Publish on January 5th, 2024
AI SOAP Privacy & Security
Clinician and patient trust is of the highest priority at AI SOAP. We hold ourselves accountable to a HIPAA-compliant data storage and processing protocol for all data captured and shared through our platform.
All AI SOAP employees are required to:
Personal Information: The template does not directly collect or store any personal information.
Usage Data: We may collect non-personal information such as the template's usage statistics, user interactions, and session durations for analytical purposes.
AI SOAP conducts regular risk assessments to ensure policies remain up-to-date and relevant
Our CTO is responsible for Privacy and Security
All software changes are reviewed for compliance
AI SOAP practices infrastructure-as-code. All infrastructure changes are reviewed before deployment
All engineers complete secure development practices training
All hosting services and data is stored and processed within Amazon Web Services secure data centers
AI SOAP has a HIPAA-compliant Business Associate Agreement with Amazon Web Services
AI SOAP leverages Amazon Web Services’s high-availability infrastructure to ensure the data is always accessible
All data is encrypted at-rest and in-transit using standard encryption schemes
All Vendors who may process patient information are required to be HIPAA compliant
AI SOAP regularly reviews vendor security practices to ensure continued high standards
All AI models are HIPAA-compliant and don’t retain data
Protected health information is never used for AI training purposes
Patient information is encrypted at-rest and in-transit
Patient recordings are temporarily saved in a secure and HIPAA-compliant manner until note summaries and quality checks are complete, and then they are automatically delete
Patient notes can be manually deleted at any time or set to automatically delete after 30 days