Sold by: ClerkAI
Deployed on AWS
Free Trial
AWS Free Tier
PHI De-identification by ClerkAI automatically extracts and anonymizes Protected Health Information (PHI) from medical text. Deploy a fully managed REST API and web dashboard in your AWS account via CloudFormation. No infrastructure expertise required. Supports reversible anonymization, making it suitable for HIPAA-aligned workflows.
Overview
PHI De-identification by ClerkAI is a production-ready API that identifies, anonymizes, and de-anonymizes Protected Health Information (PHI) in medical text using large language models (LLMs). It is deployed entirely within your AWS account, ensuring your patient data never leaves your environment.
The product supports three storage backends to fit your architecture:
- AWS KMS for encryption-at-rest with no database required,
- DynamoDB Token-Based storage for scalable token lookups, and
- DynamoDB Record-Based storage for granular per-record retrieval and deletion. All anonymization is fully reversible - original PHI values can be restored at any time using the same API.
Deployed via a single CloudFormation stack, the product provisions an EC2 instance (pre-baked AMI), DynamoDB tables, a KMS key, IAM roles, and a CloudWatch log group with no manual setup. A built-in web dashboard provides an interactive interface for anonymization, deanonymization, token lookup, and API key management. Access is secured with named API keys backed by DynamoDB, supporting optional expiry and individual revocation. The instance runs in a private subnet with VPC peering and AWS SSM Session Manager support for secure access without exposing a public IP.
Highlights
- AI powered PHI extraction and anonymization. Identifies names, dates, SSNs, addresses, and 19 other PHI categories from unstructured medical text with no custom training required.
- Fully reversible anonymization with AWS KMS encryption and DynamoDB token storage. Original PHI values can be restored at any time, supporting both de-identification and re-identification workflows.
- Designed for sensitive healthcare data. Runs entirely inside your AWS account in a private VPC subnet with no public IP, KMS-encrypted PHI at rest, IAM-controlled least-privilege access, individually-revocable named API keys, and CloudWatch audit logging on every request. Patient data never leaves your environment.
Details
Sold by
Delivery method
Delivery option
PHI De-identification by ClerkAI - CloudFormation Deployment
Latest version
Operating system
Ubuntu 24.02
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free for 5 days according to the free trial terms set by the vendor. Usage-based pricing is in effect for usage beyond the free trial terms. Your free trial gets automatically converted to a paid subscription when the trial ends, but may be canceled any time before that.
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
If you are an AWS Free Tier customer with a free plan, you are eligible to subscribe to this offer. You can use free credits to cover the cost of eligible AWS infrastructure. See AWS Free Tier for more details. If you created an AWS account before July 15th, 2025, and qualify for the Legacy AWS Free Tier, Amazon EC2 charges for Micro instances are free for up to 750 hours per month. See Legacy AWS Free Tier for more details.
Dimension | Cost/hour |
|---|---|
t3.micro | $4.90 |
t2.micro | $4.90 |
t3a.micro | $4.90 |
t3.small | $4.90 |
t3a.small | $4.90 |
t2.small | $4.90 |
t2.xlarge | $4.90 |
t3.xlarge | $4.90 |
t3.large | $4.90 |
t3a.xlarge | $4.90 |
Vendor refund policy
Please contact clerkai@generative-technologies.com to request a refund. We will respond within 2 to 7 business days.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
PHI De-identification by ClerkAI - CloudFormation Deployment
This delivery option deploys PHI De-identification by ClerkAI using a single CloudFormation template that provisions all required AWS resources automatically.
What gets deployed:
- EC2 instance running the pre-baked API server AMI in a private subnet
- VPC with public and private subnets, NAT Gateway for outbound AWS service access
- Three DynamoDB tables: token-based PHI mappings, record-based PHI mappings, and named API key storage
- AWS KMS RSA 4096 key for PHI encryption and decryption
- IAM role with least-privilege access to Bedrock, DynamoDB, KMS, SSM, and CloudWatch
- CloudWatch log group with 30-day retention
- SSM Parameter Store entry for secure API key injection at startup
The EC2 instance is placed in a private subnet with no public IP. Access is provided via AWS SSM Session Manager (no SSH key required) or VPC peering for application-to-API integration. The API server starts automatically on launch and restarts on reboot.
Storage backends available at request time:
- AWS KMS: PHI values encrypted at rest, no database required
- DynamoDB Token-Based: HMAC tokens stored with token as primary key, fast lookups
- DynamoDB Record-Based: All PHI for a record grouped under one Record ID, supports per-record retrieval and deletion
The built-in web dashboard (port 8888/dashboard) and Swagger UI (port 8888/docs) are accessible via SSM port forwarding or AWS Client VPN.
CloudFormation Template (CFT)
AWS CloudFormation templates are JSON or YAML-formatted text files that simplify provisioning and management on AWS. The templates describe the service or application architecture you want to deploy, and AWS CloudFormation uses those templates to provision and configure the required services (such as Amazon EC2 instances or Amazon RDS DB instances). The deployed application and associated resources are called a "stack."
Version release notes
First release
Additional details
Usage instructions
For complete setup, deployment, and access instructions, see: https://deid.generative-technologies.com
Support
Vendor support
For support, please contact us at: clerkai@generative-technologies.com .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Mask or Obfuscate Personal Health Information (PHI) in English clinical notes.
Mask or Obfuscate Personal Health Information (PHI) in English clinical notes.
Automate PHI redaction in DICOM images for secure data handling.
Built on openSUSE Linux, this product provides private AI using the Phi-4 model with 14 billion parameters. MultiCortex HPC (High-Performance Computing) allows you to boost your AI's response quality. This is a plug-and-play, low-cost product with no token fees.
Mask or Obfuscate Personal Health Information (PHI) in German clinical notes.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.