AI & Algorithmic Transparency Policy

Introduction and Purpose

Health Cloud is a U.S.-based healthcare technology platform in beta that leverages artificial intelligence (“AI”) to enhance patient and provider experiences. This AI & Algorithmic Transparency Policy (“Policy”) outlines how Health Cloud uses AI technologies and our commitments to ethical, transparent, and human-centered AI in healthcare. Because Health Cloud handles Protected Health Information (PHI), we design all AI features in compliance with applicable laws and security standards, including the Health Insurance Portability and Accountability Act (HIPAA) and SOC 2 requirements. This Policy is publicly disclosed to explain our AI practices clearly, build user trust, and support our pursuit of HIPAA and SOC 2 compliance.

    Scope

    This Policy applies to all AI-driven features and algorithms deployed on the Health Cloud platform for both patient users and healthcare provider users. It covers the types of AI we use, their intended purposes, the limitations of these technologies, and the safeguards and oversight in place. By using Health Cloud’s AI-powered features, users acknowledge and agree to the practices and disclaimers outlined in this Policy.

      Types of AI Technologies Used and Their Purpose

      Health Cloud utilizes several types of AI and machine learning models, each for specific, limited purposes in our platform’s features. We believe in being transparent about what algorithms we use and why. The primary AI capabilities in Health Cloud include:

      • Natural Language Processing (NLP): Used to interpret and generate human language. For example, NLP powers our conversational virtual assistant that can understand patient questions or provider queries and provide relevant informational responses. It also helps summarize unstructured clinical notes or patient inputs into easier-to-understand insights. These NLP features enable more intuitive communication but do not generate medical diagnoses or final treatment decisions.
      • Predictive Analytics Models: Used to identify patterns or make projections from health data. For instance, Health Cloud may use predictive models to highlight potential health trends (e.g. predicting risk of hospital readmission or flagging if a patient’s metrics are outside normal ranges) for informational insight. These models are trained on healthcare data to provide risk scores or trend analyses that can support clinical awareness. They are not used to definitively diagnose conditions or prescribe treatments, only to provide probabilistic insights that a user can consider alongside other information.
      • Recommendation Systems Used to suggest resources or next steps. For patients, our AI might recommend educational articles, wellness tips, or reminders based on the patient’s profile and activities. For providers, the system might suggest possible care plan templates, relevant clinical guidelines, or diagnostic considerations to explore. These recommendations are generated to help users make informed choices or find relevant information. They are not mandates – users decide if a recommendation is appropriate, and providers must apply their professional judgment before following any suggestion.
      • Data Analytics and Pattern Recognition: In certain features, machine learning algorithms analyze aggregated health data to detect anomalies or correlations (for example, identifying if a patient’s symptom pattern matches certain known conditions or if a clinic’s appointment flow could be optimized). These analytics serve to inform users about notable patterns. Any alert or notification from such analytics is advisory and requires human evaluation.

      Our use of AI is deliberately limited to supportive, informational roles. We do not use AI for autonomous decision-making in clinical care, and we do not employ AI in any way that replaces a licensed healthcare professional. All AI functionalities undergo design and review to ensure they align with their intended purpose and remain within an informational scope.

      Informational Use Only – No Medical Advice or Decisions

      Health Cloud’s AI outputs are for informational purposes only and are not a substitute for professional medical judgment or advice. All content, suggestions, analyses, or insights generated by our AI tools are intended to support and inform users in understanding health information, not to provide medical diagnoses or treatment plans.

      • No Doctor-Patient Relationship: Using Health Cloud’s AI features does not create a doctor-patient relationship between the user and Health Cloud or its AI services. The AI may provide general health information or identify trends, but it does not offer personalized medical advice. Users (whether patients or providers) should always consult a licensed healthcare professional for interpretation of AI insights and before making any medical decisions.
      • Not a Diagnostic Tool: The platform’s AI does not issue medical diagnoses. For example, if a predictive model flags a possible risk or a symptom checker AI provides a list of potential conditions, these are hypotheses for further exploration, not clinical diagnoses. Only a qualified provider, through appropriate medical evaluation, can diagnose health conditions. Health Cloud AI is intentionally configured not to present its outputs as conclusive or certain.
      • Not a Treatment Plan: Similarly, no AI-generated content on Health Cloud should be viewed as a prescribed treatment or care plan. Any care suggestions (such as lifestyle tips or possible interventions to discuss with a doctor) are generic in nature. Patients must follow the advice of their healthcare providers regarding any treatment or changes to care. Providers using the platform must exercise their own clinical judgment in developing treatment plans; they should not rely on the AI to make those decisions
      • Use in Emergencies: The AI features of Health Cloud are not intended for use in emergencies or urgent situations. If you are a patient and believe you are experiencing a medical emergency or something critical, you should call emergency services (such as 911 in the U.S.) or seek immediate medical attention. The AI’s informational responses are not equipped to handle real-time crisis advice.

