Blueprint of AI Agents
for Healthcare
How agents think, use tools, access data, operate inside secure environments, and stay compliant with healthcare rules.
AI Agent
LLM
Memory
Reasoning
Planning
Actions
Observe
Guardrails
Workflow
EHR
Scheduling
Billing
Phone
Documents
Knowledge
Audit Trail
HIPAA
8
Agent Components
3
Compliance Layers
HIPAA
& SOC 2 Aligned
0
Raw PHI in Logs
The Agent Blueprint β Animated
Step through how a HIPAA-aware healthcare agent receives a request, reasons about it, checks compliance, calls tools, and takes action β with a full audit trail.
Environment (VPC Β· IAM Β· Monitoring Β· SOC 2 Controls)
Data (PHI Β· Scheduling Β· Insurance Β· Clinical Docs Β· Knowledge Base)
AI Agent
LLM Stack
Reasoning
Memory
MCP / Tools
Planning (Thought β Evaluate β Select β Execute)
Healthcare Guardrails & Compliance
Output + Audit Trail
Patient request arrives
EnvironmentPatient texts: "I need to reschedule my follow-up with Dr. Smith." β enters via secure channel (VPC, IAM-controlled).
HIPAA-aware patient scheduling scenario Β· 9-step compliance loop
HIPAA Β· PHI Β· SOC 2 Β· BAA
Four compliance pillars every healthcare AI agent must be built around β not added on top, but baked into the architecture.
HIPAA
Health Insurance Portability and Accountability Act
HIPAA sets rules for protecting patient health information when AI agents interact with healthcare systems and workflows. Protects how patient information is accessed, shared, and handled.
Privacy Rule
Controls who can access and share patient information
Security Rule
Requires safeguards for electronic PHI (ePHI)
Minimum Necessary
Agents access only the data needed for the specific task
Agent examples
- βAgent summarizes a referral note after masking identifiers
- βAgent drafts a reminder without exposing diagnosis details
- βAgent accesses only the minimum patient information needed for the task
PHI
Protected Health Information
PHI includes patient information that identifies a person and relates to their care, payment, or health status. Any patient-related information that identifies a person.
PHI includes
β οΈ Before masking
John Smith, DOB 02/14/1978, MRN 445201
β After masking (in logs & memory)
Patient A, DOB XX/XX/XXXX, MRN masked
π‘ Healthcare AI agents must mask PHI in all logs, memory stores, and downstream system calls β not just in user-facing responses.
SOC 2
Service Organization Control 2
SOC 2 confirms strong operational and security controls around systems and data. It focuses on how systems securely manage customer data through controls for security, availability, confidentiality, processing integrity, and privacy.
5 Trust Service Criteria
Security
Protect against unauthorized access
Availability
System operates reliably as promised
Confidentiality
Protect designated confidential data
Privacy
Personal info collected and used properly
Integrity
Processing is complete, accurate, and timely
Agent-specific controls
- βSecure access to integrations (EHR, payer, billing)
- βAudit trails for every agent action
- βRole-based permissions for tool access
- βProtected cloud infrastructure (VPC, encryption)
- βMonitoring and incident response logging
BAA
Business Associate Agreement
A BAA is a legally required HIPAA contract between your clinic (Covered Entity) and any vendor whose AI agent or tool touches, stores, or transmits Protected Health Information on your behalf.
Permitted Uses
Defines exactly what PHI the vendor may access and why
Safeguards Required
Vendor must implement HIPAA-grade technical and admin controls
Breach Notification
Vendor must notify you within 60 days of any PHI breach
Data Disposal
PHI must be destroyed or returned when contract ends
Any vendor that touches PHI needs a BAA
- βAI scheduling or prior auth tools with EHR access
- βChatbots that see patient names, DOB, or appointment info
- βCloud AI inference providers processing clinical notes
- βThird-party audit log or monitoring platforms
β οΈ Operating without a signed BAA when PHI is involved is a HIPAA violation β even if the vendor is well-known or cloud-based.
How Healthcare Agents Stay Safe
Every agent action follows this compliance-first sequence β automatically, on every request.
