How to make OpenClaw HIPAA compliant

The honest answer: you cannot make raw, self-hosted OpenClaw HIPAA compliant just by flipping a setting. HIPAA compliance is a program, not a feature. You need signed Business Associate Agreements, encrypted infrastructure, auditable access controls, PHI minimization policies, and a written breach-response plan — and you need them all working together before a single patient message touches the system.

Why raw OpenClaw is not HIPAA-ready out of the box

OpenClaw is a powerful open-source AI agent platform. Like any open-source software, it ships with no signed Business Associate Agreement (BAA — the legally required contract between a covered healthcare entity and any vendor that handles patient data) and no built-in HIPAA compliance program.

That is not a criticism of the project; it is simply what open-source means. The maintainers cannot sign a BAA with every practice that downloads the code. When you self-host OpenClaw and route protected health information (PHI — any data that can identify a patient and relates to their health) through it, HIPAA compliance is entirely your responsibility.

The checklist below lays out every control you would need to implement yourself. Read it with that lens: each item is real work, not a checkbox you mark in a config file.

Step 1: Sign a BAA with every subprocessor in the chain

A BAA is the legal document that makes a vendor your Business Associate and obligates them to protect PHI under HIPAA. You need one with every service that stores, transmits, or processes PHI on your behalf — not just the AI layer, but also your cloud host, your database provider, and any API the agent calls.

• Cloud host (e.g., AWS): AWS offers HIPAA-eligible services and will sign a BAA, but you must opt into the HIPAA program and use only the covered services. Spinning up a default EC2 instance does not automatically give you a BAA.
• Database / backend (e.g., Convex): if OpenClaw stores conversation history or task data in a managed backend, that vendor also needs a signed BAA.
• AI model provider: if the agent calls an LLM API (OpenAI, Anthropic, etc.), that provider must sign a BAA. Consumer API tiers typically do not offer BAAs; enterprise agreements are required.
• Any third-party integration: every EHR API, CRM, or scheduling tool that receives PHI from the agent needs its own BAA.

Step 2: Encrypt PHI in transit and at rest

HIPAA's Technical Safeguards require that PHI be protected from unauthorized access. In practice that means TLS 1.2 or higher for all network traffic (in transit) and AES-256 or equivalent encryption for all stored data (at rest) — including database records, log files, and any backup or snapshot.

With self-hosted OpenClaw you are responsible for configuring encryption at every layer: the web server, the database, the object storage bucket, and any message queue or cache the agent uses. Default open-source configurations often leave some of these unencrypted.

Step 3: Implement access controls and MFA

HIPAA requires that only authorized users can access PHI, and that access is granted on a minimum-necessary basis. For a self-hosted AI agent that means role-based access controls (RBAC — a system that limits what each user account can see or do) on both the application and the database, plus multi-factor authentication (MFA) for every account that can reach PHI.

You also need a formal process for provisioning and revoking access when staff join or leave. An employee whose account remains active after they leave is a HIPAA violation waiting to happen.

Step 4: Enable full audit logging

HIPAA's Audit Controls standard requires that you record who accessed PHI, when, and what they did with it. That log must be tamper-evident, retained for at least six years, and reviewable for a breach investigation.

Out of the box, OpenClaw does not ship a HIPAA-grade audit log. You would need to instrument every API call and database write, route the logs to a secure, append-only store, and set up alerting for suspicious access patterns.

Step 5: Apply PHI minimization and disable model training on patient data

PHI minimization means the system should collect and retain only the minimum patient data necessary to complete each task. For an AI agent that handles scheduling, billing queries, or clinical notes, this requires careful prompt engineering and output filtering so the model does not store or echo PHI it does not need.

Critically: if your OpenClaw deployment calls a third-party LLM API, you must confirm that the provider does not use your inputs to train or improve its models. Most consumer LLM products do use your data for training by default. HIPAA prohibits using PHI for any purpose beyond the treatment, payment, or operations covered by the BAA.

