Skip to main content
All CollectionsOther
How CarePilot Manages your Data
How CarePilot Manages your Data

This article describes how CarePilot manages and keeps secure the healthcare Data that flows through our platform.

Joseph Tutera avatar
Written by Joseph Tutera
Updated over 2 months ago

At CarePilot, we understand that as a healthcare professional, you want to know how your data is being used and protected. We’ve designed our system to ensure your data remains secure, private, and compliant with healthcare regulations. Here’s a simple breakdown of how CarePilot works with your information and helps improve your experience.

Note for Enterprise Customers:

Integrated enterprise customers may have varying retention periods of up to 365 days. This retention period can be customized based on your organization’s specific needs. Contact us to configure your preferences.

How CarePilot Uses Your Data

  1. Data Retention

    1. We only retain your clinical notes for up to 14 days. After that, all notes are securely deleted on a rolling basis. This ensures your information isn’t stored longer than necessary. (Note: For EHR Integrated customers, this period may be longer at the Customer's preference.)

  2. Protected Health Information (PHI)

    1. Your PHI is never used to train our AI models. This means none of your personal or sensitive patient data is ever used for any learning purposes by the system.

  3. Microsoft OpenAI / Azure Security

    1. CarePilot uses OpenAI as a foundational model provider, and all requests go through their OpenAI API or Azure Platform with the appropriate configurations for security and privacy. Your data is only kept as long as it takes to process the request and is never stored persistently by OpenAI.

  4. Data Storage

    1. All data is stored on servers in the United States, managed by Amazon Web Services (AWS), one of the largest and most trusted cloud providers in the world.

  5. HIPAA Compliance

    1. CarePilot is fully HIPAA compliant, which means we adhere to the highest standards of data protection in healthcare. Our systems are monitored 24/7 by automated systems to ensure everything remains secure.

How CarePilot Learns Your Charting Style

Every night, CarePilot takes steps to improve your experience by learning how you write your notes. Here’s how:

  • CarePilot automatically de-identifies selected notes in accordance with 45 C.F.R. § 164.514. This ensures that any information that could be linked back to you or your patients is properly removed, meeting legal standards for de-identification.

  • After de-identifying the notes, we use these examples to help the AI better understand your unique style and preferences.

  • These de-identified data may be kept beyond the 14-day retention period, it is completely de-identified And all protected health information is replaced with dummy data, a process called "Surrogation", to make it impossible to link back to you or your patient.

We hope this gives you peace of mind about how CarePilot uses your data. By keeping everything secure and personalized just for you, we aim to make your documentation process easier, faster, and more efficient.

If you have any further questions, feel free to reach out to our support team. Additionally, at any time, you can request for all data to be completely wiped from our servers.

Related Articles
Explaining CarePilot to your Patients
Did this answer your question?