Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.bowerlabs.ai/llms.txt

Use this file to discover all available pages before exploring further.

If your workspace handles protected health information (PHI), you can enable HIPAA compliance mode to enforce stricter controls on AI processing and data sharing.

What PHI mode does

When enabled, two restrictions take effect immediately:
  • AI processing is restricted to Google Gemini only. Bower uses multiple AI providers for different tasks. In PHI mode, only routes that use Google Gemini (covered by a signed Business Associate Agreement) are permitted. Other AI features are blocked at the API level.
  • External sharing is disabled. Share links cannot be created for any artifact in the workspace. Existing share links are not retroactively removed, but no new ones can be generated.
These restrictions are enforced server-side by middleware — they cannot be bypassed from the frontend.

What still works in PHI mode

The following features use Google Gemini exclusively and remain available:
  • Voice transcription (Google Cloud Speech-to-Text, covered by GCP BAA)
  • Photo OCR and text extraction (Gemini Vision)
  • AI-generated descriptions for attachments (Gemini)

What is blocked in PHI mode

Any AI route not in the Gemini-only allowlist is blocked. This includes features that may route through non-BAA-covered providers. If you attempt to use a blocked feature, you will see an error explaining that the feature is restricted in PHI workspaces.

Enabling PHI mode

Only workspace admins and owners can toggle PHI mode.
1

Go to Settings > Workspace

2

Find the PHI mode toggle in the workspace card

3

Click the toggle to enable

4

Confirm in the dialog that appears

A confirmation dialog will explain exactly what changes. Once confirmed, restrictions take effect immediately.

Disabling PHI mode

You can disable PHI mode from the same toggle. A warning dialog will explain that HIPAA protections will be removed. Disabling is also immediate — AI provider restrictions are lifted and sharing is re-enabled.

Important notes

  • PHI mode is forward-only. Enabling it does not retroactively re-process content that was previously handled by non-Gemini providers.
  • PHI mode is a workspace-level setting. If you have multiple workspaces, each one can be configured independently. Consider creating a dedicated workspace for PHI data.
  • Bower’s PHI mode restricts AI processing and sharing. It does not replace a full HIPAA compliance programme. You are responsible for ensuring your organisation meets all applicable requirements, including staff training, risk assessments, and BAA coverage for other tools in your workflow.

Further reading