HealthBrief
Privacy and security
This page explains what HealthBrief collects, how it is used, and what users can control.
HealthBrief collects basic account details such as name, email, and login method, along with the health information users choose to add. This may include symptoms, diagnoses, medications, allergies, visit questions, uploaded documents, prior testing, care team information, referrals, follow-up tasks, and appointment notes.
Account information is used to create accounts, sign users in, and respond to support requests. Health information is used to organize medical history, prepare visit briefs, store follow-up information, and enable user-created exports. Basic analytics and error logs may also be used to improve the product and troubleshoot issues.
Users can review and edit their health information and AI-generated summaries within the product. They can also request deletion of entries, uploaded files, summaries, and their account, and can export their specialist brief for personal use or sharing with clinicians. Sharing is manual, so the user decides what leaves the product.
Data is shared with third parties only when a user exports it, when infrastructure providers are needed to run the product, or when limited support access is required. Infrastructure providers may include hosting, analytics, email, and AI vendors. Summary exports may include PDF, copy-paste, and printable briefs.
AI is used to help organize information and draft summaries, but the output remains editable and user-controlled.
User data is not used to train models.
Users can request deletion in-app or by email. Account deletion and health data deletion are typically completed within 30 days. Backups may be retained for up to 30 days, and some records may be kept longer where required for security, legal, or fraud-prevention purposes.
Internal access is limited through role-based access and least-privilege controls. Security monitoring may include audit logs, error monitoring, and access logs. HealthBrief does not make HIPAA, SOC 2, or similar compliance claims unless those claims have been completed and documented.
Privacy questions, support questions, and deletion requests can be sent to info@healthbrief.app. Deletion requests can also be made through in-app account deletion.