MedAsk

Try MedAsk for Free
Menu
Try MedAsk for Free

Protecting Health Data with Privacy by Design

Introduction

In a time where digital health is reshaping the way patients engage with medical services, privacy and security are more critical than ever. The growing sensitivity around health-related personal data, coupled with evolving privacy regulations such as GDPR and HIPAA, demands rigorous protection mechanisms and transparent handling.

MedAsk is a privacy-first, chat-based medical AI designed to assist patients in understanding their health while ensuring data protection at every level. This page serves to outline the privacy and security architecture behind MedAsk, our approach to regulatory compliance, and our commitment to protecting user data through privacy by design principles.

For additional information, please refer to our Privacy Policy and Cookie Policy.

Data Minimization and Security Architecture

At MedAsk, we understand that the health information shared during a symptom assessment is among the most sensitive types of personal data. In line with GDPR and HIPAA principles, we have designed our system architecture to prevent the storage of any direct or indirect identifiers that could link data back to individual users.

We refer to each session where a user interacts with the symptom checker as an “assessment.” When an assessment is initiated via our own or a partner’s platform, an access token is generated for the session. This token contains no user-identifying data and is used solely to authorize the interaction with our services.

On our backend, we store only the symptom-related questions and answers linked to a random, non-identifiable session ID. Additionally:

  • There is no user profile: Each assessment is treated independently.
  • There are no cross-session links: Assessments cannot be tied together or to a particular user.

This approach ensures that even if session data were accessed, it could not be traced back to an individual—thus providing robust protection for user privacy from both a legal and technical standpoint.

Session Architecture

  • Users initiate a symptom assessment through our web app or our partner’s frontend interface.
  • The frontend securely relays messages to the MedAsk backend.
  • Our backend processes the request, generates a response using a secure LLM engine, and stores relevant assessment data.
  • No personally identifiable information (PII) or indirect identifiers are stored.
  • A session (or “assessment”) is tied to a unique, randomly generated ID, with no link to user profiles.
  • We do not connect any identifiable metadata, such as IP addresses or device fingerprints, to the assessment data. Metadata is used exclusively for separate traffic analytics purposes.

Data Flow Overview

data_flow
Data flow Diagram
  1. Client Interaction: A user initiates a symptom assessment.
  2. Frontend Routing: The frontend does not store data, only relays encrypted requests to MedAsk.
  3. Processing: The MedAsk server evaluates the query using a secure LLM engine.
  4. Storage: Only de-identified assessment data (questions and responses) are stored, associated with a random session ID.
  5. Response: The answer is routed back to the user via the frontend.

Technical Safeguards

  • All servers are self-hosted on-premise in Slovenia (EU), eliminating third-party cloud data access.
  • Disk encryption is enabled on all storage devices.
  • API endpoints are token-protected; access requires authenticated credentials.
  • All data in transit is encrypted using industry-standard SSL/TLS protocols.
  • Access to the servers is restricted to selected, trained employees.

Service Reliability and Redundancy

MedAsk maintains a robust infrastructure to ensure service availability and data resilience:

  • Two geographically distinct server environments with automatic failover.
  • Logical replication between servers for real-time synchronization.
  • Daily encrypted backups of all critical data.
  • Backups are stored securely and never transmitted to cloud services.

Organizational Measures

All internal processes at MedAsk consider the data in our production system highly confidential and sensitive. Only selected, trained employees have access to the production servers, and it is strictly prohibited to copy or remove any data from these databases.

We maintain clear procedures for:

  • Responding promptly to data subject requests.
  • Regular security audits and infrastructure reviews.
  • Continuous assessment and management of privacy risks through internal documentation and controls.

Regulatory Compliance

We are committed to aligning with the strictest data protection laws:

  • GDPR: We operate within the European Economic Area and follow GDPR principles, including data minimization, accountability, and user rights.
  • HIPAA: Although HIPAA compliance depends on the partner’s implementation and legal role, we actively design our systems and practices to support HIPAA-aligned data protection.