      By using our platform, users agree that any AI-provided information will be considered as one input among many, and not the sole basis for any health decision. Health Cloud emphasizes that all final decisions about patient care, diagnosis, or health management rest with human professionals and the patients themselves, not with the AI.

      Human Oversight and Validation of AI Outputs

      Health Cloud is committed to maintaining human oversight over all AI functionalities. We recognize that in healthcare, human-in-the-loop review is essential to ensure accuracy, relevance, and appropriateness of AI outputs. Our approach includes multiple layers of human supervision:

      • Expert Development and Testing: Before any AI feature is deployed, it is developed and tested with oversight by qualified experts (such as data scientists, clinicians, and compliance officers). Clinical subject-matter experts are involved in reviewing the training data selection and the output behavior of models in a testing environment. AI models (e.g., a predictive risk model) are validated against real-world cases and reviewed by healthcare professionals to confirm that the insights make sense medically. We do not release AI tools until we are satisfied through human review that they meet our accuracy and safety standards for beta.
      • Ongoing Human-in-the-Loop Use: Many AI-driven processes on the platform require a human decision or confirmation before any action is taken. For example, if the AI assistant drafts a summary or suggests a possible care tip, a human user (patient or provider) must review that content and decide how to use it. In provider-facing tools, AIgenerated recommendations or risk scores are presented alongside the underlying data or rationale when possible, allowing the provider to interpret and validate the suggestion. The platform design makes it clear that the AI is offering options or analysis for the user to consider – a human user is always in control of deciding whether to act on that information.
      • Content Moderation and Review: We maintain processes for periodic review of AIgenerated content on the platform. Our team (including clinical consultants) can audit AI interactions and outputs (while respecting user privacy) to catch any obviously incorrect or harmful suggestions. If the AI provides information that is inappropriate, incorrect, or potentially unsafe, we treat this as a high-priority issue: the content is flagged and our engineers and health experts collaborate to adjust the AI system or its knowledge base. During the beta period, we also may have certain AI responses manually reviewed before they are shown, especially for new features that need close quality monitoring
      • User Feedback Loop: We encourage and enable users to provide feedback on AI outputs. The platform interface allows providers and patients to flag AI responses that seem erroneous, confusing, or biased. This feedback is reviewed by our team. For providers, there may be an in-app mechanism to quickly cross-check AI suggestions against authoritative sources (for example, linking to clinical guidelines or medical literature) to assist in validation. All user feedback is taken into account to refine the AI models or add necessary safeguards. Human oversight is thus continuously reinforced by our user community’s insights.

      In summary, no AI output is acted upon in Health Cloud without appropriate human oversight or intervention. Our AI systems are augmented intelligence – designed to assist humans – and not autonomous agents. We have governance in place to ensure that at every critical point, a qualified person (either the end-user or an internal expert) reviews and guides the use of the AI’s output.

      Acknowledging AI Limitations

      While AI can be a powerful tool for gleaning insights, it has significant limitations, especially in a sensitive domain like healthcare. Health Cloud openly acknowledges these limitations as part of our commitment to transparency about our algorithms’ capabilities and weaknesses. Users should be aware of the following potential issues with AI outputs:

