Your privacy and data security matters to us
We decided to use Heidi AI only after we asked a lot of questions about how it works and keeps our patients safe. We are using the same version of Heidi as you will see used in Te Whatu Ora (Health New Zealand) and at your GP practice. Any transcript is deleted automatically after 28 days
We will ask you at the start of each session whether you are OK that we use Heidi AI. It is OK to say no. You can also ask us to stop using it at any point in the consultation.
If you are wondering how Heidi AI Data policy works we have included their policy below for you to read.
Heidi AI and Data Policy
- Your conversation is converted to text to create a transcript of what was discussed in a session. This transcription is happening live as you speak, so no recording is ever stored.
- Once the transcript is complete it is de-identified (see more details below)
- The transcript is passed through our model where it converts your transcript to follow the format and topic points from the template you have chosen/created.
- The note is presented back to you, and any information that was removed is added back in, and any customizations you have specified (i.e always write “Doctor” as “Dr.”) are applied to the note.
- Your note is stored in an encrypted and de-identified manner in our servers and you have full control over its existence. If you delete it on your end, it’s gone on our end
What does de-identified data mean?
De-identified data means that personal information like names, phone numbers, addresses, anything that could be used to identify someone that was discussed in your session is removed from the transcript before it is processed by AI. It is swapped out for generic placeholders, e.g Kate Bennett becomes Jane Doe. This means that the personal information is “locked” and the key is in a completely different location. When the information is displayed to you for your final note, the key unlocks this hidden information and puts any details back into your note. These details are only visible to you, no one else.
What would happen if my patients withdrew consent from using Heidi?
If a patient decides they no longer want you to use Heidi in their sessions, you can just delete their sessions on Heidi,
which permanently deletes it from our servers.We encourage you to get verbal consent from the patient every session to ensure the patient is still comfortable with you using Heidi in their session.
If your patient doesn’t want Heidi used during the session, you could always dictate yourself explaining the session after it has happened as you traditionally would on a dictaphone, and turn this dictation into a note.
Is my data being used to improve Heidi?
As stated in our privacy policy, your data is not being used to train or improve the model.
Heidi can create a personalised experience for you when you use our “memory” feature. This feature allows you to specify certain abbreviations, text snippets, date formatting and so on. The information you provide to memory is only seen by you and is not affecting or training the model. Think of it like an additional filter that is applied to your note after it is generated.
The only way we use you to improve Heidi is by asking you for for feedback on our product, and what kinds of features you want added to the product – this is done via canny where users can vote on potential features, and via user-interviews that we run throughout the process of designing any new feature to ensure it is intuitive for users.
How would you inform me if any policies were to change?
It’s a legal requirement for us to inform you if we have made practical changes in our terms of use and privacy policy
– we would do this by sending you an email explaining the changes and also showing you something within the product to review these changes, and accept them to continue using the product, just like what happens in any other digital service.Written by Heidi Compliance team October 2024
