HIPAA Considerations for LLMs
Routing protected health information (PHI) through an LLM gateway is doable, but the controls have to be explicit. This recipe covers the three layers Meridian customers wire up when their workload touches PHI: provider selection, payload redaction, and audit log retention. None of this is legal advice — consult your privacy officer.
1. Pin to a BAA-eligible provider
HIPAA requires a Business Associate Agreement (BAA) with any vendor handling PHI on your behalf. Not every model on Meridian is BAA-covered. Use thex-meridian-complianceheader to constrain routing to the providers your organization has a BAA with (typically Azure OpenAI under your Microsoft BAA, or AWS Bedrock under your AWS BAA). Requests that cannot satisfy the constraint return 403 rather than silently spilling to a non-covered backend.
2. Redact at the edge
Meridian ships an optional pre-flight redactor that strips the 18 HIPAA Safe Harbor identifiers before the prompt leaves your VPC. Enable it per-key in the dashboard. The redactor replaces matches with stable opaque tokens so the model still has referential structure to reason about, but the cleartext never reaches the upstream provider or the audit log.
3. Audit log retention
HIPAA requires audit logs of disclosures for six years. Meridian writes structured JSONL logs to your own S3 or Azure Blob bucket — we never retain PHI on our infrastructure beyond the request lifetime. Configure the destination with the snippet below and the gateway will rotate hourly and seal each object with a customer-managed KMS key.
# meridian.config.toml [audit] sink = "s3" bucket = "acme-meridian-audit" region = "us-east-1" kms_key_arn = "arn:aws:kms:us-east-1:1234:key/abcd" retention_days = 2200 # ~6 years [compliance] require_baa = true redact_phi = true block_on_redactor_error = true
Need a signed BAA with Meridian itself? Email compliance@getnimbus.net with your covered-entity name and we will counter-sign within two business days.