LizziAI

How does LizziAI handle sensitive customer information?

LizziAI handles sensitive customer information through tenant-isolated memory, per-field encryption, role-based access controls, and configurable redaction before any data touches an external AI model. Sensitive data never leaves your tenant boundary, and you control what LizziAI can see, store, and send to model providers.

The four layers of protection

1. Tenant isolation

Every customer gets a logically isolated database with row-level security. LizziAI running in your tenant cannot see, query, or learn from any other tenant's data — ever. There is no shared model fine-tuning across tenants.

2. PII detection and redaction

Before any prompt is sent to OpenAI or Anthropic, LizziAI runs the content through a PII scanner. Configurable categories include:

  • Social Security numbers, EINs, tax IDs
  • Credit card numbers and bank account info
  • Date of birth and government ID numbers
  • Medical record numbers and diagnosis codes
  • Driver's license and passport numbers

Detected fields are replaced with semantic placeholders (e.g., [CLIENT_DOB]) before the prompt goes outbound. The AI sees the structure but not the value. The placeholder is rehydrated locally in your tenant when the response comes back.

3. Role-based access

Team members see only the data their role permits. A receptionist might see appointment details but not billing; an account manager might see everything for their assigned clients but nothing for others. LizziAI inherits the same permissions as the user it's acting on behalf of.

4. Provider-side data handling

We use OpenAI and Anthropic enterprise APIs with zero-retention agreements — your prompts and responses are not used to train their models and are not retained beyond the request. Audit logs of all AI calls live in your tenant for compliance review.

HIPAA, PCI, and beyond

HIPAA support (with BAA) is on the roadmap; today, MiOpsAI supports HIPAA-aware patterns for non-PHI workflows. Card data should not be stored in MiOpsAI — use a PCI-compliant payment processor. Talk to us about your specific compliance requirements.

Last updated April 20, 2026

Related questions

What is LizziAI and what does it do?How does LizziAI learn my business voice and tone?Does LizziAI integrate with Gmail and Outlook?Can LizziAI follow up with leads automatically?How does LizziAI handle client emails automatically?Does LizziAI work 24/7 without human supervision?

Ready to see MiOpsAI in action?

Request access and we’ll walk you through how the platform solves your specific workflow.

Request Access →