HIPAA-aligned · Tenant-scoped · Audited
Sanolith gives clinical, research, and ops teams a private LLM workspace with fail-closed PHI redaction, per-tenant fine-tuning, clinical tool calls, and an audit ledger that survives subpoena.
Self-serve trial · BAA-ready · Production-tested
You typed
Is metformin safe for John Doe (DOB 03/14/1956) with eGFR 42?|
Sent to model
Is metformin safe for [REDACTED] (DOB [REDACTED]) with eGFR 42?
Sanolith
Per the FDA label, metformin is contraindicated when eGFR < 30 and requires dose adjustment + monitoring between 30 and 45. [SETID:6f8a…]
Trusted by clinical, research, and ops teams at hospitals, biotechs, and CROs across the United States
~4h
saved per clinician / week
PubMed, DailyMed, RxNav, FAERS, and your formulary live behind one prompt. No more open-six-tabs-and-call-the-pharmacist tax.
0
raw PHI shipped to inference
Fail-closed redactor scrubs MRN, DOB, SSN, phone, address, plus 40+ other identifiers, before any prompt reaches inference. If the redactor breaks, the request breaks. Not the privacy.
100%
of model calls auditable
Every prompt, redaction, model call, and tool invocation lands on a tenant-scoped append-only ledger. Export to CSV. Hand to compliance. Done.
What's inside
Not a wrapper around ChatGPT. A platform where redaction, audit, and clinical-grade tools are load-bearing features, not checkboxes on a security questionnaire.
Pre-inference scrubber catches names, MRN, DOB, SSN, phone, ITIN, addresses, and clinical-context identifiers. Pluggable rules per tenant. If it breaks, requests break. PHI never leaks through a failure mode.
Train a Sano adapter on your team's curated Q&A. Your patterns, your formulary, your safety constraints, without sharing weights or training data with anyone else. Models live inside your tenant boundary, end-to-end.
Drop in SOPs, policies, formularies, discharge templates. Sanolith chunks, embeds, indexes, all inside your tenant. No shared corpus, no cross-tenant retrieval, no model memorization across customers.
PubMed search, DailyMed labels, RxNorm interactions, FAERS adverse events, web fetch, all built in. The model knows when to call them. Citations link to the canonical source, not a paraphrase.
Every prompt + redaction + model call + tool call lands on a tenant-scoped append-only ledger with hash-chained checkpoints. Export anytime. Survives subpoena. Satisfies compliance.
Route to GPT, Claude, Llama, Qwen, your own vLLM, AWS Bedrock: one API, one audit, one redactor. Switch models per tenant without rewriting integrations. Frontier today, open-source tomorrow, your own fine-tune the day after.
How it compares
The honest comparison: what you get out of the box, not what you'd build in twelve months.
| Capability | Sanolith | ChatGPT Enterprise | Generic LLM platform | DIY in-house |
|---|---|---|---|---|
| PHI redaction before inference | Fail-closed | None | Limited | If you build it |
| Per-tenant fine-tuned model | Sano adapter per team | Custom GPT only | Shared model | If you build it |
| Append-only audit ledger | Exportable | Workspace logs | Limited | If you build it |
| Tenant-isolated RAG index | Yes | Shared embeddings | Shared | If you build it |
| Clinical tools (PubMed, DailyMed…) | Built-in, cited | Plugins, best effort | Some | If you build it |
| Model swap without re-integration | Yes | OpenAI only | Limited | If you build it |
| BAA available | Yes | Enterprise only | Yes | If vendors sign |
Built for
Clinical research
Lit review, protocol drafting, and adverse-event mining in one workspace. Every claim traces to a PMID. Trial designs stop being a three-week ordeal.
Pharma compliance
Standard responses to medical-information inquiries, label questions, off-label checks, drafted from your labels, your guidance, your training. Every response carries a SETID.
Hospital ops
Discharge summaries, prior-auth letters, policy lookups, formulary checks. Fail-closed redaction means the chart stays inside the chart.
Ambulatory practice
Drug-interaction checks, patient-handout drafts, ICD-10 lookups. One tab. Citations on every claim. No copy-paste tax.
