Healthcare AI with the gates stated up front
Bee treats healthcare as a restricted domain by design: explicit acknowledgement gates, HIPAA-postured private deployment, and data handling written into the DPA — not implied.
Honesty first: how Bee gates healthcare
Healthcare is a Tier-3 restricted domain on Bee. Healthcare workflows require explicit acknowledgement, may carry jurisdictional gates, and operate under your regulatory regime — Bee is a tool, and the platform says so in its Acceptable Use Policy rather than burying it.
That design is deliberate: organisations that answer to regulators need a vendor whose defaults are conservative and whose claims are checkable.
Where the platform does the heavy lifting
- →Document intelligence over policy manuals, research literature, and administrative documentation, with cited answers.
- →1M-token long-context on Comb and Buzz for reasoning across large document sets in one request.
- →Vision input on Comb, Buzz, and Hive for scanned forms and document images in administrative workflows.
- →JSON mode for schema-valid extraction into downstream systems.
- →Team workspace with pooled tokens, so departments share one governed deployment instead of shadow AI accounts.
Deployment and compliance posture
For protected health information environments, the shared cloud is usually not the destination. Bee Enclave Private Cloud (from $7,500/mo) runs single-tenant in your VPC, and Enclave Regulated (from $15,000/mo) is contracted with SOC 2, ISO 27001, and HIPAA compliance postures, customer-managed keys, and immutable audit logs.
Data handling follows the published DPA: TLS 1.3 in transit, AES-256-GCM at rest under per-tenant keys, breach notification within 72 hours, and sub-processors disclosed in Schedule A.
Data protection across jurisdictions
HEOSSI (Pte.) Ltd. is incorporated in Singapore and processes under the PDPA; the DPA extends coverage to GDPR and UK GDPR with EU Standard Contractual Clauses for transfers. Hive-plan and above customers can request region-pinned processing.
Customer data is not used to train the Bee base model. Prompts, documents, and outputs stay yours; processing is limited to serving, securing, and operating the service.
Frequently asked questions
- Can Bee be used for clinical diagnosis?
- Bee is not a medical device and does not provide clinical diagnosis. Healthcare is a restricted (Tier-3) domain gated behind explicit acknowledgement; healthcare organisations use Bee for document, research, and administrative workloads under their own regulatory controls.
- Does Bee support HIPAA compliance?
- Enclave plans are contracted with a HIPAA compliance posture alongside SOC 2 and ISO 27001, with customer-managed keys and immutable audit logs on Enclave Regulated. Shared public tiers are not the intended surface for PHI.
- Where does our data live?
- Enclave deployments run in your VPC or air-gapped environment. On the shared cloud, Hive-plan and above customers can request region-pinned processing (EU, US, or Singapore), and sub-processors are disclosed in the DPA.
- Is patient or staff data used to train models?
- No. Customer data is not used to train the Bee base model — a contractual commitment in the Terms and DPA.
- How do we evaluate before committing?
- Start with non-PHI document workloads on the free Cell tier or a small team plan, then contract an Enclave deployment once your compliance review clears the posture.
Related
Start on the free tier
Bee Cell is free — no card. Scale to paid tiers, the API, or sovereign deployment when you are ready.