Solutions · BastionGPT

The AI assistant and scribe healthcare actually trusts.

BastionGPT is the HIPAA-compliant AI platform combining a full assistant, unlimited ambient scribe, and document analysis, with BAA coverage on every plan and zero PHI used for AI training.

Request a demo → View plans
Used daily across 10,000+ healthcare organizations
Capabilities

One platform. The AI work that matters in healthcare.

BastionGPT replaces a handful of point tools with a single compliance-cleared surface for clinicians, administrators, and operations teams.

AI Assistant

A multi-model chat workspace for clinical Q&A, literature review, care-plan drafting, and patient-friendly translation, with PHI handling you can explain to your compliance team.

Unlimited ambient scribe

Capture encounters, generate structured SOAP / H&P notes, and route them into your EHR, no per-session caps, no surprise overage pricing.

Document analysis

Summarize referrals, extract data from prior auth letters, and compare patient records against clinical guidelines, with audit trails that satisfy privacy officers.

Multi-model routing

The latest Claude, OpenAI, and Gemini models, all accessible under the same secure subscription. Pick the model per task, or let our AI auto-select the optimal model.

BAA on every plan

HIPAA Business Associate Agreement included at every tier, from solo practitioner to enterprise. No added compliance costs since we are exclusively for healthcare.

Compliance Focused

All features and capabilities assume use with PHI or PII, so you don't have to worry about your data going to the wrong place. Non-compliant settings such as AI memory and web search are turned off by default.

How it works

Every request travels a BAA-covered path, end to end.

BastionGPT runs on private model endpoints that are covered under a signed Business Associate Agreement. Your data is encrypted in transit, never used for training, and never leaves the compliance perimeter.

01
Clinician
You send a prompt
Chat, ambient audio, or an uploaded document, including PHI, over an authenticated HTTPS session.
02
BastionGPT platform
Routed, logged, encrypted
Runs inside Bastion Intelligence's HIPAA-compliant environment. SSO, role-based access, and tamper-evident audit logs are applied before routing.
03
Private model endpoint
Answered under BAA
The request reaches private HIPAA-secured AI models licensed from OpenAI, Google, Anthropic, and other leading model manufacturers. OpenAI never has access to your data.
04
Response
Delivered to you
Output returns through the same encrypted path. Chat history is retained in your account only, never used for AI training.
BAA coverage
Inside the compliance perimeter Bastion Intelligence and all systems that touch your data operate under signed BAAs. PHI is allowed to travel here, encrypted in transit (TLS 1.2+) and at rest (AES-256), with US data residency by default.
Not in the path
Consumer APIs are never touched Public ChatGPT, the standard OpenAI API, Gemini consumer, and other non-BAA surfaces are blocked at the network layer. There is no fallback route that could expose PHI.
No training on your data
No resale of your data or sharing with unauthorized 3rd parties such as OpenAI
No third-party sub-processors handle your data outside the BAA chain
Use cases

Where clinicians and operations teams plug BastionGPT in.

A few of the highest-leverage workflows we see across our deployed base. Your mileage will vary by specialty and EHR.

01 / CLINICAL

At the point of care

Reduce after-hours EHR work and give clinicians their evenings back. Average 6.2 minutes of "pajama time" per visit saved in pilot deployments.

Ambient SOAP notes

Transcribe the encounter, draft a structured note in your template, and route for signature in the EHR.

Differential assistance

Generate a broad differential from chief complaint and vitals, with guideline citations the clinician can verify.

Patient-friendly summaries

Translate clinical impressions into plain language for the after-visit summary and patient portal.

Prior auth drafting

Assemble evidence, pull prior-auth criteria, and draft the letter, reviewed and signed by the clinician.

02 / OPERATIONS

In the back office

Administrators use BastionGPT for the high-volume, text-heavy work that clogs operational pipelines.

Referral triage

Summarize inbound referrals and route to the correct service line with urgency flags.

Denial responses

Draft appeal letters from payer denials and chart data, retaining clinical voice and evidence.

Policy Q&A

Stand up an internal assistant indexed to HR, compliance, and clinical policies, with source citations.

Patient communication

Triage portal messages, draft responses in your voice, and surface anything requiring human judgment.

03 / COMPLIANCE

For privacy & security teams

Everything privacy officers and CISOs need to sign off on an AI deployment, without cobbling together five vendor contracts.

HIPAA & 42 CFR Part 2

Engineered for both HIPAA and 42 CFR Part 2. BAA auto-included on every plan, Docusign routing available at no extra cost.

Never used for training

Customer data is never sold or used to train AI models. Chat history is not provided to OpenAI.

Encrypted end-to-end

Strong encryption in-transit and at-rest. US-based data residency by default, with Canada and Australia regions for customers in those regions.

Audited & attested

Runs on HITRUST CSF Certified, SOC 2 Type II attested infrastructure. Third-party penetration tests and static code review performed routinely.

Compliance posture

The certifications and controls you already require.

If your procurement team has a healthcare AI checklist, BastionGPT was built to check it without exceptions.

HIPAA
BAA signed before any PHI touches the platform, on every plan, every tier.
Data Ownership
Your data stays yours. No AI training or resale of your data.
Penetration tested
Third-party pen tests and static code reviews performed routinely. A+ independent SecurityScorecard rating.
State privacy laws
Configurable handling for CMIA, Texas HB 300, and other state-level PHI rules.
Pricing

A plan that fits you.

Every plan includes a signed BAA and unlimited audio transcription. No per-minute billing, no overage surprises.

Professional
$20 / user / mo
Great for those just getting started.
  • Access to the most powerful AI models
  • Reference documents up to 30 pages long
  • HIPAA secure and compliant
  • Unlimited audio transcription
Start trial
Professional Plus
$45 / user / mo
Our most popular plan. Great for those working with large documents.
  • Everything from Professional
  • Reference multiple documents up to 1,000 pages long
  • Analyze images, charts and graphs
  • Early access to the latest AI models and features
Start trial
Ultra
$65 / user / mo
Designed for large organizations. Starting at 100 users.
  • Everything from Professional Plus
  • Customizable security policies
  • Single Sign On (SSO)
  • Run locally within your existing enterprise cloud
  • and much more
Contact sales

See BastionGPT in a 20-minute demo.

We'll walk through the compliance model, show live scribe output, and answer any questions your security team has.

Book a demo →