Skip to main content
JamEMR

Trust Center

Data Privacy

JamEMR's flagship privacy property is architectural — clinical AI runs on local hardware inside the deployment environment, so PHI is not sent to third-party consumer AI clouds. Pilots use synthetic data first.

Privacy by architecture, not by policy alone

Most AI products answer privacy questions with policy: “we promise not to train on your data.” JamEMR answers with architecture: clinical AI inference runs on dedicated GPU hardware inside the deployment environment. Protected health information is not sent to third-party consumer AI clouds for clinical AI processing. This is the flagship privacy property of the product, and it is implemented today — not a roadmap item.

For a clinician, this means the ambient conversation with a patient, the draft note, and the chart it maps to stay inside the practice’s environment.

What is in place today

  • Local clinical AI processing. Ambient transcription and clinical language-model processing run on dedicated local hardware. No patient audio, transcript, or chart data is sent to consumer AI services for clinical AI processing.
  • Synthetic data during pilots. Pilot deployments run on synthetic (non-real-patient) data until a practice’s compliance prerequisites — including a signed Business Associate Agreement — are complete. Real patient data is never the test bed.
  • Least-privilege access. Role-based access control limits who can see what; staff roles without a clinical need cannot access clinical AI functions.
  • Auditability. Chart access and changes are logged, so a practice can answer “who looked at this record, and when” from the audit log.
  • A designated Privacy Officer role is assigned and active, with a counterpart Security Officer.
  • Minimal subprocessor surface. Because clinical AI runs locally, no subprocessor receives PHI for clinical AI processing. See our Subprocessors page for the current list.

On our roadmap

  • Documented privacy policy pack and formal HIPAA risk analysis refresh — in progress. The practices above exist today; the formal, auditable documentation of them is being completed.
  • Third-party penetration testing before general availability.
  • SOC 2 Type II examination — planned, not started. We do not claim SOC 2 compliance.

What we don’t do

We do not sell patient data. We do not use customer PHI to train models shared across customers. We do not send PHI to third-party consumer AI clouds for clinical AI processing. If a future feature would change any data flow described on this page, we will update this page before the feature ships.

Privacy questions: privacy@jamemr.com.

← Trust Center