FirmAdapt is an AI-powered business diagnostics platform that audits companies to expose operational inefficiencies and broken processes. We then deploy custom AI agents, robotic process automation, and engineered solutions to fix the problems we find. Our diagnostic tools include company audits, website audits, competitive intelligence, and faith-based compliance screening.

Does FirmAdapt have a free API?

Yes, FirmAdapt offers free open API endpoints that require no authentication. AI agents and developers can make up to 10 requests per week without signing up. The API supports company profile lookups, faith-based compliance screening, and stock searches across 12 global markets.

What is faith-based stock screening?

Faith-based stock screening analyzes a company's financial ratios and business activities to determine compliance with religious investment guidelines. FirmAdapt supports 9 frameworks including Shariah (AAOIFI, S&P), Christian (BRI), Catholic (USCCB), Jewish (Halakhic), LDS/Mormon, ESG Religious, and Evangelical standards.

Can AI agents use FirmAdapt?

Yes, FirmAdapt is designed for native AI agent integration. It provides an MCP (Model Context Protocol) server for Claude Desktop, Cursor, and other AI tools. AI agents can access company profiles, run faith-based compliance screens, and search stocks across 12 global markets using free open endpoints with no API key required.

What markets does FirmAdapt support?

FirmAdapt supports 12 global markets: US (NYSE/NASDAQ), UK (London Stock Exchange), Germany (XETRA), France (Euronext Paris), Japan (Tokyo Stock Exchange), India (NSE/BSE), Saudi Arabia (Tadawul), UAE (Dubai/Abu Dhabi), Malaysia (Bursa), Indonesia (IDX), Canada (TSX), and Australia (ASX).

Back to Blog

AI complianceregulatoryhealthcareHIPAAPHI

Patient Portal Chatbots: The Lowest-Hanging HIPAA Fruit for an OCR Investigation

By Basel IsmailMay 4, 2026

Patient Portal Chatbots: The Lowest-Hanging HIPAA Fruit for an OCR Investigation

If you run a health system or a digital health company with a patient-facing chatbot, I want you to try something. Open an incognito browser window, navigate to your patient portal, and start chatting with the bot. Ask it about a prescription refill. Ask it to confirm an appointment. Ask it something that would require it to surface PHI. Now look at the URL bar. Check the network requests in your browser's developer tools. See where the data is going.

If that exercise makes you nervous, it should. Because the Office for Civil Rights can do the same thing, and they do not need your permission.

Why Chatbots Are Uniquely Exposed

OCR investigations typically begin one of two ways: a complaint from a patient or a breach report filed under the Breach Notification Rule (45 CFR 164.408). But there is a third path that gets less attention. OCR has the authority under 45 CFR 160.308 to initiate compliance reviews on its own, without a triggering complaint. And when they decide to look proactively, they are going to look at what is easiest to examine from the outside.

Patient portal chatbots are publicly accessible. They require no subpoena to interact with. They generate observable network traffic. An investigator can, in about fifteen minutes, determine whether a chatbot is transmitting data to a third-party processor, whether the connection is encrypted in transit, whether session tokens are handled properly, and whether the bot is collecting information that qualifies as PHI before any authentication step occurs.

Compare that to investigating an internal EHR misconfiguration, which requires document requests, on-site reviews, and months of back-and-forth. The chatbot is right there on the public internet, waiting.

The Tracking Technology Enforcement Wave Is Already Here

OCR's December 2022 bulletin on tracking technologies was a clear signal. The bulletin specifically called out technologies on "user-authenticated webpages" (like patient portals) that collect and transmit PHI to third parties. In July 2023, OCR updated the guidance after industry pushback, but the core position held: if a tracking technology on your patient portal captures individually identifiable health information, it is PHI, and its disclosure to a third-party vendor without a BAA and proper authorization is a HIPAA violation.

Chatbots sit squarely in this enforcement zone. Many patient portal chatbots are operated by third-party vendors. Many of those vendors use cloud infrastructure that routes data through sub-processors. Some chatbots incorporate analytics or AI services from companies that have no BAA in place with the covered entity. Each of these configurations is a potential violation of the Privacy Rule (45 CFR 164.502) and the Security Rule (45 CFR 164.312).

