1. How long will you maintain the data related to ambient_session_id?
1. How long will you maintain the data related to ambient_session_id?
2. How is data security handled within the Suki platform?
2. How is data security handled within the Suki platform?
To protect your data and comply with HIPAA, Suki uses multiple layers of technical, administrative, and physical security. Key measures include:
- Encryption in Transit: All data transmitted to and from the Suki Platform is encrypted using TLS 1.2.
- Encryption at Rest: Data at rest is encrypted using AES-256 with Google Cloud services, such as Cloud SQL and Google Cloud Storage.
- Edge Protection: Suki uses a Web Application Firewall (WAF) from Akamai to protect all edge traffic.
- Data De-identification: Suki uses de-identified and anonymized data for model training purposes. Any data that is used for ML training and improving the product is de-identified. For audio, we use a de-identification algorithm that breaks audio into chunks and isolates them such that the original audio cannot be re-constructed. The transcript generated is de-identified by removing all PII.
3. What measures are in place to protect patient privacy?
3. What measures are in place to protect patient privacy?
Suki uses comprehensive technical, administrative, and physical safeguards to protect patient privacy and secure data.Before your integration sends personal data to the platform, the clinician is responsible for obtaining patient consent. This responsibility includes:
- Maintaining their own consent policies that govern the collection, use, and disclosure of personal data.
- Obtaining all necessary authorizations from a patient before any personal data is made available to Suki.
- We do not identify the clinician or the patient in the voice recordings. We diarize to distinguish different speakers without identifying them.
- Suki does not create or retain any voice signatures. We use voice only for transcription and summarization of the notes.
- Voice recordings are de-identified by chunking of files. The text transcripts are de-identified to remove PHI and ensure identification of individuals is not possible.
4. How does the Suki platform ensure compliance with relevant healthcare regulations?
4. How does the Suki platform ensure compliance with relevant healthcare regulations?
Suki complies with HIPAA requirements, which ensure data privacy laws are met. We sign Business Associate Agreements (BAA) for patient data handling with our customers.
5. Does Suki offer reseller agreements?
5. Does Suki offer reseller agreements?
Through the Suki Reseller Program, you can embed the Suki Platform’s core technology directly into your own solution. This allows you to sell your application powered by Suki’s assistive technology.