      • Possible Bias in Outputs: AI models learn from data, and if the data used to train or configure a model contains biases or unrepresentative samples, the AI’s suggestions may reflect those biases. This could mean certain populations or conditions are not accurately represented. We acknowledge that bias is a risk, such as racial or gender bias in health predictions, and we actively work to minimize it (see the Fairness section below). However, no dataset is perfect, and users should be alert to the possibility that AIgenerated insights might not be universally applicable or fair to all individuals.
      • Errors and Inaccuracies: AI predictions or NLP-generated answers can be wrong or misleading. The AI might misunderstand a question, generate an incorrect correlation, or simply produce a flawed output (for instance, suggesting an irrelevant health tip due to a misunderstood symptom). Factors like poor quality input data, unusual phrasing, or novel scenarios can increase error rates. Health Cloud does not guarantee the correctness of AI outputs. We strive for high accuracy through testing and monitoring, but like any tool, the AI can make mistakes. Users should therefore verify critical information from AI through other trusted sources or professionals.
      • Incomplete or Outdated Data: If the data fed into the AI is incomplete, outdated, or incorrect, the resulting output will reflect those gaps. For example, if a patient’s profile is missing key history or a provider has not updated recent lab results, the AI’s insights might be off-base. Similarly, our knowledge databases and models may not yet include the very latest medical research or guidelines (especially as the platform is in beta and continuously evolving). The AI has only the knowledge it’s given – it may not know about rare conditions or new treatments that are not in its training data. This limitation means users should not assume the AI’s silence or lack of warning about something implies everything is normal; it might simply not “know” about that factor.
      • Interpretability and Explanation Limits: Some advanced models (like deep learning networks) can be complex and not fully transparent in their decision-making process. While we commit to providing explainability where possible, there may be instances where even our developers and experts cannot easily explain why the AI made a particular recommendation or prediction. This “black box” issue is an inherent limitation in some AI systems’ design. We mitigate this by favoring more interpretable models for critical tasks and by providing context to the user (for example, highlighting which factors most influenced a risk score). Nonetheless, users should understand that AI reasoning is not infallible or fully transparent, and lack of a clear explanation doesn’t necessarily mean an output is trustworthy.
      • Contextual Understanding: AI may lack true common sense or the rich context a human professional has. It works on patterns and data. Therefore, it might misinterpret nuances. For example, a phrase in a medical note like “rule out diabetes” might be naively read by an AI as confirming diabetes. Or an AI might suggest a diet change without understanding a patient’s cultural context. We recognize that AI operates in a narrow context window. The nuanced understanding of a patient’s situation is a limitation for AI, which is why human oversight is indispensable.

      By being transparent about these limitations, Health Cloud aims to educate users on the appropriate expectations from our AI features. We continuously remind users that AI outputs are inherently fallible and should not be blindly trusted or used in isolation. This candid acknowledgment is a cornerstone of our human-centered approach: we want users to benefit from AI insights while staying aware of its imperfections.

      Commitment to Explainability and Transparency

      We are dedicated to making our AI systems as explainable and transparent as possible, so that users understand how AI conclusions are reached and when AI is at play. Transparency is crucial for building trust in AI, and Health Cloud embraces the principle that AI tools should be transparent and explainable to users. Our commitments include:

      • Disclosure of AI Usage: Health Cloud clearly discloses when and where AI is used in the platform. Features or content that are AI-generated or AI-assisted are labeled as such. For example, if a patient is chatting with our virtual assistant, we inform the user that they are interacting with an AI (and not a live clinician). If a provider sees a “risk score” or a recommendation in our interface, we indicate that it was produced by an algorithm. We avoid any suggestion that AI outputs come from a human or are anything other than computational assistance. This disclosure ensures users are never misled about the nature of the information they receive.
      • Explainability of Outputs: Wherever feasible, we provide explanations or context for AI outputs. If an AI model offers a prediction or suggestion, Health Cloud will strive to show the key factors or data points that influenced that output. For instance, if our AI flags a patient as high-risk for a certain condition, the platform might display that this is based on specific inputs (e.g., “elevated blood pressure readings in last 3 entries and family history of X condition”). In the case of NLP-generated answers, the system can provide source references or a rationale on how it formed the answer (such as highlighting portions of a medical article it relied on). We are committed to improving these explanation features over time, so that users can get a “window” into the AI’s reasoning process.
      • User-Friendly Explanations: We understand that not all users are data scientists or clinicians familiar with AI jargon. Therefore, we present explanations in clear, plain language appropriate to the audience. Patients will see explanations in layperson’s terms (for example, “Our system noticed a pattern in your recent symptoms that often is seen in condition Y”). Providers might have access to more technical details if needed (such as model confidence levels or validation stats). The goal is to make the AI’s workings understandable to the people using its output, empowering them to make informed judgments about whether to trust or use that output.
      • Transparency in Development and Testing: Beyond just explaining individual outputs, Health Cloud is open about the development process of our AI. We maintain documentation about our algorithms, including the general types of data used to train models, the evaluation results (accuracy, error rates) of those models, and the known limitations discovered in testing. While we must protect certain proprietary information and security-sensitive details, we aim to share as much as is practical about how our AI was built and is performing. For example, we may publish summary metrics of a model’s performance (e.g., “90% sensitivity in identifying condition Z in testing”) or information about the breadth of data (e.g., “trained on de-identified health records from diverse populations”) to give users confidence in the robustness of our tools. We believe this level of transparency is essential for trustworthy AI in healthcare.
      • Continued Transparency Improvements: As Health Cloud is in beta and our AI evolves, we will continue to enhance the transparency of our systems. This may include introducing new interface features that let users probe an AI recommendation further (such as asking, “Why did it suggest this?”), and publishing updates about our AI governance efforts. We are also monitoring emerging standards and regulations around AI transparency and will adapt our practices to not only meet but exceed those requirements. Our ultimate aim is that users never feel “in the dark” about why an AI gave a certain result – clarity and openness are the default.

