MedicDraft Security

HealthScribe PHI Readiness

Active Tenant

South Metro Fire Rescue

PHI processing is blocked. This demo remains blocked until BAAs, tenant-isolated storage, KMS, audit logging, and required AWS HealthScribe settings are complete.

BAA gate is still active for this tenant.
Tenant PHI storage is disabled.
Tenant-isolated recording storage is not enabled.
Tenant-isolated report storage is not enabled.
Missing environment: AWS_REGION
Missing environment: AWS_HEALTHSCRIBE_INPUT_BUCKET
Missing environment: AWS_HEALTHSCRIBE_OUTPUT_BUCKET
Missing environment: AWS_HEALTHSCRIBE_KMS_KEY_ARN
Missing environment: AWS_HEALTHSCRIBE_DATA_ACCESS_ROLE_ARN
Missing environment: AWS_HEALTHSCRIBE_AUDIT_LOG_GROUP

AWS Readiness Checklist

Security gates before PHI

These controls must be complete before real audio, transcripts, reports, QA findings, screenshots, or patient identifiers are allowed into MedicDraft.

0/8 ready
PHI mode: Disabled / synthetic-only

BAA status

BAA gate is active. Real PHI remains blocked.

blocked
Evidence
  • - Tenant requires BAA before PHI: true
  • - Agreement evidence must stay outside the public repo.
Next action

Execute and document BAAs with AWS and every ePHI-touching vendor before enabling PHI workflows.

S3 storage configured

Audio, HealthScribe output, transcripts, reports, screenshots, and exports need tenant-isolated encrypted storage.

planned
Evidence
  • - Input bucket env configured: false
  • - Output bucket env configured: false
  • - Tenant recording storage: disabled
  • - Tenant report storage: disabled
Next action

Create private S3 storage with block public access, SSE-KMS, tenant-scoped prefixes or buckets, access logs, and lifecycle retention.

KMS configured

Customer-managed KMS encryption is required for PHI-touching storage and HealthScribe workflows where supported.

planned
Evidence
  • - KMS key ARN env configured: false
Next action

Create a customer-managed KMS key with least-privilege key policy, rotation, CloudTrail monitoring, and tenant encryption context.

Database configured

Reports, transcripts, QA findings, feedback, users, audit references, and tenant settings need a BAA-covered database with tenantId on every PHI record.

planned
Evidence
  • - Database env configured: true
  • - Tenant PHI storage enabled: false
Next action

Choose and configure a BAA-covered database, add tenant-scoped schema, and block PHI writes without tenantId and audit events.

IAM / RBAC configured

AWS IAM and app RBAC both need least-privilege boundaries before PHI routes or HealthScribe jobs are enabled.

planned
Evidence
  • - Production auth env configured: false
  • - HealthScribe data access role env configured: false
  • - Demo RBAC roles are scaffolded but not production identity.
Next action

Connect production auth with MFA, server-side session checks, tenant-aware roles, and AWS roles scoped to tenant storage paths.

CloudTrail / audit configured

AWS API activity and app-level PHI actions need audit trails before protected workflows can run.

planned
Evidence
  • - Audit log env configured: false
  • - 8 app audit event types defined.
Next action

Enable CloudTrail/CloudWatch destinations and implement immutable app audit writes for create, view, edit, generate, export, admin, and delete events.

HealthScribe disabled / enabled

HealthScribe remains blocked until environment, BAA, tenant, KMS, IAM, storage, and audit gates are complete.

blocked
Evidence
  • - AWS region configured: false
  • - HealthScribe storage/KMS/IAM/audit configured: false
Next action

Keep the server-side HealthScribe route fail-closed until every PHI readiness item is complete and reviewed.

PHI mode disabled / enabled

PHI mode is disabled. Sandbox must remain synthetic-only.

blocked
Evidence
  • - Tenant PHI storage enabled: false
  • - Demo storage only: true
  • - Foundation model sharing: disabled
Next action

Do not enable PHI mode until legal, auth, storage, KMS, IAM, audit, database, HealthScribe, retention, and incident-response controls are complete.

AWS HealthScribe Requirements

AWS_REGION
Required before PHI

AWS region selected for HealthScribe and tenant storage.

AWS_HEALTHSCRIBE_INPUT_BUCKET
Required before PHI

Tenant-isolated encrypted S3 bucket for source audio.

AWS_HEALTHSCRIBE_OUTPUT_BUCKET
Required before PHI

Tenant-isolated encrypted S3 bucket for HealthScribe output.

