Security

Data pseudonymization: two layers of patient privacy protection

Data pseudonymization: two layers of patient privacy protection

Your therapist knows things about you that you don’t write anywhere else.

When an AI platform analyzes those conversations; what exactly is sent to the model?

At TherapySupport we asked ourselves this question directly. Without additional safeguards, patient names, phone numbers, national ID numbers, and addresses would all flow into Azure OpenAI; everything in a single request to the model.

So we built a two-layer data protection system, compliant with GDPR requirements and with HIPAA and SOC 2 standards.

Layer one - encryption at the database level

All patient data is stored using Always Encrypted in SQL Server. This means that even a database administrator cannot access the content of columns containing sensitive data. The encryption keys reside exclusively in Azure Key Vault and never leave the trusted environment.

Layer two - pseudonymization before sending to the AI

Before a session transcript is sent to the AI model, it passes through three layers of verification. The system identifies data from the patient’s profile, recognises third parties mentioned during the conversation; partners, colleagues; and detects phone numbers and addresses.

Every identified person receives a pseudonym. Jan Kowalski becomes [PATIENT]. Anna, a colleague from work; [PERSON_1]. The model receives a coherent history of the session, but without any real name, number, or address.

The AI model receives the full clinical context. The therapist receives a reliable analysis. The patient’s data stays within our system.

Three-stage detection of personal data - how Therapy Support protects patient data before sending it to the AI model

Why two layers, not one

Encryption protects data at rest; in the database. Pseudonymization protects data in motion; in the prompt, in logs, in embeddings sent to the model. These are two independent mechanisms solving two different problems. Neither replaces the other.

In mental health, a privacy breach means concrete harm done to a concrete person; at the moment when they are most vulnerable. That is why every layer of protection matters.

#GDPR #HIPAA #SOC2 #AI #HealthTech #Privacy #Pseudonymization #Microsoft #AlwaysEncrypted #SQLServer #TherapySupport

Všetky články

Beta testovanie · Pridajte sa teraz

Získajte späť čas pre seba
a svojich pacientov

Ste KBT terapeut?
Pozrite sa, ako platforma podporuje vašu každodennú prácu.
Zhrnutia sedení, ktoré usporiadajú klinický materiál. Administratíva, ktorá neprekáža.

Pridajte sa k beta testovaniu