Built for the Audit. Engineered for Trust.
Healthcare organizations can't adopt AI from vendors that treat compliance as an afterthought. We built Variate Health inside a HIPAA-compliant architecture from day one — not bolted on after launch.
What Your IT Team Needs to Know in 60 Seconds
Variate Health runs on Google Cloud Platform with an executed Business Associate Agreement. Your Protected Health Information never touches the public internet. Every action — whether taken by a human dispatcher or an AI agent — is logged with full audit trail granularity. No data enters production without explicit human authorization. And if you need to delete patient records, our adjustable 30-day tombstone architecture preserves the audit trail while ensuring permanent removal.
Infrastructure That Passes the Pen Test
Variate Health runs on Google Cloud Platform with an executed Business Associate Agreement. Your Protected Health Information never touches the public internet. Every action — whether taken by a human dispatcher or an AI agent — is logged with full audit trail granularity. No data enters production without explicit human authorization. And if you need to delete patient records, our 30-day tombstone architecture preserves the audit trail while ensuring permanent removal.
VPC Isolation
Your data lives inside a walled-off Virtual Private Cloud with Private Google Access. No shared tenancy. No public IP exposure. Identity-Aware Proxy (IAP) controls every connection to the platform — even internal ones.
Encryption Everywhere
Data encrypted at rest using Google Cloud KMS and in transit via TLS 1.3. Database connections are private-IP only. Browser sessions never receive raw PHI — only rendering coordinates for the map visualization.
Multi-Tenant Segregation
Every database query is scoped by tenant_id at the PostgreSQL level using Row-Level Security. Even a direct database connection respects tenant boundaries. One health system can never access another's data — architecturally impossible, not just policy-prohibited.
AI You Can Explain to a Regulator
Most healthcare AI platforms output a recommendation and hide the reasoning. Ours doesn't.
Human-in-the-Loop by Design
Every AI-generated dispatch recommendation enters a review queue before execution. The AI proposes. A human approves. No autonomous clinical decisions are made without human oversight.
Full Decision Audit Trail
When our Autonomy Engine recommends moving a clinician to a high-risk zone, we log exactly what it observed, the confidence score it calculated, and the reward function weights that drove the decision. If an auditor asks "why did the AI do that?" — we can answer.
Conformal Prediction (Self-Doubting AI)
Every predictive output includes a statistically guaranteed confidence interval. When the AI's certainty is low, it flags the recommendation as "Review Required" instead of confidently sending a clinician on a wild goose chase. This eliminates alert fatigue — the #1 reason healthcare AI deployments fail.
Ethical Reward Function
Our AI's learning algorithm mathematically penalizes inequitable care distribution. If it chronically delays care to high-vulnerability ZIP codes, the equity multiplier crashes the total reward score. The system cannot learn that ignoring underserved communities is an acceptable strategy.
Your Data, Your Control — Every Step of the Way
4-Phase Data Pipeline
No data enters production without passing through four stages: Ingest → Quarantine → Human Approval → Production Commit. Our AI Data Librarian can profile, geocode, and validate a CSV upload or an API in 30 seconds — but nothing goes live until a human says so.
Soft-Delete Architecture
Patient records are never hard-deleted. When flagged for removal, data enters a 30-day tombstone quarantine with full audit trail preservation. After the quarantine period, scheduled purges execute permanent deletion — with human authorization logged at every step.
Actor-Level Logging
Every data mutation is recorded with actor_id, actor_type (HUMAN, AGENT, or SYSTEM), and timestamp. Whether a human dispatcher edited a patient record or an AI agent recommended a route change, the audit trail captures who did what, when, and why.
Boundaries We Set on Purpose
We don't store patient data on edge devices. All spatial computations happen server-side inside the VPC. The browser receives rendering coordinates for map visualization — not raw PHI. We don't make autonomous clinical decisions — every AI recommendation requires human approval before execution. We don't sell, share, or aggregate your data across tenants. And we don't hard-delete anything — because a complete audit trail isn't optional in healthcare.
Security Questions We Hear in Every Diligence Call
No. Every AI recommendation enters a Human-in-the-Loop review queue. The system proposes optimal matches and strategic moves, but a human dispatcher must approve before any action is taken. This is an architectural constraint, not a configuration setting.
Each tenant only sees their own operational data (staff, patients, fleet). The underlying public intelligence layers (CDC SVI, CMS Hospital Compare, Census demographics) are shared because they're federally published datasets — but your workforce data, patient locations, and dispatch history are invisible to other tenants.
All AI inference runs on Google Vertex AI within Google Cloud's HIPAA-compliant infrastructure. No patient data is sent to third-party AI providers. Our Gemini Pro integration operates under Google Cloud's BAA.
Deletion requests trigger a soft-delete that moves data into a 30-day tombstone quarantine. During this period, records are excluded from all queries and AI processing but remain available for audit review. After 30 days, scheduled purges permanently remove the data — with human authorization logged.
We are SOC 2 Type II ready and can walk your security team through our controls framework. Formal certification is planned as part of our enterprise readiness roadmap. In the interim, we provide a detailed security architecture document upon request.
Yes. We execute Business Associate Agreements with every healthcare customer before any PHI enters the platform.
Need the Technical Deep-Dive?
We're happy to walk your IT, security, or compliance team through our architecture in detail. No sales pitch — just an engineer-to-engineer conversation about how we built this.
Ready to see what your EHR can't show you?
See how Variate Health can transform your healthcare logistics in 90 days.
- See where diseases cluster — and why — in 10 seconds.
- Predict demand surges and route the right clinician proactively.
- Prove the ROI to your board with readmission data they've never seen before.