• Home
  • How it Works
    • 3 Easy Steps
    • PAC DB™ - the AI Engine
    • CPV™ - the Feedback Loop
  • MyChart™ Integration
    • Plain Language Summaries
    • Secure Technology
    • Epic SMART on FHIR
  • Solutions
    • Equity in Care
    • Benefits for Healthcare
    • CMS Impact & Star Ratings
  • About
    • CCAI Systems
    • AI Doesn't Care
    • Hosting, HIPAA & PHI Data
    • Privacy
    • Security
    • Contact Us
  • Resources
    • Research & Evidence
    • FAQ for Patients
    • FAQ for Providers (PX)
    • FAQ for Providers (IT)
    • FAQ for Investors
    • Glossary
  • More
    • Home
    • How it Works
      • 3 Easy Steps
      • PAC DB™ - the AI Engine
      • CPV™ - the Feedback Loop
    • MyChart™ Integration
      • Plain Language Summaries
      • Secure Technology
      • Epic SMART on FHIR
    • Solutions
      • Equity in Care
      • Benefits for Healthcare
      • CMS Impact & Star Ratings
    • About
      • CCAI Systems
      • AI Doesn't Care
      • Hosting, HIPAA & PHI Data
      • Privacy
      • Security
      • Contact Us
    • Resources
      • Research & Evidence
      • FAQ for Patients
      • FAQ for Providers (PX)
      • FAQ for Providers (IT)
      • FAQ for Investors
      • Glossary
  • Home
  • How it Works
    • 3 Easy Steps
    • PAC DB™ - the AI Engine
    • CPV™ - the Feedback Loop
  • MyChart™ Integration
    • Plain Language Summaries
    • Secure Technology
    • Epic SMART on FHIR
  • Solutions
    • Equity in Care
    • Benefits for Healthcare
    • CMS Impact & Star Ratings
  • About
    • CCAI Systems
    • AI Doesn't Care
    • Hosting, HIPAA & PHI Data
    • Privacy
    • Security
    • Contact Us
  • Resources
    • Research & Evidence
    • FAQ for Patients
    • FAQ for Providers (PX)
    • FAQ for Providers (IT)
    • FAQ for Investors
    • Glossary

Hosting, HIPAA Compliance & PHI Handling.

Secure, Compliant Infrastructure.

ClearChart.AI is built from the ground up for healthcare-grade privacy, security, and operational integrity. The platform operates in a HIPAA-compliant cloud environment, with strict safeguards for how data is accessed, used, and retained. No Protected Health Information (PHI) is stored or used for training. Data is accessed temporarily—only when needed—and under tightly controlled conditions aligned with Epic's SMART on FHIR standards.

Built on Epic Standards.

  • HIPAA-Compliant Hosting
    ClearChart.AI is hosted in a secure, cloud-based infrastructure that complies fully with HIPAA, using encryption for data in transit and at rest, and hardened to enterprise-grade security standards. See more on HIPAA on our Privacy page
     
  • OAuth2-Based Access Control
    All patient access is governed by OAuth2 authentication and SMART on FHIR scopes. Only the minimum data needed is accessed, and only with explicit session authorization.
     
  • No PHI Retention or Training Use
    ClearChart.AI never stores PHI after session access. The AI model is not trained on patient data—ensuring privacy, reducing regulatory risk, and supporting safe scalability.
     
  • Ephemeral Access Sessions
    All data interactions are session-bound. Once a patient views their summary, the session closes, and access is revoked. No caching, reuse, or background data retention occurs.

Data Handling Philosophy.

  • Read-Only, Respectful Access
    The platform only reads what’s already visible in Epic/MyChart. No information is written back to Epic, modified, or shared with third parties.
     
  • Designed to Minimize Risk
    The architecture intentionally limits data scope, avoids long-term storage, and isolates operational components—creating a controlled, auditable environment that protects patient privacy. Security page.
     
  • Built for Security Review
    ClearChart.AI’s security protocols and session handling align with Epic’s review expectations and industry best practices—positioning the platform for approval in complex enterprise environments.

Privacy First. Always.

ClearChart.AI delivers patient-facing communication without compromising privacy or security. It uses short-term, read-only access via SMART on FHIR; never stores or trains on PHI; and complies with HIPAA and enterprise security frameworks. The platform is ready for deployment in even the most risk-sensitive healthcare settings. 

ClearChart AI™, PAC DB™, CPV™, and APS™ are trademarks of CCAI Systems, LLC.  MyChart™ is Epic’s mark. 

  • Privacy
  • Security
  • Contact Us
  • FAQ for Patients
  • Glossary

Copyright © 2025 CCAI Systems, LLC.

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

Accept

If you’ve made it this far, you’re one of us.

Deep in the details? Perfect. You’ve got ideas, questions, and maybe a few challenges you’d throw at the system. Get early access to the beta and help make it even better. 

Get First Access