AI-Powered Health Data Masking

The AI-Powered Health Data Masking guidance helps healthcare organizations identify and mask health data in images or text. This guidance uses Amazon Comprehend Medical to detect health data in a body of text, Amazon Rekognition to identify text in an image, Amazon API Gateway and AWS Lambda to provide an API interface for this functionality, and AWS Identity and Access Management (IAM) to authorize API requests.

This guidance was designed as part of a set of mitigating controls in your environment, and does not guarantee alignment to any regulatory framework. It is your responsibility to ensure that the outputs generated by this guidance comply with any legal requirements applicable to your organization. 


The diagram below presents the architecture you can build using the example code on GitHub.

AI-Powered Health Data Masking architecture

The AWS CloudFormation template deploys an Amazon API Gateway to invoke the microservices (AWS Lambda functions). The microservices provide the business logic to manage preprocessing configuration and logic, and identifying and masking health data. The microservices interact with Amazon Rekognition to identify text in an uploaded medical image, and the Amazon Comprehend Medical protected health information data extraction and identification (PHId) API to identify health data in text.

Additionally, the template deploys an Amazon Simple Storage Service (Amazon S3) bucket for storing raw and masked images, AWS CloudTrail to log API actions, and AWS CloudWatch Logs to log errors within the AWS Lambda functions. By default, log files are encrypted over HTTPS.

AI-Powered Health Data Masking

Version 1.0
Last updated: 08/2019

Did this Guidance help you?
Provide feedback 


Health data masking

AI-powered entity detection to quickly detect, identify, and mask health data in medical images and text.


The solution uses Amazon CloudWatch to capture Amazon API Gateway actions in your environment and AWS CloudTrail to log information from the AWS Lambda functions and Amazon API Gateway.

API interface

The solution creates API calls to return the location of text and health data in an image or text, and generates a new masked image or replaces the identified health data in text.
Solving with AWS Solutions: AI Powered Health Data Masking
Back to top 
Build icon
Deploy an AWS Solution yourself

Browse our library of AWS Solutions to get answers to common architectural problems.

Learn more 
Find an APN partner
Find an AWS Partner Solution

Find AWS Partners to help you get started.

Learn more 
Explore icon
Explore Guidance

Find prescriptive architectural diagrams, sample code, and technical content for common use cases.

Learn more