Is it safe to put company code into Cursor or Copilot?

Not by default. Whatever you paste or open gets sent to the AI provider's servers, including secrets and customer data. Emil sits between your tools and the model and catches API keys, credentials, customer data, and source code before they ever leave.

Can AI coding tools see my API keys and .env files?

Yes, whenever they end up in the files or prompts you send, which is the most common way secrets leak. Emil detects keys, tokens, passwords, and .env values and redacts them before the prompt reaches the model.

Does Emil slow down my AI?

No. Emil screens in the moment and hands the model a clean prompt, so you get the same responses at the same speed.

Does Emil store my prompts or my code?

No. Emil processes your text in memory and keeps only a short screening record (the decision, risk score, and a redacted preview), never the full content. Classification runs on Emil's own infrastructure, is never sent to a third-party model, and is never used for training.

Which tools does Emil work with?

Anything OpenAI-compatible: Cursor, Claude Code, Copilot, Lovable, v0, ChatGPT, Gemini, DeepSeek, Ollama, and self-hosted models. Point your tool at Emil instead of the provider, or use the browser extension if you don't write code.

Do I need to be technical to use it?

No. Developers change one line of config (the base URL). Everyone else uses the one-click browser extension that screens prompts before they reach the AI.

Healthcare

AI in healthcare without putting PHI in someone else's logs

Drafting patient communications with AI? Emil detects and blocks PHI — names tied to conditions, medical record numbers, the 18 Safe Harbor identifiers — and fails closed if a classifier is unavailable.

Protect your team For developers

The problem

Admin staff paste patient details into ChatGPT to draft messages — a HIPAA disclosure to a non-BAA vendor.
PHI in an AI provider's training or logs is a reportable breach with per-record penalties.
Most AI tools have no BAA and no way to keep PHI out.

What Emil catches for healthcare

Patient names linked to conditions or treatment
Medical record and account numbers
The 18 HIPAA Safe Harbor identifiers
Dates, contact details, and other PHI

Regulations this maps to

HIPAA Privacy & Security Rules
HITECH breach notification
State health-privacy laws

A content filter reduces regulatory risk but isn't compliance on its own. Review presets with counsel.

Questions

Can staff use ChatGPT with patient information?

Only behind a control. Emil detects PHI — names tied to conditions, MRNs, the 18 Safe Harbor identifiers — and blocks or redacts it before the prompt reaches the AI, so PHI never reaches a vendor without a BAA.

What happens if a classifier is down?

Emil fails closed for PHI: if a safety classifier is unavailable, the request is blocked rather than allowed through. Sensitive data is never let out on a best-effort basis.

Does Emil retain PHI?

No — it processes text in memory and stores only finding metadata (type + severity), never the PHI itself.

Is Emil itself HIPAA compliant?

Emil is built to keep PHI from reaching ungoverned AI tools and maps to HIPAA's safeguards. Compliance is a program, not a product — Emil is a strong technical control within it; pair it with your policies, training, and BAAs.

Other industries

Legal Accounting Education