HIPAA Compliance

HIPAA-compliant
workforce monitoring

For hospitals, clinics, and health tech companies

Deploy Digisight in healthcare environments without risk. Protected Health Information is automatically stripped at the ingest layer — before it reaches our database — for 35+ EHR and clinical applications. BAA included at no extra cost.

35+

PHI apps protected

BAA

included free

PHI stored ever

Start free trial View pricing

Live Activity — HIPAA mode activePHI Protected

VS Codedashboard.tsx — src

Epic Systems[PHI filtered]PHI

Chromejira.atlassian.com — Sprint 12

Cerner PowerChart[PHI filtered]PHI

Slack#engineering · 3 messages

✓ 5 records ingested · 2 PHI records stripped · windowTitle + url = null for Epic, Cerner

Security & compliance standards

HIPAA

Health data privacy

SOC 2 Type II

Infrastructure security

TLS 1.3

Encrypted in transit

AES-256

Encrypted at rest

How HIPAA mode works

Four steps from zero to fully HIPAA-compliant deployment.

Accept the BAA

An admin reviews and accepts the Business Associate Agreement directly in the Settings page. Recorded with name, timestamp, and user ID.

Enable HIPAA mode

A single toggle activates HIPAA mode for your entire organization. All subsequently ingested data is subject to PHI filtering immediately.

Automatic PHI stripping

At the ingest layer, any activity record from a known EHR or healthcare app has its window title and URL suppressed before it touches the database.

Visibility without PHI

You still see app name, duration, and productivity categorization. You just never see the patient-specific window content.

In-product BAA

Accept BAA right in your dashboard

No procurement back-and-forth. Your admin reviews the full Business Associate Agreement directly in the Settings page, checks the acceptance box, and HIPAA mode unlocks immediately. The acceptance is recorded with name, timestamp, and user ID for your records.

Full BAA text viewable in-product
Acceptance recorded with timestamp + actor
HIPAA mode unlocks immediately on acceptance
Can be re-reviewed at any time

Settings → HIPAA Compliance

BAA Accepted

Accepted by Dr. Sarah Kim · March 28, 2026

✓ Valid

HIPAA mode

PHI stripped at ingest layer

Block PHI app window titles

Epic, Cerner, Cerner + 30 others

Block screenshots for PHI apps

No screenshots when EHR is focused

PHI filtering applied server-side. Data is never written to the database.

35+ healthcare apps auto-detected

PHI filtering is applied automatically to all recognised EHR, EMR, pharmacy, and clinical apps. No manual configuration needed for the apps below.

Epic SystemsCerner PowerChartAllscriptsMeditechPointClickCareAthenahealthNextGeneClinicalWorksPractice FusionGreenwayNetsmartPyxisOmnicellDrChronoKareoWebPTAdvancedMDAzaleaHealthNThriveMedispan+ more EHR/EMR

Custom PHI patterns can be added via the App Classification Rules section in Settings.

Security guarantees

HIPAA compliance is built into every layer — not bolted on after the fact.

PHI never stored

Window titles and URLs from EHR/EMR apps are set to null before any database write. The data simply does not exist in our system.

TLS 1.3 + AES-256

All data is encrypted in transit and at rest. Our infrastructure is hosted in SOC 2-certified data centres.

BAA included

A Business Associate Agreement is provided at no extra cost and accepted in-product. No procurement paperwork to exchange.

Audit logs

Every admin action — enabling HIPAA mode, changing settings, exporting data — is logged with timestamp and actor identity.

Minimum necessary

Digisight collects the minimum data needed for workforce analytics. No keystroke logging, no clipboard access, no app content.

Breach notification

Contractual commitment to notify your organisation within 60 days of discovery of any breach of unsecured PHI.

Deploy in your healthcare org today

14-day free trial. Full HIPAA mode available from day one. BAA included. No card required.

Start free trial See compliance features

HIPAA-compliantworkforce monitoring