How RelioIT's AI Triage Works Without Compromising HIPAA
RelioIT Engineering
Engineering Team
When we set out to build AI-powered ticket triage into RelioIT, we faced a challenge that most helpdesk vendors ignore: healthcare tickets contain Protected Health Information (PHI). Patient names, MRN numbers, clinical details — they appear constantly in support requests from ward staff. Running those through a cloud AI without safeguards is a HIPAA violation waiting to happen. This article explains exactly how we solved it.
The Problem with Standard AI Triage
Most AI-powered helpdesks simply forward your ticket body to a third-party API and return a classification. That's fine for retail or SaaS — but in a hospital, a ticket like 'Patient Jane Doe on Ward 7B cannot access her EPR record, MRN 4829201' just got sent to a server outside your trust boundary. That's not acceptable.
We built RelioIT's triage engine with a different architecture: PHI detection runs first, on your infrastructure, before any AI processing happens.
Our Three-Stage Pipeline
PHI Scrubbing (On-Premises)
Before any ticket text leaves your environment, our local PHI scanner identifies and redacts sensitive entities — patient names, MRNs, NHS numbers, dates of birth, ward identifiers. We use a combination of regex patterns and a locally-hosted NER model trained on healthcare text. The original ticket is stored encrypted in your database; only the scrubbed version proceeds.
AI Classification (Claude API)
The redacted ticket text is sent to Claude for classification. Claude assigns a priority (P1–P4), a category (EHR, Infrastructure, Network, Hardware, Access, Clinical Systems), a confidence score, and a suggested routing team. Because PHI has been removed, this API call is compliant — there's nothing identifiable in the payload.
Routing & Audit Logging
Classification results are applied to the original (un-redacted) ticket in your database. The ticket routes to the correct team. A full audit trail is written — what was redacted, what classification was returned, which agent received it, and when. Every step is logged for HIPAA audit purposes.
Confidence Thresholds and Human Override
We don't blindly trust the AI. Every classification comes with a confidence score. If Claude returns a confidence below 85%, the ticket is flagged for human review before routing. Your IT manager sees a small 'AI confidence: 72% — please verify routing' badge on the ticket.
Agents can override any AI decision with a single click. Every override is logged and feeds back into our classification reporting — so you can see which ticket types are consistently mis-classified and tune your category definitions accordingly.
What data does Claude actually see?
After PHI scrubbing, a typical ticket like 'Cannot log into EPR system, keeps saying invalid credentials, tried restarting' becomes: 'Cannot log into [SYSTEM_NAME] system, keeps saying invalid credentials, tried restarting'. The system name may also be generalised if it matches a known clinical system pattern. Claude classifies based on the symptom description, not the identifiers.
NHS and HIPAA Compliance Checklist
- ✓PHI never transmitted to external APIs in identifiable form
- ✓Local PHI model runs within your network boundary (Docker container)
- ✓All ticket content encrypted at rest (AES-256)
- ✓Full audit log of every AI classification decision
- ✓Human override available on every automated action
- ✓Confidence threshold configurable per organisation
- ✓Annual DPIA documentation provided on Enterprise plan
What This Means for Your Team
In practice, your agents stop manually triaging. A P1 EHR outage ticket arrives at 2am and is automatically routed to your on-call EHR team within seconds — no one needs to read it first, no PHI touches a third-party system, and the audit trail is complete. Our customers report a 60–70% reduction in triage time and a 40% improvement in first-response speed on P1 and P2 incidents.
If you'd like to see this in action, our demo environment at demo.relioit.com has live AI triage running with synthetic ticket data. You can submit a test ticket and watch the classification happen in real time.
Want to see RelioIT in action?
Explore our live demo environment — real workflows, AI triage, SLA dashboards, and more.
View Live Demo →