Spell-check for privacy
Healthcare & clinical

Patient data does not belong in an AI prompt

Clinicians, nurses, and administration use AI every day for letters, notes, and handovers. BeeSensible highlights patient data in the text you type, before a prompt or email leaves the organisation.

  • Processing inside the EU
  • No content stored
  • Helps with GDPR and HIPAA

Who this is for

  • Clinicians and nurses using AI for letters, notes, and handovers
  • Administrative and secretarial staff processing medical correspondence
  • Data protection officers and privacy officers in healthcare
  • CISOs and security teams working under GDPR, HIPAA, and NEN 7510
Clinical professional working at a laptop with patient records

20+

AI tools, email, and chat where the extension watches along

0 sec.

The text you type is processed and discarded at once

EU

Detection and storage stay inside the European Union

A referral letter, a write-up of a consultation, a handover to a colleague: exactly the texts where AI saves time. And exactly the texts with names, identifiers, and diagnoses in them. BeeSensible highlights that data while you type, so you can remove it before you send.

From the field

Three moments your policy never reaches.

In the clinic

A referral letter in five minutes

A clinician has a full list of appointments and wants to draft a referral letter quickly. She pastes her notes into ChatGPT and asks for clean wording. Those notes hold the patient's full name, identifier, and diagnosis. The letter is ready at once, and health data has left the organisation.

During handover

A case that gives away too much

A nurse sends a colleague a quick message about a difficult case. The message carries the patient's name, the medication, and a remark about the home situation. No bad intent, just the pressure of the shift. One click and the data sits outside the record.

At the DPO's desk

The question you cannot answer

After an incident, the data protection officer wants to know which patient data ended up in which AI tools. A policy on responsible AI use exists. Proof that staff got a warning at the moment itself does not.

Guidance while people write

Patient names, BSN numbers, and medication details are marked before a handover is sent.

The warning appears in the text the clinician is writing. They can remove or mask the details before sharing.

Copilot
Draft a short referral summary from these clinical notes.
I can help draft a structured summary. Review identifiers before sharing outside the clinical context.
Summarise the handover for patient Maria van den Berg (DOB 14-03-1962, BSN 145823671). Current meds: metformin 500mg twice daily, lisinopril 10mg. Contact: +31 6 12345678.
Review sensitive details before sharing outside the browser.

Why this is hard

The risk sits in the moment someone types.

01

AI moves faster than policy

Clinicians and nurses use ChatGPT and Copilot for letters, notes, and summaries. Often without calling it AI. Policy lags behind what happens every day.

02

Patient data gets extra protection

Under GDPR and HIPAA, health data is special category data, and it sits under medical confidentiality too. Pasting it into a consumer AI tool is a breach, even when it happens by accident.

03

A ban backfires

Banning AI outright gives you no safety, only Shadow AI on personal phones. People need help at the moment they type, not a rule they route around.

04

You have to be able to show it

To the DPO, to the regulator, in a NEN 7510 audit. Accountability means showing that technical controls work, not just that a policy exists on paper.

Across education

Recognisable wherever you work.

The same risk shows up in different files, from primary school to research.

Primary care

Referral letters, consultation notes, and correspondence with patients and pharmacies.

Hospitals

Discharge letters, handovers between departments, and notes full of clinical data.

Mental health

Treatment plans, intake notes, and sensitive remarks about the home situation.

Allied health

Treatment notes, reports to referrers, and billing correspondence.

Research

Study data, transcripts, and records of research participants.

How BeeSensible helps

A warning in the text field, before anything is sent.

Sensitive details get a highlight while staff write. They decide what to remove, replace, or mask.

Recognises health data

Highlights patient names, identifiers, dates of birth, diagnoses, and medication while you type. Works on Dutch and EU formats.

Works in the tools you already use

Runs in the browser, in AI tools, Gmail, Outlook, and chat. No separate app, no proxy, no training up front.

You stay in control

You choose: remove, replace with a realistic alternative, or mask. The extension never changes your text on its own and never blocks sending.

Counts, not content

Administrators see patterns by tool and category. What an individual staff member writes is never stored and cannot be read.

For DPO, privacy officer, and security

Show the control works, without looking over anyone's shoulder

BeeSensible gives you the evidence accountability asks for, while respecting the privacy of your own staff.

Total detections

12,438

Top apps

  • ChatGPT
  • Gmail
  • Gemini
  • Slack

Example dashboard. Counts and types only, never content.

Data protection officer

A control you can demonstrate

Show the regulator and auditors that staff get a warning at the moment of input, backed by counts of detections and handled prompts.

Privacy officer

No view into individuals

The dashboard shows no text and no single people. Groups smaller than ten users are not shown. Insight into patterns, not surveillance of people.

CISO and security

Nothing changes in your stack

No proxy and no new application. The extension runs in Chrome and Edge. Detection and storage stay inside the EU, all traffic over TLS 1.3.

Honest answers

The questions we hear first.

If a tool cannot answer these, it does not belong on your browsers. Here is where BeeSensible stands.

Does BeeSensible watch everything clinical staff type?

No. The extension analyses text in the input fields of supported tools to highlight sensitive data. That text travels to a BeeSensible server inside the EU, is processed in working memory, and is discarded at once. The content is never stored and cannot be read by anyone, not even an administrator.

Does it block AI tools or block sending?

No, BeeSensible blocks nothing. You see a highlight in the text and choose what to do: remove, replace, or mask. The clinical staff member stays in control, and the organisation gets insight into patterns.

Does this make us GDPR compliant?

No tool makes you compliant on its own. BeeSensible helps with GDPR and HIPAA by covering the moment of input and supporting your accountability. Your organisation stays the controller, BeeSensible is the processor, and a processing agreement is signed.

Does detection work on Dutch data too?

Yes. The detection engine handles Dutch and English reliably and recognises data common in healthcare, such as names, identifiers, dates of birth, and diagnoses.

How much work is the rollout?

Limited. There is no proxy or new application to install. The extension runs in the browser your organisation already uses and can be rolled out centrally through your management console.

Compliance

Built to support the checks you already have to show.

GDPR and HIPAA

Supports your accountability and covers the moment personal and health data is entered.

Special category data

Helps recognise health data before it is shared, in line with medical confidentiality.

NEN 7510

Aligns with information security in healthcare and helps you back up technical controls.

EU processing

Detection runs on the user's own machine, or on ISO 27001 certified EU infrastructure (API in the Netherlands, detection in Germany). A processing agreement is signed with every customer.

Give staff a signal at the moment that counts

BeeSensible works in the tools your organisation already uses. No rollout project, and you see your first detections in minutes.