      By committing to explainability and transparency, Health Cloud ensures that AI becomes a tool that illuminates healthcare information rather than obscuring it. We want users to have clarity, confidence, and control when interacting with AI-driven features on our platform.

      Commitment to Fairness and Non-Discrimination

      Ensuring fairness in AI is paramount in a healthcare setting. Health Cloud is committed to preventing and mitigating algorithmic bias so that our AI tools do not inadvertently disadvantage or harm any group of users. We incorporate fairness and non-discrimination principles at every stage of our AI development and deployment:

      • Inclusive Training Data: We strive to train our AI models on data sets that are as diverse, representative, and unbiased as possible. For instance, if a predictive model is being developed to assess risk for a condition, we use data samples that reflect different ages, genders, ethnic backgrounds, and health profiles so that the model learns patterns that apply broadly, not just to a narrow population. Our team actively reviews training data for potential biases or gaps. If certain demographics are underrepresented in the data, we take steps to account for that, such as data augmentation or explicitly testing the model on those groups.
      • Bias Testing and Audit: Before deployment and on an ongoing basis, we conduct bias and fairness testing on our AI algorithms. This means we check how the AI’s outputs might differ across different subgroups. For example, we may test if a symptom-checking AI gives significantly different suggestions for men vs. women or if a risk model systematically underestimates risk for a particular racial group. If we detect any problematic disparities, we address them (e.g., by retraining the model with improved data, adjusting thresholds, or adding algorithmic constraints to correct bias). Health Cloud may also engage independent experts or utilize audit tools to evaluate our AI for fairness, especially for high-impact features.
      • No Discriminatory Factors: We do not design or train our AI to use protected characteristics (such as race, ethnicity, gender, or religion) as inputs unless it is absolutely necessary for a specific health context and ethically and legally appropriate. Generally, our AI focuses on relevant medical and contextual data. If any sensitive attribute is correlated with an outcome, we analyze whether that is a proxy for some other factor and handle it carefully. Under no circumstances will Health Cloud’s AI use such attributes to intentionally discriminate or classify users in a way that would be unjust or prejudicial. Our development policies explicitly prohibit building models that would result in unfair discrimination or denial of equal service quality.
      • Continuous Monitoring for Fairness: Fairness is not a one-time checkbox, so we continuously monitor AI outputs in the real world for signs of bias. This includes reviewing user feedback for any claims of biased behavior, tracking outcome patterns, and staying current with research on bias in AI. If new forms of bias are identified (for example, a published study flags a bias issue with a commonly used algorithm approach), we proactively evaluate our systems against those risks. Health Cloud is prepared to adjust or even suspend an AI feature if we suspect it is producing unfair results, until we can remedy the issue.
      • User Recourse: We provide mechanisms for users (patients or providers) to report concerns about unfair or biased outputs. If a user believes an AI suggestion was influenced by an inappropriate bias or feels that they were treated unfairly by an AIdriven process, they can contact us or flag it through the platform. All such complaints are taken seriously and investigated by our AI governance team. We will explain or clarify the situation to the user and, if a bias is confirmed, correct it and inform affected users as appropriate. This feedback loop helps us uphold accountability for fairness.

      Our commitment to fairness aligns with our core values of ethical and human-centered AI. We believe that AI should benefit all users equitably. By proactively addressing bias and discrimination risks, Health Cloud works to ensure that our AI insights are inclusive, just, and worthy of the trust that patients and providers place in our platform.

