For Teams using AI

Strip the PII before you paste into ChatGPT or Claude

Whether it is a clinical assistant like OpenEvidence or UpToDate Expert AI, or a general tool like ChatGPT and Claude, redact names and identifiers from your documents on your device first. The file, and the personal data in it, never leaves your browser.

No upload. No install. Free to start.

Patient namesMedical record numbersDates of birthAddressesPhone numbersEmailsInsurance IDsHealth data
Document redaction for Teams using AI

How it works

1. Open your document

Load any PDF, scan or image in your browser. Nothing is uploaded - it stays on your device.

2. Detect the personal data

On-device AI finds 60+ types of personally identifiable information automatically - names, addresses, IDs and more.

3. Redact and export

Apply permanent pixel-burn redaction - the text is destroyed, not just hidden - then export with an optional tamper-evident certificate.

Built for the work you actually do

Pasting client data into public AI tools

Redact PII on your device before any text reaches an LLM, so you keep the productivity without the leak.

Shadow AI use across the team

Give people a fast, browser-based way to sanitise documents instead of pasting raw personal data.

Not knowing what counts as personal data

AI detection surfaces 60+ PII types automatically, from names to bank details to health data.

Tools that upload your file to anonymise it

RedactProof processes on your device, so you are not uploading data to a cloud tool in order to protect it.

Nothing uploaded
Files stay on your device
60+ PII types
AI detection built in
Permanent pixel-burn
Text destroyed, not hidden
Tamper-evident exports
Verify with a QR code

AI has moved to the point of care

Clinicians now reach for AI in the middle of a visit, not just at a desk afterward. Purpose-built clinical assistants like OpenEvidence and UpToDate Expert AI sit alongside general assistants such as ChatGPT, Gemini and Claude, and the line between the two is blurring quickly.

A June 2026 study in Nature Medicine found that general-purpose models now match or beat specialized clinical tools on medical benchmarks. Gemini scored 97.4% on licensing-exam questions against 88 to 90% for the purpose-built systems, and on real clinician queries the frontier models were rated higher than the specialized tools. The practical takeaway for a busy clinician is blunt: the assistant that gives the best answer is no longer always the one labeled "medical", and the best answers come from giving the model the real case.

Every one of these tools is a third party

The catch is the same whichever you choose. OpenEvidence, UpToDate Expert AI, ChatGPT and Claude all run in the cloud. They produce sharper answers when you feed them the actual patient history, and the moment a name, Social Security number, medical record number or date of birth leaves your browser, you have disclosed identifiable patient data to an outside service.

"It is a clinical tool" is not the same as "it is safe to paste patient data into". Some vendors will sign a business associate agreement (BAA) for enterprise accounts; many clinicians use the free consumer tier, which carries no BAA. And because a general model now often gives the stronger answer, clinicians increasingly paste into tools that were never designed to hold health data at all.

De-identify in the browser, then ask

RedactProof removes the identifiers before anything is pasted. Load the letter, discharge summary or note, and on-device detection flags names, Social Security numbers, medical record numbers, dates of birth, addresses, contact details and 60+ other types of personal data. You redact them, copy the de-identified text, and paste only that into whichever assistant you trust. The file and the personal data in it never leave your device.

You keep what makes the tool useful, the clinical reasoning, the differential, the guideline lookup, without handing over anything that identifies the patient. The same workflow protects you whether you are using a clinical-native assistant or a general LLM, which matters now that the two are converging on quality.

What to strip before a clinical AI query

Direct identifiers. Patient name, Social Security number, medical record number, date of birth, address and ZIP code, phone and email. These are the obvious ones, and the ones most likely to be copied across without a second thought.

Quasi-identifiers. A rare diagnosis, an age and a small town can identify a patient as surely as a name. HIPAA Safe Harbor treats full dates and detailed geography as identifiers for a reason. Remove admission dates, unusual occupations and location detail wherever they are not clinically necessary to the question you are asking.

Third-party data. Names of relatives, caregivers, the referring physician and other clinicians mentioned in the record. They are personal data too, and they are not yours to disclose.

Free-text leakage. Notes and discharge summaries bury identifiers mid-sentence. Automated detection catches these far more consistently than a manual skim under time pressure, which is exactly when these queries tend to happen.

Not only for clinicians

The same problem turns up anywhere people paste source material into AI: a lawyer summarizing a brief, an HR team drafting from a case file, support staff pasting tickets. Redacting on-device first is the simple control that lets a team use AI without leaking the personal data inside its documents. If you work mainly with patient records, our healthcare redaction page covers de-identifying medical documents in more detail.

Common questions

Why redact before using AI?

Pasting personal data into a public LLM can violate privacy rules like HIPAA and leak client or patient information. Redacting first removes the risk while keeping the usefulness.

Does the document get uploaded?

No. Detection and redaction run in your browser. Nothing is sent to a server for standard use.

What can it detect?

Over 60 types of personally identifiable information, including names, contact details, financial and health data.

Is it safe to paste patient data into OpenEvidence or UpToDate Expert AI?

They are cloud services, so pasting an identifiable record is a disclosure to a third party. Enterprise accounts may be covered by a business associate agreement; consumer tiers generally are not. The safe approach is to de-identify the record first, then paste only the clinical detail you need answered.

Does redacting first make the AI answer worse?

No. Clinical reasoning depends on the history, exam and results, not on the patient name or Social Security number. Strip the identifiers and keep the clinically relevant detail, and the model has everything it needs to help.

Which AI tools does this work with?

All of them. Because redaction happens in your browser before you paste, RedactProof is independent of the assistant: OpenEvidence, UpToDate Expert AI, ChatGPT, Gemini, Claude or any other.

How your files are processed

Your device

PDFs are opened, rendered, and redacted entirely in your browser. Files are never uploaded.

Our servers

Only cryptographic hashes and certificate metadata are stored - for tamper-evident verification.

Precision Engine

Extracted text (not files) is routed through Cloudflare for enhanced detection. Processed in memory, never stored.

Security architecture Β· Privacy policy

Sanitize a document free

Redact the personal data in your browser, then paste with confidence.