AWS_HEALTHSCRIBE_KMS_KEY_ARN
Required before PHI

Customer-managed KMS key for an added HealthScribe encryption layer.

AWS_HEALTHSCRIBE_DATA_ACCESS_ROLE_ARN
Required before PHI

Least-privilege role allowing HealthScribe access to tenant audio/output paths.

AWS_HEALTHSCRIBE_AUDIT_LOG_GROUP
Required before PHI

Central audit/log destination for PHI-touching workflow events.

Required Tenant Controls

Core Platform

Tenant ID as primary data boundary

planned

Every PHI-touching table, object path, audit event, model artifact, and API request must include tenantId.

Enforcement: Reject any PHI workflow request that does not carry a tenantId matching the authenticated user's tenant.

Compliance

Department data-use contract

blocked

Written agreement must state that department recordings, reports, protocols, and model artifacts remain private to that department.

Enforcement: Keep training/export workflows disabled until the tenant data-use terms are complete.

Security

Role-based access control

planned

Provider, QA, admin, and owner roles need separate permissions for recording, review, export, rules, and reference management.

Enforcement: Server-side permission checks before every PHI read, write, export, deletion, and admin mutation.

Core Platform

Audit event required for PHI actions

planned

PHI-touching actions must write an audit event before or during the protected action.

Enforcement: Fail closed when audit logging is unavailable.

Department Tenant

Tenant retention policy

planned

Each department must define retention windows for audio, transcripts, generated narratives, protocol sets, and model artifacts.

Enforcement: Retention policy is required before storage activation.

Core Platform

Tenant model and retrieval isolation

ready

One department's data must not train, enrich, or evaluate another department's model or retrieval index.

Enforcement: Tenant model profile and retrieval index IDs are stored on the tenant config and must match every AI request.

Auth / RBAC Readiness

Production auth is not connected. Demo RBAC is scaffolded for tenant and permission checks only.
Production identity provider is not connected.
MFA enforcement is not connected to a production auth provider.
Server-side session verification is scaffolded but not backed by a production token/session store.
User provisioning and deprovisioning workflow is not connected.

Provider

Creates dictations, reviews own generated narrative, resolves missing information, and copies ESO narrative.

dictation:createdictation:review_owndictation:copy_narrative

QA

Future role for reviewing submitted charts, unresolved issues, alert calls, and trends.

qa:review_submittedaudit:view

Admin

Manages department templates, protocols, rules, users, and security readiness visibility.

admin:manage_templatesadmin:manage_protocolsadmin:manage_userssecurity:view_readinessaudit:view

Owner

Controls tenant-level settings, PHI gates, vendor configuration, and production security posture.

dictation:createdictation:review_owndictation:copy_narrativeqa:review_submittedadmin:manage_templatesadmin:manage_protocolsadmin:manage_userssecurity:view_readinesssecurity:manage_phi_gateshealthscribe:create_jobaudit:viewtenant:manage

Security Controls

Legal

BAA gate before PHI

blocked

No real PHI may be processed until BAAs are signed with AWS, hosting, database/storage, AI, and any support vendors.

Tenant configuration keeps PHI storage disabled until legal/vendor readiness is explicitly changed.

Tenant Isolation

Tenant ID on every PHI object

planned

Every recording, transcript, report, reference file, audit event, and model artifact must be scoped to a tenant.

Tenant config and future data schemas require tenantId as the first access-control boundary.

Identity

Organization-aware authentication and RBAC

planned

Users must authenticate into one organization and receive role-based permissions for provider, QA, admin, and owner workflows.

Architecture reserved for tenant auth provider, MFA, session controls, and role checks before PHI routes are enabled.

Encryption

Customer-managed KMS encryption

planned

Audio, transcript, report, protocol, and HealthScribe outputs must use encrypted tenant storage and customer-managed keys where supported.

HealthScribe configuration requires a KMS key ARN before PHI processing can be enabled.

Audit

Immutable PHI audit events

planned

All access, creation, transcription, generation, copy, export, admin, and deletion actions must create audit events.

Audit event contract is defined before real storage is added.

Retention

Tenant retention and deletion policy

planned

Each tenant must have documented retention windows and deletion procedures for recordings, transcripts, reports, and model artifacts.

Retention controls are listed as required architecture before database/object storage activation.

AI/Data Use

No cross-tenant training

ready

Department data cannot train another department's model or vendor foundation models without written approval.

