1. Introduction
At CarePilot, protecting patient privacy and earning the trust of clinicians are our highest priorities. This overview explains, in plain language, how we handle Protected Health Information (PHI), how long we retain it, and the safeguards we apply throughout its lifecycle.
2. Key Definitions
Term | Definition |
"Retention Period" | The time PHI Data remains in our encrypted primary systems. • Enterprise / Integrated Accounts: 180 days by default (customizable up to 365 days by agreement). • Standalone Accounts: 14 days. |
"Disaster Recovery Period" | Up to 30 days immediately following the end of the Retention Period during which encrypted backup copies may persist solely for disaster‑recovery purposes. |
"PHI Data" | Any data subject to HIPAA that CarePilot creates or processes, including: clinical notes, visit transcripts (text or audio), appointment and demographic details, diagnoses, problems, procedure and billing codes, and related metadata. |
3. Data Lifecycle
Active Storage (Retention Period) — PHI Data resides in US based encrypted primary storage for the duration of the applicable Retention Period. After expiry, data is securely deleted on a rolling basis.
Backups (Disaster Recovery Period) — US based encrypted backups that may contain PHI Data are retained for up to 30 days after deletion from primary storage. These backups exist only to restore service continuity and are automatically and permanently deleted once the Disaster Recovery Period ends.
4. Audio Recordings
Audio streams are processed in real time. Unless explicitly configured otherwise, no persistent copy is kept.
Temporary server‑side buffers may exist for ≤ 24 hours to facilitate transcription and resiliency. These buffers are automatically purged, are not included in disaster‑recovery backups, and are never accessible to clients at any time.
5. Use of PHI Data
PHI Data is never used to train or improve CarePilot’s AI models.
Under our Business Associate Agreements, and in accordance with 45 C.F.R. § 164.514, CarePilot may use properly de-identified data to improve its services.
6. Third-Party Model Providers
CarePilot operates exclusively on HIPAA‑compliant Amazon Web Services (AWS) infrastructure located in the United States.
All AI inference requests are processed through Microsoft Azure OpenAI or OpenAI API under HIPAA‑eligible configurations. No request payloads are stored persistently by OpenAI.
We hope this gives you peace of mind about how CarePilot uses your data. By keeping everything secure and personalized just for you, we aim to make your documentation process easier, faster, and more efficient.
If you have any further questions, feel free to reach out to our support team. Additionally, at any time, you can request for all data to be completely wiped from our servers.