it.
  • If high-severity PHI is detected, the platform triggers an automated Twilio phone call to alert the Chief Compliance Officer instantly.

How I built it

  • Built a responsive, multi-view React dashboard using Vite and Tailwind CSS to separate the Doctor and Admin experiences.
  • Developed a custom Node.js/Express server to intercept network traffic, handle the "re-hydration" logic, and manage API routing.
  • Leveraged Palantir Foundry and AIP Logic to build a redaction engine programmed to detect the 18 HIPAA Safe Harbor identifiers.
  • Integrated Groq's LPU infrastructure running Llama 3.1 for lightning-fast, ultra-low-latency medical note summarization.
  • Wired the Node.js backend to the Twilio API to dispatch automated text-to-speech phone alerts.

Challenges I ran into

  • The Llama 3.1 model initially refused to summarize the notes because of its safety filters.
  • Midway through development, the initial LLM model string was deprecated, which forced me to switch to a new model endpoint.
  • Building a proxy that successfully intercepts, modifies, forwards, receives, and re-modifies (re-hydrates) data without crashing the React UI.

Accomplishments that I'm proud of

  • Successfully building a functional proxy and moving away from a standard wrapper app into actual network architecture.
  • Engineering the re-hydration pipeline to provide a personalized summary without ever actually seeing the patient's real name.
  • Implementing the Twilio integration. Having the admin's actual cell phone ring with a robotic warning the exact second a violation is caught makes the project more useful.

What I learned

  • Deepened my understanding of healthcare compliance, specifically the 18 distinct identifiers required by the HIPAA Safe Harbor method.
  • Learned how to construct, prompt, and deploy logic ontologies within Palantir Foundry's enterprise environment.
  • Learned the concept of building middleware in Node.js to act as a buffer between a user and a public AI model.

What's next for Veritas Health

  • Expanding the Palantir ontology to use OCR, allowing the platform to redact PHI from uploaded medical charts and X-ray images.
  • Analyzing the admin audit logs over time to predict which hospital departments are statistically most likely to leak data, allowing for proactive staff training.
  • Building an interface for admins to whitelist specific LLMs (Claude, Gemini, GPT-4) for specific hospital departments.

Built With

Share this project:

Updates