Generative AI API for Healthcare

HIPAA Compliant - Healthcare Optimized

Outperforms GPT-5, GPT-4o, GPT-4.1, o3, and Gemini 3 Pro for healthcare applications while maintaining full HIPAA compliance. Purpose-built for therapy, clinical and healthcare workflows.

30-day free trial - 99.9% uptime guarantee - 500k token context

This document outlines the necessary details to integrate with the BastionGPT API, including input parameters, output structure, pricing, limitations, and usage examples. To get started, sign up for BastionGPT Plus to explore our capabilities through the same API you'll receive access to. If you have additional questions about the API or would like to apply for access, schedule a consultation at https://bastiongpt.com/meet to review your use case and receive your API key.

Key Benefits

HIPAA-Compliant by Design

Full compliance with healthcare regulations. Patient data stays secure with enterprise-grade encryption. Your data is never sold or used to train our AI models. Licensed for secure use with PHI and PII, with OpenAI having no access to your data.

Superior Healthcare Performance

Utilizes a pool of the leading AI models like GPT-4o, 4.1, o3 and Gemini Pro, optimized for use by healthcare and mental health professionals. Expertly trained on thousands of clinical documentation standards and clinical workflows, such as prior authorizations and appeal letters.

Enterprise-Ready Infrastructure

99.9% uptime SLA, 800 requests/minute, 2M tokens/minute. Built to support the next generation of powerful healthcare applications.

Features

Advanced Chat Completion - 500,000 token context window for detailed patient histories and complex clinical scenarios.

Speech-to-Text Transcription - Medical transcription at $0.73/hour for therapy sessions and ambient patient scribing.

Content Filtering - Reduced content filters to allow for adult topics in a healthcare context.

Multi-Region Deployment - Available in US, Canada (Quebec), and Australia for data residency compliance.

Pricing

$45/month

Includes $45 in monthly token credits

What's Included:

  • 2M tokens/minute rate limit
  • 800 requests/minute
  • 500K token context window
  • 99.9% uptime SLA guarantee

Pay-As-You-Go:

  • Input: $0.018 per 1K tokens (~770 words)
  • Output: $0.045 per 1K tokens (~770 words)
  • Audio: $0.73 per hour

Coming Soon:

  • Direct ingestion of files other than text or audio is planned Q1 2026.
  • Ingestion of images and PDF for text recognition is planned Q1 2026.
  • Generation of images is planned Q2 2026.

Enterprise-Grade Security

We prioritize the security and integrity of your data. Our API infrastructure is built with robust security measures, ensuring your interactions are protected using industry best practices. Here's how we safeguard your connections:

Top-Tier Encryption Standards: Your data in transit is protected by the latest, most secure encryption protocols. We exclusively support TLS 1.3 and TLS 1.2, disabling outdated and vulnerable protocols like SSLv3, TLS 1.0, and TLS 1.1. This ensures your connection uses only modern, strong cryptographic standards.

Advanced Cipher Suites: We utilize strong, authenticated cipher suites like AES-GCM (up to 256-bit), offering high performance and the highest level of confidentiality and integrity for your API calls. Our server prioritizes the strongest available ciphers supported by your client.

Forward Secrecy Enabled: Our API implements Forward Secrecy using Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) key exchange. This crucial feature ensures that even if a server's long-term private key were ever compromised, past communication sessions remain secure and cannot be decrypted.

Trusted and Verified Identity: Our API endpoint uses a certificate issued by a reputable, globally trusted Certificate Authority (GeoTrust/DigiCert), signed with a strong SHA-256 algorithm. This verifies the identity of our server and establishes a secure, trusted channel for your communications.

Protection Against Known Vulnerabilities: Our configuration is actively hardened against numerous known SSL/TLS vulnerabilities, including BEAST, POODLE (SSLv3 and TLS variants), Heartbleed, ROBOT, and others. We continuously monitor and update our systems to protect against emerging threats.

Independently Verified Security: Our endpoint configuration consistently achieves a top 'A' rating from independent SSL/TLS security assessment tools like Qualys SSL Labs, demonstrating our commitment to maintaining a highly secure environment.

Ready to Get Started?

4 Simple Steps:

  1. Sign Up for BastionGPT Professional Plus - Explore our capabilities over your 30 day developer trial through our user interface, powered by the same API you'll receive access to.
  2. Schedule a 15-Minute Consultation - Meet with our team to review your use case, verify compliance with our terms of use and safety standards, and answer your questions.
  3. Receive Your API Key - Get your key and documentation shortly after the meeting.
  4. Start Building - Make your first API call

Take the first step by signing for your account and then schedule your use case review: https://bastiongpt.com/meet

API Inputs

Parameter Type Required? Default Description
Content-Type string Yes application/json Specifies the media type of the resource. This is typically application/json.
Key string Yes n/a A unique 32-digit alphanumeric API key provided to users for authentication.
Function string No general This parameter is used to specify specialty functions. As of the current version, only the "general" function is supported.
Temperature number No 0.5 A floating-point number between 0 and 1 indicates the level of creativity desired in the response. A lower value means less creativity but increased data accuracy.
Content string Yes n/a The actual content or prompt you wish to submit to BastionGPT.
Max Tokens number No 0.5 Maximum amount of data (expressed in tokens) that BastionGPT should generate in the response.

API Outputs

Parameter Type Default Description
ID string - A unique identifier for the generated response.
Created number - A timestamp indicating when the prompt was created.
Content string - The generated response to the submitted prompt.
Prompt_tokens number - Number of tokens consumed by the prompt.
Completion_tokens number - Number of tokens consumed by the response.
Total_tokens number - Total number of tokens consumed by both the prompt and the response.
Finish_Reason string stop Indicates the status of the prompt. Normal completion is indicated by stop. A content_filter status means the content was blocked due to detection of suspected unapproved use cases.

API URLs and Example Usage

API Endpoint

https://api.bastiongpt.com/v1/ChatCompletion

HTTPS Request Example

POST /v1/ChatCompletion HTTP/1.1
Host: api.bastiongpt.com
Content-Type: application/json
Key: ab12345678901234567890123456

{
 "messages": [{"role": "user", "content": "What is a normal BP?"}],
 "max_tokens": 1000,
 "temperature": 0,
 "user": "C0001"
}

HTTPS Response Example

{
 "id": "s7RzpHeOFnpM",
 "created": 1709442176,
 "model": "bastiongpt",
 "choices": [
   {
     "finish_reason": "stop",
     "message": {
       "content": "A normal blood pressure (BP) for an adult is generally considered to be in the range of 90/60 mmHg to 120/80 mmHg..."
     }
   }
 ],
 "usage": {
   "prompt_tokens": 30,
   "completion_tokens": 383,
   "total_tokens": 413
 },
 "environment": "development"
}

BASTIONGPT
'

© 2025 FortaTech Security, LLC d/b/a Bastion Intelligence
Product
HomeSecurityUse CasesPricingMedia Toolkit
Company
AboutContactSupportAI PrinciplesNews
Legal
Privacy PolicyTerms of UseCookie PolicyBastion IntelligenceFortaTech Security