AskMedicalAI – Privacy Policy (HIPAA‑Safe by Design)
Introduction
AskMedicalAI LLC (“AskMedicalAI,” “we,” “our,” or “us”) is committed to safeguarding privacy and maintaining a HIPAA‑safe design. The AskMedicalAI platform and its AI companion, “Aimy,” were built from inception to operate in a de‑identified, privacy‑first environment. This Privacy Policy explains how AskMedicalAI protects user information and limits the handling of data in alignment with healthcare privacy best practices.
No Protected Health Information (PHI) Stored
- AskMedicalAI does not collect, store, transmit, or process Protected Health Information (“PHI”) as defined by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
- All platform activity is tracked only through anonymous referral codes that contain no patient identifiers.
- Hospitals and providers may privately map these codes to their internal medical records for program tracking, but AskMedicalAI never has access to any personally identifiable information.
HIPAA‑Safe Design Principles
- AskMedicalAI is designed using HIPAA‑safe architecture and privacy‑by‑design principles.
- All data handled within the Platform is aggregate and de‑identified, used solely for high‑level reporting (e.g., patient engagement trends, readmission reduction, and ROI outcomes).
- Because AskMedicalAI does not store or transmit PHI, the Platform minimizes privacy risk and is designed in accordance with HIPAA‑safe principles and general healthcare privacy best practices.
Use of Data (De‑Identified and Aggregate Only)
AskMedicalAI may collect or analyze non‑identifiable, aggregated insights such as:
- Patient and caregiver engagement rates
- Readmission prevention and education trends
- ROI and program‑level outcome analytics
- Patient satisfaction indicators (anonymous only)
These de‑identified insights help hospitals and care teams improve education and outcomes while fully preserving patient privacy. No data can be traced back to an individual.
Privacy Responsibilities
- Hospitals, physicians, and healthcare providers remain solely responsible for maintaining and securing PHI within their own internal systems.
- AskMedicalAI operates outside the scope of PHI handling and never accesses patient identifiers, ensuring clear separation of responsibility.
- This separation helps protect both hospitals and patients under HIPAA principles and applicable state privacy laws.
Patient & Hospital Rights
- Hospitals and enterprise clients may request general information about AskMedicalAI’s privacy practices. AskMedicalAI reserves the right to determine what information is shared and may decline requests at its discretion.
- Patients and caregivers can be confident that AskMedicalAI does not collect, store, or share any personal health identifiers and operates entirely through anonymous engagement data.
- If a hospital or user has a concern that Protected Health Information (“PHI”) may have been transmitted through the Platform, AskMedicalAI will review the matter promptly and take corrective actions if warranted, consistent with its internal compliance procedures.
- AskMedicalAI is designed so that all communications with the Platform are encrypted in transit using industry‑standard security protocols. Encryption is implemented or in progress to maintain data integrity and protection.
Data Security Practices
- AskMedicalAI is designed so that all communications with the Platform are encrypted in transit using industry‑standard security protocols. Encryption is implemented or in progress to maintain data integrity and protection.
- Aimy does not retain conversation history. Once a chat session ends, all dialogue is automatically cleared, and no personal information or conversation content is stored on the Platform.
- Access to analytics and administrative dashboards, where applicable, is limited to authorized personnel under confidentiality obligations.
- AskMedicalAI follows privacy‑by‑design and data‑minimization principles and periodically reviews its internal practices to promote ongoing privacy and security improvements.
Updates to This Policy
AskMedicalAI may update this Privacy Policy from time to time to reflect regulatory changes or platform improvements. Material updates will be posted on our website and noted within the Platform. Continued use constitutes acceptance of the revised policy.
Contact Information
For privacy questions or compliance inquiries, please contact: AskMedicalAI LLC
Jurisdiction: State of Nevada, USA