The settlements tell the story. In 2024, OCR continued its pattern of pursuing cases involving impermissible disclosures to technology vendors. The Cerebral, Inc. breach report in early 2023, which involved tracking pixels transmitting PHI to third-party platforms for approximately 3.18 million individuals, demonstrated how seriously OCR treats technology-mediated disclosures. Monument, Inc. reported a similar issue affecting 2.4 million individuals around the same time. These were tracking pixel cases, but the underlying legal theory applies identically to chatbot data flows.

Common Misconfigurations That Create Liability

Having reviewed dozens of patient portal chatbot implementations, the same problems come up repeatedly.

Pre-authentication data collection. The chatbot asks the user to describe symptoms, provide a date of birth, or enter a medical record number before the user has logged in. This data is now being collected in a context where the security controls of the authenticated portal do not apply. If the chatbot vendor is logging this input (and they almost always are), you have an impermissible disclosure unless a BAA is in place and minimum necessary standards are met.
Third-party AI model APIs. Some chatbot vendors pass user queries to external large language model APIs for natural language processing. If the query contains PHI, and the LLM provider has no BAA with the covered entity or business associate, this is a disclosure violation. As of mid-2025, most major LLM providers either do not offer BAAs or offer them only under specific enterprise tiers that many chatbot vendors have not purchased.
Inadequate audit logging. The Security Rule at 45 CFR 164.312(b) requires audit controls. Many chatbot implementations log interactions on the vendor side but do not make those logs accessible to the covered entity. This creates a gap in your ability to detect and respond to unauthorized access or disclosure.
Session management failures. Chatbot sessions that persist after the user logs out of the portal, or that fail to terminate after a reasonable inactivity period, violate the automatic logoff requirement under 45 CFR 164.312(a)(2)(iii). This is a straightforward technical control that is frequently absent.
Missing encryption at rest. The chatbot vendor stores conversation transcripts that contain PHI. The Security Rule's encryption addressable specification at 45 CFR 164.312(a)(2)(iv) means you either encrypt or document why you did not. Most chatbot vendors do not provide covered entities with documentation of their encryption posture for stored conversation data.

The Investigative Playbook Is Predictable

OCR's approach to these investigations follows a pattern. They will request your BAAs with the chatbot vendor and any sub-processors. They will ask for your risk analysis under 45 CFR 164.308(a)(1)(ii)(A), and they will want to see that the chatbot was included in its scope. They will request documentation of the minimum necessary analysis you performed for data shared with the chatbot vendor. And they will look at your Notice of Privacy Practices to see whether patients were informed about the chatbot's data handling.

The penalty structure is not trivial. Under the HITECH Act's tiered penalty framework (as adjusted for inflation), a violation attributable to willful neglect that is not corrected within 30 days carries a minimum penalty of $71,162 per violation, up to $2,134,831 per identical violation category per calendar year. If OCR determines that you deployed a chatbot without performing a risk analysis that included the chatbot's data flows, that is willful neglect territory. The "we didn't think about it" defense has never worked well with OCR, and it works even less well when the technology is sitting on your public-facing website.

What Makes This Different From Other Compliance Gaps

Most HIPAA compliance gaps require OCR to dig. They need to request documentation, interview staff, review internal systems. Chatbot misconfigurations are different because they are observable without any cooperation from the covered entity. An OCR investigator, a journalist, a plaintiff's attorney, or a state attorney general can interact with your chatbot and document potential violations without ever contacting you. The New York Attorney General's $300,000 settlement with a telehealth company in 2023 over tracking technology disclosures shows that state regulators are watching the same attack surface.

This visibility asymmetry is what makes patient portal chatbots uniquely risky. Your internal data governance might be excellent. Your EHR access controls might be airtight. But if your chatbot is leaking PHI to a third-party API on the public internet, that is the thing that gets found first.

How FirmAdapt Addresses This

FirmAdapt's architecture was designed for exactly this kind of problem. When deploying conversational AI in a regulated context, FirmAdapt processes data within a compliance boundary that prevents PHI from being transmitted to external model providers without a validated BAA chain. The platform maintains audit logs that are accessible to the covered entity and structured to satisfy 45 CFR 164.312(b) requirements, and it enforces session management controls that align with Security Rule specifications.

More practically, FirmAdapt's configuration framework requires that data flow mapping and minimum necessary analysis are completed before a chatbot goes live, not retroactively after a breach report. This is the kind of structural guardrail that turns a compliance risk into a documented, defensible process, which is ultimately what OCR is looking for when they come knocking.

Ready to uncover operational inefficiencies and learn how to fix them with AI?

Try FirmAdapt free with 10 analysis credits. No credit card required.

Get Started Free