Policy Drafting
Sherpa can draft a starting-point HIPAA policy — an Incident Response Plan, a Sanction Policy, a Contingency Plan, and more — seeded from your organization's own context rather than a generic template.
How it works
- On the Policies page, click ✨ Draft with Sherpa (org admins, when AI is enabled).
- Pick a policy type and generate. Sherpa drafts a full, sectioned policy tailored to your team size, locations, and assessment posture, inserting
[PLACEHOLDER: …] markers wherever a specific fact is required but not known.
- Review the preview, then Save as draft policy. It lands in your library with draft status and version 0.1.
Grounding & safety
- The model receives only aggregate, non-PHI context (counts and posture summaries) — never patient data.
- Sherpa will not claim your organization performs a control it hasn't indicated; unknown facts become placeholders.
- The output is always a draft. Complete every placeholder, edit for your environment, and obtain legal/compliance sign-off before activating it — saving a draft never activates a policy.