How we look after your data

Health Assistant runs on managed cloud infrastructure. Our hosting providers operate the underlying servers, network and database; our team is responsible for the application, access rules, and how your data is used inside it. You are responsible for keeping your sign-in credentials private and for the accuracy of information you enter.

• Email + password sign-in with verified email addresses.
• Sessions are stored in your browser and can be ended at any time by signing out.
• Role-based access: patients, consultants, business owners, care staff and administrators each see only the surfaces meant for them.
• Administrator privileges are never granted through self sign-up — they require an explicit action by an existing administrator.

• Account profile (name, email, role).
• Health information you choose to add — vaccinations, records, appointments.
• Business and clinic information for consultants, locations and staff.
• Operational logs needed to keep the service running and secure.

We do not sell personal data. We do not use your health records to train external AI models.

• Traffic between your browser and the application is served over HTTPS.
• Row-level access rules in the database restrict each record to the user (or business) it belongs to.
• Privileged server credentials never leave our server runtime.
• File uploads (such as onboarding documents) are stored in a non-public bucket.

We rely on a small set of trusted providers to operate the service: a managed Postgres + authentication provider, hosting for the web application, and email delivery for transactional messages. India's ABDM (Ayushman Bharat Digital Mission) connectivity is being introduced progressively and is opt-in.

You can remove individual vaccinations, health records and appointments from your account at any time. To delete your entire account and associated data, email the address below and we will action the request.

If you believe you've found a security issue, please contact us before disclosing it publicly so we can investigate and fix it. We appreciate responsible disclosure.

Helpline: +91 -8446-10-4242 · Mon–Sat 9am–9pm IST

Health Assistant is built with India's healthcare regulatory context in mind, including ABDM design principles. We do not currently claim certification under HIPAA, SOC 2, ISO 27001 or similar standards. When a formal certification is in place we will update this page.