SMFR data may only be used for the SMFR tenant model or retrieval index unless a future written agreement explicitly allows another use.

AWS HealthScribe

HealthScribe service boundary

planned

All HealthScribe jobs must run through a server-side adapter that enforces tenant, BAA, KMS, bucket, role, and audit checks.

Adapter scaffold blocks real PHI while demo mode and missing production environment requirements remain active.

Protected Data Classes

Audio recordings
Post-call dictation audio, Future patient-contact recording
Transcripts
AWS HealthScribe transcript, Edited provider transcript
Generated narratives and reports
DRAATT narrative, Provider-approved ESO copy
Department reference material
Protocols, SOGs, alert criteria, billing documentation notes
Tenant AI artifacts
Retrieval index, future fine-tuned model, evaluation set

Audit Events

auth.login
User signs in under an organization tenant.
dictation.audio.created
A recording is created or uploaded for transcription.
healthscribe.job.started
AWS HealthScribe job is started for tenant audio.
healthscribe.output.received
Transcript or note output is received from AWS HealthScribe.
narrative.generated
MedicDraft generates or formats a DRAATT narrative.
narrative.copied
Provider copies an ESO-ready narrative.
admin.reference.updated
A tenant admin updates template, protocol, or rule references.
retention.object.deleted
A PHI object is deleted under retention or tenant request rules.

Required AWS Resources

AWS Artifact / Legal

Executed AWS Business Associate Addendum

blocked

Legal permission to use HIPAA-eligible AWS services with ePHI.

  • - Signed before PHI
  • - Confirm account and services covered
  • - Store agreement evidence outside the public repo
AWS HealthScribe / Amazon Transcribe

HealthScribe job or streaming workflow

planned

Create transcripts and clinical documentation artifacts from dictation audio.

  • - Server-side calls only
  • - Tenant ID in job metadata
  • - Customer-managed KMS key where supported
  • - Audit event before job start
Amazon S3

Tenant-isolated source audio storage

planned

Store encrypted audio submitted for HealthScribe processing.

  • - Block public access
  • - SSE-KMS encryption
  • - Tenant-scoped prefixes or buckets
  • - Lifecycle retention policy
  • - Access logs enabled
Amazon S3

Tenant-isolated HealthScribe output storage

planned

Store encrypted transcripts, generated note output, and service artifacts.

  • - Block public access
  • - SSE-KMS encryption
  • - Tenant-scoped prefixes or buckets
  • - No public demo downloads
  • - Lifecycle retention policy
AWS KMS

Customer-managed tenant encryption key

planned

Encrypt audio, transcript, output, and future report/model storage.

  • - Key rotation enabled
  • - Least-privilege key policy
  • - Tenant-specific encryption context
  • - CloudTrail key usage monitoring
AWS IAM

HealthScribe data access role

planned

Allow HealthScribe to read input audio and write output for a tenant workflow.

  • - Least privilege
  • - Scoped to tenant input/output locations
  • - No wildcard cross-tenant object access
  • - Separate deployment/admin roles
CloudWatch / CloudTrail / App Audit Store

PHI workflow audit logging

planned

Record access, generation, export, admin, and deletion events.

  • - Immutable application audit events
  • - AWS API activity logging
  • - Tenant ID on every event
  • - Retention aligned to policy

Server-Side Boundaries

Browser / client app

ready
Allowed
  • - Synthetic demo text
  • - Provider-approved narrative display
  • - Authenticated requests to server-side PHI APIs after production auth
Blocked
  • - AWS credentials
  • - KMS key details
  • - Direct S3 PHI paths
  • - Cross-tenant storage identifiers

Next.js route handlers / server actions

planned
Allowed
  • - Tenant validation
  • - RBAC checks
  • - Audit writes
  • - HealthScribe job creation
  • - Signed upload/download mediation when production storage exists
Blocked
  • - PHI processing when BAA gate is active
  • - Requests without tenantId
  • - Requests where tenantId does not match authenticated user tenant
  • - Requests that cannot write audit events

AWS HealthScribe and storage services

planned
Allowed
  • - Read tenant-scoped source audio
  • - Write tenant-scoped HealthScribe output
  • - Use tenant-approved KMS key
Blocked
  • - Public bucket access
  • - Foundation model training with tenant PHI
  • - Cross-tenant input or output locations

AWS HealthScribe will be a server-side integration only. The browser should never receive AWS credentials, KMS keys, bucket names for PHI objects, or direct cross-tenant storage paths.