Chrome extension that removes Protected Health Information (PHI) from clinical text using a locally hosted Microsoft Phi-3 Mini 128K large language model served via Ollama. All data stays on your machine.
IMPORTANT CAVEAT: Language models are non-deterministic and may miss identifiers or over-redact. Manual review of all output is mandatory before use.
demo.mp4
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. User enters clinical text in extension popup β
ββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 2. Extension sends text + prompt to local Ollama server β
β (HTTP POST to localhost:11434/api/generate) β
ββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 3. Phi-3 Mini processes text locally on user's machine β
β - Identifies PHI using Safe Harbor rules β
β - Replaces with [NAME], [DATE], [MRN], etc. β
β - Returns de-identified text β
ββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 4. Extension displays results for human review β
β - Shows original and scrubbed text comparison β
β - Counts PHI identifiers removed β
β - **Mandatory manual verification step** β
ββββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββ
β
ββββββββββ΄βββββββββ
βΌ βΌ
ββββββββββββββββββββ ββββββββββββββββββββββββββββββββββ
β Copy to Clipboardβ β Inject into Any Online LLM β
β for manual paste β β (ChatGPT, Claude, Gemini, etc) β
ββββββββββββββββββββ ββββββββββββββββββββββββββββββββββ
local-phi-scrubber/
βββ manifest.json # Chrome extension manifest (defines permissions, content scripts, icons)
βββ popup.html # Extension popup UI structure (HTML markup for the interface)
βββ popup.js # Main popup logic (handles user input, Ollama API calls, UI updates)
β # CONTAINS SYSTEM PROMPT: PROMPT_TEMPLATE constant (lines 11-82)
βββ content.js # Content script (injects scrubbed text into chat interfaces)
βββ styles.css # Popup UI styling (CSS for extension interface)
βββ README.md # Project documentation (this file)
βββ LICENSE # MIT license text
βββ demo.mp4 # Demo video showing extension in action
βββ icons/ # Extension icon assets
βββ icon16.png # 16x16 icon (toolbar)
βββ icon48.png # 48x48 icon (extension management)
βββ icon128.png # 128x128 icon (Chrome Web Store)
Before installing the extension, ensure you have:
- Chrome or Edge version 128 or later
- Ollama installed on your machine
- 4GB+ system RAM minimum (8GB+ recommended for comfortable use)
- Optional but beneficial: GPU with VRAM for faster inference
Ollama is the local inference engine that runs Phi-3 Mini.
- Visit https://ollama.ai and download Ollama for your operating system
- macOS (Intel & Apple Silicon)
- Windows
- Linux
- Install and launch Ollama
- Ollama will run as a background service on
http://localhost:11434
Once Ollama is running, open a terminal and pull the Phi-3 Mini model:
ollama pull phi3:miniThis downloads the model (~2.03GB with Q4_0 quantization). First download may take 3-10 minutes depending on internet speed. You can also use ollama pull phi3:medium (14B) or ollama pull phi3 (4K context) variants if you prefer.
Verify installation with:
ollama listYou should see phi3:mini in the list of available models.
- Open Chrome and navigate to chrome://extensions
- Enable Developer mode (toggle in top right)
- Click Load unpacked
- Navigate to the
local-phi-scrubberfolder and select it - The extension should appear in your extensions list and toolbar
- Click the extension icon in your Chrome toolbar
- You should see a green status indicator: "AI ready β’ Ollama + Phi-3"
- If you see an error, verify:
- Ollama is running (
ollama servein terminal) - Phi-3 Mini is installed (
ollama list) - Port 11434 is accessible
- Ollama is running (
- Paste sample clinical text in the extension textarea:
Patient John Smith, DOB 12/15/1985, MRN #123456 Admitted to Boston General Hospital on 3/10/2024 Chief complaint: chest pain Contact: (617) 555-1234 - Click "Scrub PHI"
- Review the output (should show de-identified text with [NAME], [DATE], [MRN], etc.)