      Commitment to Accountability and Governance

      Health Cloud recognizes that deploying AI in healthcare comes with a responsibility to be accountable for how these systems operate and impact users. We have established governance structures and internal policies to ensure accountability at all levels – from our development team to our executive leadership:

      • AI Governance Team: We maintain a dedicated AI Governance team or committee that includes technical experts, clinicians, compliance officers, and leadership representatives. This team is tasked with overseeing our AI projects from an ethics and compliance standpoint. They regularly review our AI systems, policies, and any reported incidents. The governance team holds the developers and product owners accountable to the standards set in this Policy and in our internal Responsible AI guidelines. They also stay abreast of legal requirements and ethical norms, updating our practices as needed to remain compliant and responsible.
      • Policies and Procedures: Internally, we have clear procedures for AI development and deployment that enforce accountability. For example, we follow a “Responsible AI Development Lifecycle” where at each stage (design, training, validation, deployment, monitoring) there are checkpoints and sign-offs. Accountability measures include documentation of who approved a model to go live, what evaluation was done, and what safeguards were put in place. If an AI feature does not meet our criteria, it cannot be launched. Our staff are trained on these procedures, and any deviation or incident (like an AI error causing a user issue) triggers a review to understand accountability and prevent recurrence.
      • Regulatory Compliance and Oversight: We treat compliance with regulations (such as HIPAA, FDA guidance on Clinical Decision Support tools, and FTC guidelines on AI) as a fundamental aspect of accountability. Health Cloud is pursuing formal certifications (HIPAA compliance and SOC 2 attestation) which include external audits of our processes. As part of these efforts, we document how AI is used with PHI and ensurethere's a chain of responsibility for protecting that data. If in the future certain AI features become subject to FDA oversight or other regulatory review, we will comply fully and engage with regulators transparently. We view regulatory bodies as partners in ensuring we are accountable to the highest standards of patient safety and data ethics.
      • Audit Trails and Logging: Our platform maintains audit logs for AI-driven interactions where appropriate. For example, we may log the outputs given by an AI system and the context (inputs, time, user interactions) in a secure manner. These logs allow us to trace back and investigate any unexpected or undesirable AI behavior. If a provider ever questions “Why did the system suggest this to my patient?”, we aim to have sufficient records to analyze that case. This traceability is a key part of accountability – it means we don’t just deploy AI and forget it, we continuously keep tabs on what it’s doing and we can answer for its actions.
      • Accountability to Users: We hold ourselves accountable to our users through transparency and open communication. This Policy itself is a form of accountability – by publicly committing to these practices, we invite our users and the public to hold Health Cloud to these standards. If something goes wrong – for example, a significant AI error or a data breach involving an AI component – we will inform affected users and take responsibility as appropriate. We will not hide behind the notion that “the AI is a black box.” Instead, Health Cloud stands by the principle that we are responsible for the AI we deploy. Our Terms of Service and user agreements include appropriate provisions, but beyond legal obligations, we morally commit to addressing any harm or issues our AI may cause, and to do so in a way that meets the expectations of our users and regulators.

      In essence, accountability in AI at Health Cloud means there is always a responsible human and a process behind every algorithm. Users and stakeholders have the right to expect that our AI is well-governed, and we have put concrete measures in place to ensure that expectation is met.

      Commitment to Continuous Monitoring and Improvement

      AI systems require continuous monitoring and refinement to remain effective, accurate, and safe over time. Health Cloud is dedicated to ongoing surveillance of our AI performance and iterative improvement as part of our lifecycle management for AI:

      • Performance Monitoring: We continuously track key performance indicators (KPIs) for our AI models, such as accuracy, precision/recall, and error rates in their outputs. For example, if our NLP assistant is answering patient questions, we monitor metrics like the relevance and correctness of its answers (perhaps via user ratings or automated checking against known references). If a predictive model is live, we monitor how often its predictions are later confirmed or disproven by actual outcomes. This real-world performance data is analyzed regularly. Any degradation or anomaly in performance triggers an alert to our AI team to investigate and address the cause (such as model drift or data changes).
      • Regular Updates and Model Retraining: We view our AI models as dynamic and subject to updates. As new medical research becomes available, as our user population grows or changes, or as we collect more data, we plan periodic retraining or tuning of models to improve their accuracy and fairness. For example, during the beta period, we might release updated versions of a recommendation algorithm monthly to incorporate feedback and new insights. Each update is tested to ensure it improves performance without unintended side effects. We document version changes so we know which version of a model was active at any given time. Continuous improvement means our AI should get smarter and more reliable the longer it operates, under careful supervision.
      • Security Monitoring: Because our platform deals with PHI and sensitive analytics, we also continuously monitor for security and privacy issues in our AI systems. This includes watching for any unauthorized access to AI systems, unusual usage patterns that might indicate abuse, or vulnerabilities in third-party AI components. Our SOC 2-aligned controls involve continuous logging and automated alerts for security events. If an issue is detected (say, an API feeding the AI is misbehaving or someone tries to extract model data illicitly), we respond immediately as part of our incident response plan. Keeping the AI secure is an ongoing effort, integral to maintaining user trust.
      • User Feedback and Support: Continuous improvement is not just about the model metrics; it’s also about the human experience. We keep open channels for users to ask questions or express concerns about AI outputs. For example, if providers consistently ask our support team “why did the AI suggest X for my patient who clearly needed Y?”, this is a signal we need to improve either the AI’s logic or the explanation it provides. We treat user questions and support tickets related to AI with high priority during beta, as they often highlight areas for improvement. Our team meets regularly to review this feedback and incorporate it into the AI roadmap.
      • Research and Development: Health Cloud invests in ongoing R&D to refine our algorithms and adopt advances in the field. We may pilot new techniques (in a controlled manner) to see if they yield better outcomes, always with an eye on safety and ethics. We keep models up-to-date with the latest medical knowledge by feeding new validated data (for instance, integrating updated clinical guidelines or peer-reviewed studies into the AI’s knowledge base). We also collaborate with external experts and possibly academic institutions to audit and improve our systems. Continuous improvement is not just reactive, but proactive – we seek out ways the AI might fail and preemptively work to enhance it.

      Our commitment to monitoring and improvement means that Health Cloud’s AI is not static. We treat the deployment of AI as the beginning of a responsible maintenance process. Users can take comfort that we are not “set and forget” with our algorithms; instead, we are constantly watching, learning, and refining to ensure the AI remains effective, safe, and aligned with our users’ needs over time.

      User Responsibilities and Appropriate Use of AI Insights

      While Health Cloud is accountable for providing robust and ethical AI tools, users of the platform also bear responsibility for how they use AI-generated insights. We want to clearly articulate the expectations for users (both patients and healthcare providers) when engaging with our AI features:

      • Maintain Professional Judgment (for Providers): Licensed healthcare providers using Health Cloud must apply their own clinical judgment and expertise to any AI-provided insight. The AI may surface patterns or suggestions, but it is the provider’s responsibility to verify information, consider the full clinical context, and decide on the best course of action for the patient. Under no circumstance should a provider defer to the AI if it contradicts their own judgment or other clinical evidence without thorough verification. In practice, this means using AI as a second opinion or assistant, not an authoritative source. Providers remain responsible for all medical decisions and patient advice they give, as if the AI were not present.
      • Use as Educational Support (for Patients): Patients and lay users should use Health Cloud’s AI outputs as a learning tool or a way to better understand their health, but not as medical gospel. If the AI gives you a suggestion or health tip, you should treat it as a topic to perhaps discuss with your doctor or research further, rather than a definite directive. Patients are responsible for following up on AI information by checking reliable sources or contacting healthcare professionals. For example, if the AI says “you might be experiencing X condition,” the responsible action is for the patient to consult a doctor for an evaluation of that condition, rather than self-treat or panic solely based on the AI.
      • Do Not Ignore Professional Advice: Users must not let AI outputs sway them to ignore or delay seeking professional medical advice. If a healthcare provider has given a treatment plan or a recommendation, a patient should not abandon it because an AI chatbot provided a different idea. Similarly, providers should not use AI to contradict established guidelines without substantial justification and confirmation. In short, AI insights should complement but never replace the advice of qualified professionals.
      • Verify Critical Information: For any critical or life-affecting decisions, users have a responsibility to double-check AI information. This might mean consulting additional medical literature, asking another colleague (for providers), or using diagnostic tests and exams to confirm any hypothesis the AI raises. Health Cloud provides sources or context with certain AI outputs to facilitate this verification, but the user must engage in that verification step diligently. Acting on unverified information from an AI can be risky, and users are expected to exercise due diligence.
      • Use Within Intended Scope: Users should use the AI features only for their intended purposes. For example, patients should use the symptom-checker AI to get general health information, not to obtain prescription drugs or emergency help. Providers might use an AI analytics tool to scan patient records for trends, but not as an official diagnostic device in lieu of lab tests. Using the AI outside the scope described in this Policy (for instance, feeding it unrelated or non-health data hoping for analysis, or relying on it for decisionmaking in non-supported clinical scenarios) is against the intended use. Such misuse can lead to misleading results, and users will be responsible for any consequences of using the AI in a manner not recommended by Health Cloud.
      • Privacy and Data Input: Users should also be mindful of the data they input into AI features. While Health Cloud is HIPAA-compliant, patients should avoid oversharing beyond what is necessary, and providers should input accurate, relevant information for the best AI output. Submitting false or garbage data could lead to incorrect AI responses which the user might misinterpret. Users hold some responsibility for providing quality input and protecting their own login credentials and access to ensure their health data isn’t misused in the AI context.

