Designed for secure healthcare workflows and human-reviewed decisions.
VeriSight is built for admissions review workflows where payer, authorization, clinical, and financial information must be handled carefully. Public contact forms are not for PHI or patient records.
No PHI or patient records by email.
What VeriSight does and does not do.
Supports admissions review
AdmitScore™ helps identify payer risk, documentation gaps, authorization readiness, and financial fit.
Does not replace judgment
It does not replace clinical, operational, payer, legal, or admissions judgment.
Facility staff decide
Facility staff remain responsible for final admission, authorization, and follow-up decisions.
Source verification required
AI-extracted payer, authorization, and clinical information should be verified against source documents.
No reimbursement guarantees
Revenue and margin estimates are planning estimates and are not guarantees.
No public PHI intake
Do not submit PHI, patient records, or confidential clinical information through public forms.
Concrete posture, plain English.
This public page does not assert a certification, executed contractual coverage, or a control that a buyer cannot verify. Before a live-data pilot, your team reviews the current architecture, subprocessors, data flow, retention, incident terms, and BAA requirements with VeriSight.
Deployment review
- Hosting region and service boundaries are documented during procurement.
- Transport and storage controls are reviewed before live-data use.
- The public site uses modern browser security headers.
- Your team can request the current architecture and data-flow review.
BAA and PHI boundary
- A signed BAA is required before any PHI workflow begins.
- Public website forms never accept PHI; honeypot + Turnstile verification on submit.
- Any live-data intake method is approved and documented before the pilot; public forms and email are excluded.
- Synthetic-only data on every public marketing example.
AI subprocessors
- Provider selection and configuration are disclosed before live-data use.
- Contractual and BAA coverage must be confirmed in executed documents.
- Packet scope, retention, and provider data-use settings are reviewed.
- Request the current subprocessor list during the security review.
Access, audit, and retention
- Role-based access for pilot users; admin-only for Margin Score by design.
- Audit events and reviewer visibility are scoped during implementation.
- Retention and deletion terms are defined before live-data use.
- The executed BAA and pilot agreement govern data handling.
Compliance readiness
- No public claim of HIPAA certification or completed SOC 2 certification.
- Live-data pilots require a signed BAA and completed security review.
- Current readiness status is discussed during scoping rather than implied on the public site.
- Buyers should validate current controls, subprocessors, and terms before go-live.
Incident posture
- Incident-response and notification commitments are defined in executed pilot and BAA terms.
- Monitoring, backup/recovery, and escalation controls are reviewed before go-live.
- Initial security reports must not include PHI, credentials, or patient records.
- Responsible disclosure: report security issues to security@verisightanalytics.com; see our security.txt and safe-harbor policy.
Ready to evaluate? Email info@verisightanalytics.com to start a security review. VeriSight will confirm which current materials are available and define the controls and executed terms required before any live-data pilot. Do not include PHI or patient records in the request.
Where we hold the line.
Above is what we do. Below is what we won't say without documentation. The public site avoids blanket compliance claims; current controls and contractual terms must be verified during security review.
Security and implementation scope are reviewed before live-data pilot use.
A Business Associate Agreement must be fully executed before any PHI workflow begins. No exceptions.
Website lead forms are for business inquiry details only, not clinical records.
Marketing examples use synthetic/demo data and avoid real identifiers.