PHIWatch

PHIWatch is a web app + lightweight endpoint agent that detects and documents potential PHI exposure across email, cloud drives, EHR exports, and shared folders. It continuously scans for high-risk patterns (patient identifiers, lab results, insurance IDs) and flags risky sharing behaviors like public links, misrouted emails, and bulk downloads. When it finds an issue, it generates a clear incident record: what data, where it went, who accessed it, and recommended containment steps. It also produces audit-ready evidence for HIPAA investigations and internal compliance reviews. This is a combination traditional + AI app: traditional rules and integrations for reliability, plus AI to classify context (is this actually PHI?) and reduce noisy false positives. The goal is not “perfect security”—it’s faster detection, faster response, and defensible documentation when something inevitably goes wrong.