Receive Request
Patient or staff message enters via secure channel
Identify PHI
Scanner detects patient-identifying information
Apply HIPAA Rules
Minimum necessary data principle checked
Approved Tools Only
Use only pre-vetted, compliant integrations
Limit Data Exposure
Mask PHI in logs, responses, and memory
Log Action
Write tamper-evident SOC 2 audit entry
Human Review
Escalate edge cases and urgent flags to staff
π‘οΈ This sequence applies to every agent action β scheduling, messaging, prior auth, referrals, and more. Non-compliance triggers automatic escalation to human review.
Example: Front Desk Agent in a Clinic
A HIPAA-aware AI agent handles a patient rescheduling request β step by step, compliant at every stage.
Patient asks to reschedule
Texts: 'Can I move my Thursday appointment with Dr. Lee to next week?'
Agent checks scheduling rules
Reads workflow SOP: routine reschedule allowed without physician approval.
Agent reads only required data
Accesses: appointment type, provider, time slot. Does NOT access: diagnosis, medications, insurance.
Agent masks PHI in logs
Log entry: 'Patient A requested reschedule for routine follow-up with Provider B.' β no names, no MRN.
Agent proposes available slots
check_calendar('Dr. Lee', 'next week') β Mon 9 am, Tue 2 pm, Wed 11 am returned.
Staff approval request or direct completion
Routine case β completes booking directly. Urgent symptom detected β escalates to staff for review.
All steps logged to audit trail
SOC 2 audit entry: timestamp, action taken, tools used, data accessed (masked), resolution, agent version.
HIPAA Aware
Every data access follows minimum necessary rules
PHI Limited
Patient identifiers masked in all logs and memory
SOC Aligned
Full audit trail written for every agent action
Human Review
Urgent or edge cases escalate automatically
5-Agent Pipeline in Action
68M Β· sudden onset severe headache β worst of his life Β· neck stiffness Β· photophobia Β· BP 180/110 Β· arrived by EMS
CRITICALOrchestrator
claude-sonnet-4-6 Β· Parses intent β builds 3-phase plan
Triage Agent
Haiku 4.5Standing byβ¦
Thunderclap HA + meningismus + photophobia
β SAH until proven otherwise β CT STAT
Records Agent
Haiku 4.5Standing byβ¦
No prior headache disorder on record
Not on anticoagulants β LP safe if needed
Diagnosis Agent
Sonnet 4.6Standing byβ¦
β SAH 75% β‘ Meningitis 15% β’ HTN emergency 10%
Non-contrast CT β LP if CT negative
Literature Agent
Sonnet 4.6Standing byβ¦
ACR: Non-contrast CT STAT (Grade A)
Ottawa SAH Rule: all 5 criteria met
Compliance Agent
Haiku 4.5Standing byβ¦
0 PHI identifiers in query
SOC 2 audit log written: 14:23:07 UTC
Orchestrator Aggregator
Sonnet 4.6 Β· merges 5 agent outputs β structured response
3.8s
time
5
agents
~2,400
tokens
$0.004
cost
Ready
$ awaiting pipelineβ¦
Other Clinical Agents You Can Build
Drug Interaction
Haiku 4.5SEVERE / MODERATE / MINOR flags + alternatives
Clinical Scribe
Sonnet 4.6Free text β SOAP format + ICD-10 codes
Discharge Summary
Sonnet 4.6Patient-friendly discharge + GP referral letter
Radiology Pre-Auth
Haiku 4.5ACR criteria β APPROPRIATE / NOT_INDICATED
What Clinics Should Ask Before Onboarding
a Third-Party AI Agent or Tool
Before signing any contract or granting EHR access, every clinic should get clear answers to these 11 questions. Tap each question to see why it matters.
Legal & Compliance
3 questions
Data Handling
3 questions
Technical Security
3 questions
Vendor Accountability
2 questions
Legal & Compliance
3 key questions
Data Handling
3 key questions
Technical Security
3 key questions
Vendor Accountability
2 key questions
Use this as a vendor scorecard
Any vendor that cannot answer these questions clearly β or refuses to provide a BAA, SOC 2 report, or audit log documentation β is not ready for a HIPAA-regulated clinical environment. Document all answers before contract execution.
Build AI agents your clinical team can trust
HIPAA compliance, PHI protection, and SOC 2 alignment are not add-ons β they are the foundation of every healthcare AI agent.