Solutions
Healthcare — RAG that respects your Business Associate Agreement.
Health Insurance Portability and Accountability Act (HIPAA) aware. Protected Health Information never leaves your environment. Every answer cited.
Clinical reference research, claims-coding workflows, internal policy Q&A, and clinical-summary drafting — running over the chart documents, clinical references, and policy manuals you already maintain, with the access controls your care teams enforce.
The regime
Healthcare data is governed by the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), state health-data laws, and — for federally funded programs — the Federal Risk and Authorization Management Program (FedRAMP) trajectory. Protected Health Information (PHI) flowing through a third-party generative model Application Programming Interface (API) is the bright line most legal departments will not cross.
Citorum runs inside your perimeter — on-premises in the hospital data center, in a customer-owned Virtual Private Cloud (VPC), or as a Citorum-managed dedicated tenant with documented privileged-access controls. The deployment supports the controls a Business Associate is expected to operate: per-tenant isolation, encryption at rest with keys held in your Key Management Service (KMS), audit lineage for every retrieval and response, and access controls that scope documents by patient relationship, care team, reviewer role, and the minimum-necessary rule.
Workflows
Four workflows for healthcare teams
Discovery & Research
Clinical reference research across institutional knowledge bases, society guidelines, payer policies, and case-history archives. Faceted filters on specialty, document type, care-team relationship, and date range. The model produces a research summary; the citations are what the clinician or coder actually clicks through to read.
Compliance Q&A
Health Insurance Portability and Accountability Act (HIPAA) policy Q&A, billing-and-coding rules Q&A, retention-schedule lookups, and payer-policy interpretation — with citations to the policy section that supports the answer. Adjudication labels route uncertain answers to a compliance officer before they enter the chart or claims file.
Drafting & Summarization
Clinical-summary drafts from chart documents, claims-narrative drafts from coding logs, prior-authorization letter drafts grounded in payer policy — every factual claim traceable to a source span. The reviewing clinician sees what was cited and what was not, so editing is targeted not exhaustive.
Knowledge Q&A
Institutional knowledge across protocols, formularies, payer policies, and care-team standards — without surfacing documents outside the requesting user's minimum-necessary scope. Faithfulness labels surface when the corpus did not actually support the answer; a clinician never receives an unverified response as authoritative.
What changes for healthcare
The platform is the same; the configuration is care-team-shaped.
Connectors target the document systems healthcare organizations actually run: Electronic Health Record (EHR) document repositories (Epic, Cerner, MEDITECH), SharePoint clinical sites, network drives holding payer policies and internal protocols, and Picture Archiving and Communication Systems (PACS) for image metadata. Health Level Seven (HL7) and Fast Healthcare Interoperability Resources (FHIR) feeds connect structured records where workflows need them; document chunks are linked back to FHIR resources for cross-reference.
Identity integrates with the organization's Identity Provider (IdP) — typically Okta, Microsoft Entra ID, or an on-premises Active Directory federation — so clinician, nurse, coder, and compliance-officer roles flow through unchanged. Access controls enforce the minimum-necessary rule at retrieval time: a coding analyst sees claims and policy documents; an attending physician sees chart documents within their care relationship; a compliance officer sees the policy corpus and the audit trail.
The audit log records every retrieval, prompt, response, and faithfulness score with seven-year default retention — long enough to exceed the six-year Health Insurance Portability and Accountability Act (HIPAA) requirement, configurable for state laws that mandate longer holds. Deployment is on-premises or in a customer-managed Virtual Private Cloud (VPC) that operates under your existing Business Associate Agreement (BAA) with the hosting cloud provider. No Protected Health Information (PHI), prompts, or model outputs cross the organization's perimeter in the default configuration.
Run a pilot in a single specialty.
Most organizations start with one clinical service line or one administrative function and one document source. We scope, deploy, and have the care team running searches in weeks, not quarters.