- IMPORTANT: Manually verify the results before use in any external system
- User Input β Textarea in
popup.html - Scrub Button Click β
popup.js:scrubPHI()function - API Call β HTTP POST to
localhost:11434/api/generatewith:- Model:
phi3:mini - Prompt: Complete HIPAA de-identification instructions
- Query: User's clinical text
- Temperature: 0 (for consistency)
- Model:
- Local Processing β Ollama runs Phi-3 Mini on user's hardware
- Response β De-identified text returned
- Analysis β Count and display identified PHI tokens
- User Review β Manual verification required
- Output β Either copy to clipboard or inject into chat interface
| Feature | Description |
|---|---|
| AI-Assisted De-Identification | Uses Phi-3 Mini LLM for intelligent PHI removal |
| Local Processing | All computation happens on your machine, zero cloud transmission |
| HIPAA Safe Harbor Aligned | Targets all 18 Safe Harbor identifiers |
| Two Output Methods | Copy to clipboard OR inject directly into any online LLM platform |
| Real-Time Status | Shows Ollama connection status in UI |
| PHI Analytics | Displays count of identifiers removed |
| Minimal Permissions | Only requests necessary Chrome permissions |
| Open Source | MIT licensed, fully auditable code |
| Limitation | Why It Matters |
|---|---|
| Guarantee of de-identification | LLMs are non-deterministic; manual verification is required |
| Standalone HIPAA compliance | Human review is mandatory; this is a tool, not a safeguard |
| 100% PHI detection | Language models may miss some identifiers |
| Zero false positives | May over-identify and remove non-sensitive content |
| Real-time learning | Cannot improve from past errors without model retraining |
| Offline operation | Requires Ollama to be installed and running locally |
- All processing is local - Your text never leaves your machine
- No cloud API calls - No data transmission to external servers
- No telemetry - Extension doesn't track or report your usage
- No API keys needed - Ollama runs entirely on localhost
- No authentication required - No login, no accounts, no tracking
- Open source code - You can audit every line (1.2KB popup.js, 2.4KB content.js)
- MIT licensed - Permissive open source license, commercial use allowed
The extension requests minimal permissions:
{
"permissions": ["activeTab", "scripting"],
"host_permissions": [
"http://localhost:11434/*", // Local Ollama inference
"https://chatgpt.com/*", // ChatGPT (OpenAI)
"https://www.perplexity.ai/*", // Perplexity AI
"https://claude.ai/*", // Claude (Anthropic)
"https://gemini.google.com/*", // Gemini (Google)
"https://copilot.microsoft.com/*", // Copilot (Microsoft)
"https://huggingface.co/*", // Hugging Face Chat
"https://github.com/*" // GitHub Copilot
]
}Note: You can add more LLM platforms by updating the host_permissions in manifest.json.
No tracking, no analytics, no third-party APIs.
| Component | Requirement |
|---|---|
| Browser | Chrome 128+ or Edge 128+ |
| Operating System | Windows, macOS, Linux (any recent version) |
| System RAM | 4GB minimum (8GB+ recommended) |
| Disk Space | 2.5GB for Phi-3 Mini 128K model (Q4 quantized) |
| Internet | Only needed to download Ollama and model once |
| Hardware | Works? | Performance | Notes |
|---|---|---|---|
| 5+ year old laptop (CPU) | Yes | 5-10 tok/s | Q4 quantization, practical use |
| Modern laptop (CPU) | Yes | 10-15 tok/s | No GPU needed |
| Laptop with GPU | Yes | 20-40 tok/s | Much faster, optional |
| Desktop PC | Yes | Excellent | Best experience |
| Apple Silicon Mac | Yes | 107 tok/s | Fastest consumer option |
| iPhone A16+ | Yes | 12 tok/s | ONNX optimized, practical |
| Android S21+ | Yes | 8+ tok/s | ONNX optimized, experimental |
| Raspberry Pi 4 | Maybe | Very slow | Possible with extreme quantization |
MIT License - This software is open source and free for commercial use.
See LICENSE file for complete license text.