      By understanding and adhering to these responsibilities, users help ensure that Health Cloud’s AI tools remain helpful and safe. Empowered, informed users are the best defense against AI misuse or overreliance. We stress that ultimate control and responsibility lie with the human user: the AI is an aid, and how its output is applied is in the hands of the user. Health Cloud will continue to educate and guide users on proper use of AI, but we rely on users to exercise sound judgment and caution in all cases.

      Privacy and Security in AI Use

      Protecting user privacy and securing health data is foundational to everything we do, including our AI functions. Since Health Cloud’s AI may process PHI, we implement stringent privacy and security measures in line with HIPAA and our broader data protection program:

      • HIPAA Compliance: Health Cloud is designed as a HIPAA-compliant platform. Any AI feature that uses PHI is considered part of our health operations and is protected under the same safeguards as the rest of our system. We have in place Business Associate Agreements (BAAs) with any relevant partners or vendors who might assist in AI processing of PHI, ensuring they are also HIPAA-bound to protect privacy. PHI is only used or disclosed for purposes allowed by HIPAA (such as healthcare operations or with patient consent). We never use PHI to train AI models without proper authorization or de-identification. If we do train models on user data, we either use de-identified data (scrubbed of personal identifiers per HIPAA safe harbor or expert determination standards) or, if de-identification is not feasible, we obtain explicit permission and secure the data rigorously.
      • Data Minimization: Our AI systems follow a principle of data minimization – using the minimum necessary information to achieve the intended outcome. For example, if an AI is analyzing a symptom input, it will access relevant parts of a patient’s record, not the entire medical history, unless needed. We design AI queries and data flows to avoid pulling in extraneous personal data. This reduces the risk exposure of sensitive information. Additionally, we do not store AI interaction logs containing PHI beyond what is needed for audit and improvement; and any stored logs are protected and encrypted.
      • Encryption and Security Controls: All PHI and sensitive data involved in AI processes are encrypted both in transit and at rest. Our databases, whether storing AI training data or user inputs, use strong encryption algorithms. Access to these systems is restricted to authorized personnel under the principle of least privilege. We also utilize monitoring tools to detect any unauthorized access or anomalies in data usage. Our SOC 2 controls cover the AI infrastructure as well – we undergo security audits and penetration testing that include the servers and services running AI components. In short, the same high level of security that applies to the rest of Health Cloud applies to our AI: from network security, access control, audit logging, to regular security assessments.
      • Third-Party AI Tools: If Health Cloud integrates any third-party AI services or libraries (for example, an NLP engine or a cloud-based machine learning service), we vet those services for security and compliance. We ensure any third-party involved can meet our security requirements and sign the necessary agreements (like a BAA if PHI is involved). We also configure such tools to not retain or use our data beyond providing the service to us. For instance, if we use a cloud AI service to transcribe speech to text for a doctor’s note, we will ensure the audio data is sent securely and that the service does not keep that data or use it to train models outside our control, unless it’s covered by agreement and consent.
      • User Confidentiality: We maintain strict confidentiality of AI interactions. If a patient asks the AI assistant a question about their condition, that query is treated with the same confidentiality as if they had shared it with a live doctor on our platform. We do not disclose or make public any personal queries or AI outputs tied to an individual. Internally, only authorized staff with a need-to-know (for example, to investigate a support issue or improve the system with proper oversight) may access specific AI interaction data, and even then, they must follow privacy protocols. Our privacy policy (separate from this AI Policy) further details how user data is handled, and all those provisions fully extend to data processed by AI.

      In summary, Health Cloud’s use of AI does not come at the expense of privacy or security. We treat data protection as a non-negotiable priority, and our pursuit of SOC 2 compliance evidences our commitment to strong internal controls. Users can trust that whether a result is generated by an algorithm or entered by a person, it is safeguarded under our comprehensive privacy and security program. We view ethical AI as encompassing privacy: just as we strive for fairness and transparency, we also ensure confidentiality and data integrity in every AI operation.