Private fine-tuning
Datasets you upload can do more than ground answers, they can train a model that lives entirely inside your tenant. Same redaction guard, same audit chain, no weights ever leave your infrastructure.
01
PDFs, transcripts, spreadsheets. Indexed and chunked.
02
Fail-closed scrub before any byte hits training storage.
03
Sano adapter in minutes, or from-scratch foundation in hours.
04
Deployed as a tenant model. Routed inside your network only.
Pricing
Per-team flat rate. No per-token surprises. No overage drama. Cancel anytime.
For teams piloting clinical AI under HIPAA.
$499/ team / month
Most popular
For mid-size clinical, ops, and research teams.
$1,990/ team / month
For hospitals, IDNs, and regulated pharma.
Custom
All tiers include the PHI redactor, audit ledger, and tenant isolation. BAA available on Team and Enterprise.
FAQ
We sign a BAA. PHI is redacted before any inference call. All data is encrypted at rest and in transit. Audit logs are append-only, tenant-scoped, and exportable. We pass annual third-party HIPAA security risk assessments. SOC 2 Type II audit is in progress (report expected Q3 2026); the pre-audit Type I letter and HIPAA risk assessment are available under NDA today.
ChatGPT Enterprise is one model from one vendor. Sanolith routes to whichever model fits the task (GPT, Claude, Llama, your own fine-tune) without rewriting integrations. We add clinical tools (PubMed, DailyMed, RxNav, FAERS) natively, with citations on every answer. The audit ledger captures per-prompt redaction events, not just access logs.
Names, MRN, DOB, SSN, ITIN, phone, email, addresses, dates within one day of admission, plus 40+ other identifiers. It is fail-closed: if the redactor errors, the request errors. PHI does not pass through to inference under any failure mode. Custom rules per tenant for institution-specific identifiers.
Your tenant owns the Sano adapter weights. They are trained on your data and live inside your tenant boundary. Sanolith is the custodian under your BAA, not the owner. On churn, you receive the weights exported. We purge our infrastructure within the BAA's deletion SLA. Certified destruction report on request.
Yes, on the Enterprise tier. Point Sanolith at your vLLM cluster, your AWS Bedrock account, or your on-prem inference endpoint. Same redactor, same audit, same API. Self-hosted inference works for air-gapped deployments.
On termination, you receive a full export (documents, audit ledger, fine-tuned model weights) within 30 days. We purge all tenant data (embeddings, chat history, audit ledger backups) within 60 days, per the BAA. Certified destruction report on request.
Starter tier is self-serve, live in 15 minutes. Team tier with BAA takes about five business days for paperwork and onboarding. Enterprise with custom integrations runs two to four weeks depending on scope.
Append-only Postgres table with row-level security, plus hash-chained checkpoints written hourly to immutable object storage. Every entry is timestamped, signed, and the chain is reproducible from the checkpoints. Survives subpoena. Satisfies compliance.
Self-serve trial gets your team chatting in 15 minutes. Sales call for BAA + onboarding details.
Built on RKE2, Keycloak, Vault, and Postgres. Your data never leaves your tenant. Open-source inference stack you can audit.
About Sanolith
Sanolith exists because healthcare teams were pasting PHI into consumer chatbots that were never built to hold it. We started from the privacy officer's constraints, not from a model demo: redact before inference, isolate every tenant, and log every action to a ledger that survives an audit.
PHI is redacted before it can reach a model, tenant data is isolated at the database and storage layers, and a designated Privacy & Security Officer owns HIPAA controls. The details live on our security page.
A BAA on every paid tier, an append-only audit ledger, a curated sub-processor list, and documented incident-response SLAs. We wrote down the answers to the 200-question security questionnaire so your review closes in weeks, not months.
Sanolith runs on RKE2, Keycloak, Vault, and Postgres, with an open-source inference stack. Bring your own model, your own GPUs, or run air-gapped on Enterprise. Your data never leaves your tenant.
Sanolith is built by a small team that has shipped clinical software and regulated infrastructure in production. Want to know who you'd be working with? Email [email protected] and we'll set up an intro call.