Step 6: Write a breach notification plan — and test it

HIPAA's Breach Notification Rule requires that you notify affected patients within 60 days of discovering a breach, notify the Department of Health and Human Services (HHS), and — for breaches affecting 500 or more individuals in a state — notify local media. You need a written incident-response plan before a breach happens, not after.

For a solo practice or small group self-hosting an AI agent, drafting, reviewing, and testing this plan is significant overhead. Most practices do not have a designated Security Officer to own it.

PhiClaw: OpenClaw's HIPAA-compliant build, ready on day one

PhiClaw is the healthcare-ready build of this technology. Instead of asking your practice to implement every control above from scratch, PhiClaw delivers them as a managed service — so you can use the same AI agent capability without taking on the compliance engineering burden.

PhiClaw signs a Business Associate Agreement (BAA) with your practice and runs on HIPAA-eligible infrastructure, with BAAs in place with its subprocessors AWS (including Amazon Bedrock for the AI models) and Convex. PHI minimization, encryption in transit and at rest, role-based access controls, MFA, and full audit logging are built into the platform — not afterthoughts you configure yourself.

The platform also includes a built-in HIPAA EHR and CRM (electronic health record and customer relationship management system), e-prescribing including controlled substances (EPCS), and 300-plus HIPAA-compliant integrations with 30 or more major EHRs — Epic, Oracle Health/Cerner, Athenahealth, eClinicalWorks, and others. Free migration from your existing EHR or CRM is included.

In four months of operation, PhiClaw has executed 76,000-plus tasks for medical practices — scheduling, lead follow-up, SOAP notes, social posts, supply reorders — with 83% of messages answered in under 60 seconds and 0% churn since launch. Every client came through doctor-to-doctor referral with zero ad spend. The licensed clinician always remains the decision-maker; PhiClaw handles the workflow around them.

Starter plans begin at $300 per month. The Growth plan at $1,000 per month gives your practice an unlimited-message AI employee — not a credit-based system. Enterprise pricing is available at 30% of documented labor savings. There is also an on-premises deployment option for larger health systems that need to keep data inside their own environment.

Frequently asked questions

Can I make self-hosted OpenClaw HIPAA compliant on my own?

Technically yes, but it requires signing BAAs with every subprocessor, implementing encryption at every layer, configuring audit logging, enforcing access controls and MFA, applying PHI minimization, and maintaining a written breach-response plan. This is months of engineering work and ongoing compliance overhead — most practices are better served by a managed HIPAA build like PhiClaw.

Does OpenClaw sign a Business Associate Agreement?

No. OpenClaw is open-source software. Open-source projects do not have a legal entity that can sign a BAA with your practice. If you use raw OpenClaw with patient data, there is no BAA in place, which is a HIPAA violation. PhiClaw is the HIPAA-compliant build that signs a BAA and provides HIPAA-eligible infrastructure.

What subprocessors does PhiClaw have BAAs with?

PhiClaw runs on AWS (including Amazon Bedrock for AI model inference) and Convex for its backend, and holds executed BAAs with both. These are the primary subprocessors that handle or store PHI on behalf of your practice.

Is the AI model provider covered under PhiClaw's BAA?

Yes. PhiClaw uses Amazon Bedrock, which is part of AWS's HIPAA-eligible service portfolio. PhiClaw holds a BAA with AWS that covers Bedrock, meaning your patient data is not used to train or improve the underlying AI models.

What does PhiClaw cost compared to building HIPAA compliance yourself?

PhiClaw starts at $300 per month for the Starter plan. The Growth plan is $1,000 per month for unlimited messages — no per-credit charges. Building equivalent compliance on a self-hosted OpenClaw deployment would require a security engineer, annual audits, vendor BAA negotiations, and ongoing maintenance, typically costing far more and taking months before you can safely handle PHI.