Sensitive-data detection. Healthcare first, every regulated vertical next.
Real-time scanning for patient names, MRNs, SSNs, and 18+ types of PHI using a layered cascade of detection engines. The same engine also detects PII, PCI, and government-classified data via configurable patterns and custom recognizers.
See PHI Detection in Action
Try our interactive demo to see how Three Gates detects and tokenizes Protected Health Information
PHI Detected & Tokenized
3 entities found: PERSON (2), PHONE_NUMBER (1)
Can you help me draft an email to [PERSON_1] about their recent appointment? Their callback number is [PHONE_1].
I've prepared a professional follow-up email template:
Subject: Follow-up on Recent Appointment
Dear [PERSON_1],
Thank you for visiting our office. If you have any questions or need to schedule a follow-up, please don't hesitate to contact us at your convenience.
We'll reach out to [PERSON_1] as requested.
18+ Types of PHI Detected
Comprehensive coverage of HIPAA-defined Protected Health Information
Patient Names
Full names of individuals in medical records
Medical Record Numbers
MRNs and hospital patient identifiers
Social Security Numbers
SSNs in any format (XXX-XX-XXXX)
Dates
Birthdates, admission dates, procedure dates
Addresses
Street addresses, cities, ZIP codes
Phone Numbers
Any phone number format
Email Addresses
Personal and business email addresses
Account Numbers
Insurance policy numbers, account IDs
Why Three Gates PHI Detection
Context-Aware Detection
Multiple detection approaches understand context to reduce false positives and accurately identify PHI in unstructured text.
Confidence Scoring
Every detection includes a confidence score (0.0-1.0) so you can tune sensitivity and decide how to handle borderline cases.
Custom Detection Rules
Add organization-specific rules for custom identifiers, internal codes, or proprietary data formats.
Real-Time Scanning
PHI detection runs automatically on every AI request with <100ms latency. No manual review required.
How PHI Detection Works
Automatic Scanning
Every AI request is automatically scanned for PHI before processing. No configuration required; it's always on.
Entity Recognition
Multiple detection approaches identify PHI entities with confidence scores and entity types.
Policy Enforcement
Detected PHI triggers configured policies: warn users, block requests, or tokenize content automatically.
Audit Logging
All PHI detections logged with timestamps, entity types, confidence scores, and user context for compliance audits.