      Disclaimers and Limitations of Liability

      While Health Cloud is committed to the responsible use of AI, it is important to formally outline certain disclaimers and limitations of liability regarding our AI features. By using Health Cloud (especially during this beta phase of our platform), users acknowledge and accept the following:

      • No Warranties on AI Outcomes: The AI functionalities in Health Cloud are provided on an “as-is” and “as-available” basis for informational support. Health Cloud makes no warranties or guarantees – express or implied – about the accuracy, completeness, reliability, or usefulness of any AI-generated output. This includes any warranties of merchantability or fitness for a particular purpose that might otherwise be applicable. We do not warrant that the AI will find every relevant insight, produce error-free results, or meet the specific expectations of any user. Users should understand that any reliance on AI information is at their own discretion and risk.
      • Limitation of Liability: To the fullest extent permitted by law, Health Cloud (and its parent company, affiliates, officers, employees, and agents) shall not be liable for any damages, losses, or harms – whether direct, indirect, incidental, consequential, or otherwise – arising from or relating to the use of AI-generated insights on the platform. This limitation includes, but is not limited to, liability for personal injury, wrongful diagnosis or treatment decisions, lost profits, data loss, or any other tangible or intangible harm that may occur from the use of or reliance upon our AI. For example, if a provider bases a treatment solely on an AI suggestion and adverse outcomes occur, Health Cloud is not liable for those outcomes. If a patient delays seeking treatment because of something the AI said, we are not liable for any health consequences suffered.
      • User Indemnification: Our Terms of Use (which users agree to by using the platform) contain indemnification provisions. In line with those, users agree to indemnify and hold harmless Health Cloud for any third-party claims or losses resulting from the user’s misuse of AI information or violation of this Policy. In simpler terms, if a user’s actions (for instance, using AI advice inappropriately and causing harm) lead to a legal claim against Health Cloud, the user may be responsible for the costs and damages.
      • Not Medical or Legal Advice: Any information produced by AI on Health Cloud should be understood as coming from a machine and not from a licensed professional. As such, it does not carry the legal or professional authority of medical advice, diagnosis, or treatment. We disclaim any liability for failure to obtain professional advice. Users are solely responsible for seeking the counsel of qualified healthcare providers for any medical issues or questions. This disclaimer is reiterated throughout our platform: the AI is an informational tool, not a healthcare provider.
      • Beta Product Disclaimer: Because Health Cloud is currently in a beta release, users should be especially cautious. Features (including AI models) are in active development and testing. They may be updated, modified, or removed as we refine the platform. There may be unknown issues or inaccuracies that we have not yet discovered. By using the beta, users acknowledge this and agree that they are participating in a testing phase, during which the AI may not perform at the level of a final product. Health Cloud disclaims liability for any issues arising specifically from the beta nature of the service. We welcome feedback during this period and will do our best to fix issues promptly, but we cannot be held liable for any problems encountered in beta.

      These disclaimers and liability limits are consistent with the need to ensure that Health Cloud is not improperly held responsible for actions beyond its control, especially given the inherent uncertainties in AI outputs. They do not override our commitment to accountability and ethical conduct; rather, they clarify the legal understanding that the user must exercise sound judgment and not solely rely on AI. We encourage all users to read these provisions carefully and to use Health Cloud’s AI features in an informed and responsible manner.

      Updates and Contact Information

      This AI & Algorithmic Transparency Policy may be updated from time to time as our platform evolves or as laws and regulations change. Health Cloud’s commitment to ethical AI is ongoing, and we will reflect improvements or changes in practice in this document. If we make material changes to the Policy (for example, introduce a new type of AI with different implications), we will notify our users through appropriate channels (such as an in-app notification or email) and post the revised Policy with an updated effective date.

      Effective Date: April 13, 2025

      If users have questions or concerns about this Policy, our AI features, or any related issue, we encourage them to contact us. You may reach out to Health Cloud’s support and compliance team at contact@healthcloud.email or via our support portal on the platform. We will respond to inquiries and take appropriate action as needed to address any issues raised.

      By clearly laying out our AI practices and principles in this Policy, Health Cloud strives to be a leader in responsible, transparent AI in healthcare. We believe that through openness, vigilance, and collaboration with our users, we can harness AI’s benefits while upholding the highest standards of ethics, privacy, and patient care.