Privacy Policy
attest is designed for de-identified standard workflows and enterprise PHI workflows only when a signed BAA and approved deployment are in place.
What attest Collects
Account details, app settings, usage metadata, patient or clinical content you enter, uploaded context documents, transcripts, generated drafts, and audit/security events needed to operate the service.
Clinical Data
Free and individual use should not include direct patient identifiers. PHI use requires an enterprise configuration, a signed Business Associate Agreement, and reviewed subprocessors.
Controls
attest uses authentication, row-level access controls, signed storage access, rate limits, and audit logging foundations. Users remain responsible for reviewing AI output before clinical use.
Contact
Questions or BAA requests: hello@attest.health