Privacy & Compliance

How long is patient data stored?

Configurable PII retention with automatic anonymization

Overview

Patient identifying information (name, email, phone, date of birth) is automatically anonymized after a configurable retention period (2 hours to 90 days, default 7 days). Clinical data (symptoms, findings, suggestions) is preserved for quality improvement and analytics.

PII Retention & Anonymization

What gets anonymized?

After the retention period, the following patient identifying information (PII) is irreversibly anonymized:

  • Name - replaced with "ANON PATIENT-XXXXXX"
  • Email address - removed
  • Phone number - removed
  • Date of birth - removed (age at time of interview is preserved)
What is preserved?

Clinical data remains available for quality improvement and analytics:

  • Symptoms and presenting complaints
  • Clinical findings and history
  • AI-generated summaries and suggestions
  • Differential diagnoses and treatment considerations
  • Patient's age at time of interview
  • Interview transcripts (chat messages)
Retention period options

Healthcare organisations can choose from the following retention periods:

  • 2 hours - Minimum retention for immediate post-appointment use
  • 12 hours - Same-day retention
  • 24 hours - Next-day follow-up window
  • 2 days - Short-term retention
  • 7 days (default) - One week retention
  • 30 days - Monthly retention
  • 90 days - Quarterly retention
When does anonymization occur?
  • With appointment: Retention period starts from the appointment time
  • Without appointment: Retention period starts from the last interaction (message sent or session updated), with a configurable fallback period (default 30 days)
  • Processing: An automated job runs hourly to anonymize sessions past their due date

Manual Anonymization

Organisation administrators can manually anonymize patient data at any time upon patient request. This provides an immediate way to honour "right to be forgotten" requests without waiting for the automatic retention period.

Clinical Record Retention

While PII is anonymized according to your configured retention period, anonymized clinical data may be retained longer in accordance with healthcare record-keeping requirements:

  • Australia: Minimum 7 years from last service (longer for minors)
  • UK: As per NHS Records Management Code of Practice
  • Other jurisdictions: As per applicable healthcare record retention laws

This allows healthcare organisations to maintain clinical records for audit and compliance purposes while minimizing privacy risk by removing identifying information.

Have More Questions?

Contact our team to discuss data retention policies and patient rights for your practice.

Contact Us All FAQs

Related Questions

Privacy Compliance
Related information
Data Security
Related information