Privacy Policy

Effective Date: January 2025 Last Updated: November 15, 2025

1. Introduction

Doctor AI, LLC ("Doctor AI®", "DDxRx®", "ClinicalAssist™", "we", "our", "us") is committed to protecting the privacy, confidentiality, and integrity of personal and clinical information.

This Privacy Policy explains:

  • What data we collect
  • How we use and protect that data
  • Your rights regarding your personal information
  • How AI, robotics, computer vision, and telemedicine systems collect and process data
  • How we maintain HIPAA compliance for patient-related information

This Privacy Policy applies to:

  • Websites (including DDxRx.com, DoctorAI.ai)
  • Web applications
  • Mobile apps
  • Robotic systems (ClinicalAssist™)
  • Remote-control telemedicine modules
  • Fall-Alert™ bed-exit and movement monitoring system
  • Diagnostic AI services (DDxRx® engine)

2. Information We Collect

We collect three categories of data:

2.1 Information You Provide Directly

When you create an account, register, or use our Services, you may provide:

  • Name, email, phone number
  • Medical credentials (if applicable)
  • Practice and facility information
  • Payment and subscription information
  • Patient data entered manually by clinicians
  • Feedback, messages, or support requests
  • Uploaded files, images, audio, or diagnostic inputs
  • Telemedicine interaction data

We do NOT collect unnecessary PHI unless you intentionally input it.

2.2 Information Collected Automatically

Depending on the Services used, we may automatically collect:

(A) Device Information

  • IP address
  • Browser, operating system
  • Mobile device identifiers
  • Login/logoff timestamps
  • Crash logs

(B) Usage Analytics

  • Pages viewed
  • Features accessed
  • Diagnostic tools used
  • AI sessions initiated
  • Robotic interactions (command logs, event logs)

(C) Location Data (If Enabled)

Used strictly for telemedicine routing, device authentication, and security.

2.3 Robotic, Audio, and Video Information (ClinicalAssist™ / Fall-Alert™)

For users of ClinicalAssist™ and Fall-Alert™ systems:

  • Camera video streams used for fall detection, movement analysis, and remote telemedicine.
  • Microphone audio to enable clinician-patient communication and emergency detection.
  • Computer vision outputs (e.g., body position, bed-exit probability).
  • Robot sensor data (infrared, depth sensing, movement logs).

Important:

  • Video/audio may be processed in real-time by AI models but is not stored unless explicitly configured by the healthcare facility.
  • Patient identifying data is never used for AI training unless expressly permitted by the facility under a separate agreement.

3. How We Use Your Information

3.1 Provide and Improve the Services

  • Enable diagnostic suggestions using DDxRx®
  • Improve AI accuracy and responsiveness
  • Deliver robotic safety alerts (Fall-Alert™)
  • Support remote-control telemedicine
  • Monitor device performance

3.2 Security and Compliance

  • Authenticate users
  • Monitor for suspicious logins
  • Meet HIPAA and regulatory requirements
  • Protect patients and healthcare providers

3.3 Customer Support

  • Respond to help tickets
  • Resolve robot/device issues
  • Provide training and onboarding

3.4 Product Development

  • Enhance AI models
  • Improve robotics algorithms
  • Update diagnostic databases
  • Conduct quality assurance, testing, and safety audits

3.5 Required Legal Uses

We may use information when required to:

  • Comply with HIPAA, federal/state laws
  • Respond to legal requests (subpoena, court order)
  • Prevent fraud or imminent harm

4. AI Processing and Automated Decision Systems

4.1 Diagnostic AI (DDxRx®)

Processes:

  • Symptoms
  • Clinical data
  • Medical history
  • Decision-support recommendations

4.2 Robotics AI (ClinicalAssist™ / Fall-Alert™)

Processes:

  • Video frames (body posture, movement)
  • Audio (for interactions)
  • Environmental sensors
  • Clinical workflow automation

4.3 AI Does NOT Replace Human Clinicians

  • The AI does not make final medical decisions
  • The AI does not diagnose or prescribe autonomously
  • Human clinicians must review all recommendations

5. Sharing and Disclosure

We do not sell personal information.

We may share information only:

5.1 With Your Consent

If you authorize integration with:

  • EMR/EHR systems
  • Hospital networks
  • Third-party medical tools
  • Insurance or billing systems

5.2 With Service Providers

Under strict confidentiality agreements:

  • Cloud hosting
  • Security vendors
  • Payment processors
  • Robotics hardware support
  • AI compute infrastructure providers

5.3 For Legal Compliance

If required to comply with:

  • HIPAA
  • FDA investigations
  • State/federal law
  • Subpoenas and court orders

5.4 In Emergencies

To protect:

  • Patient safety
  • Public health
  • System integrity

6. Patient Health Information (PHI)

HIPAA Compliance

For healthcare facility users:

  • We act as a Business Associate (BA) under HIPAA
  • PHI handling follows HIPAA technical, administrative, and physical safeguards
  • PHI is encrypted at rest and in transit
  • Access is logged and auditable
  • Data retention follows facility-based policies
  • We do not use PHI for marketing or advertising.
  • We do not use PHI to train commercial AI models.

7. Cookies, Tracking, and Web Analytics

We use:

  • Session cookies
  • Security cookies
  • Device authentication tokens
  • Analytics tools (de-identified)

We do not use tracking cookies for advertising.

8. Data Retention

We retain data:

  • Only as long as necessary for service delivery
  • Or as required by law (for clinical records)
  • Or as defined in the customer's Business Associate Agreement

You may request deletion of your data except where prohibited by healthcare law.

9. Data Security

Doctor AI uses:

  • AES-256 encryption
  • Encrypted cloud storage
  • Firewall & intrusion detection
  • Robotics device hardening
  • Secure telemedicine communication channels
  • Zero-trust authentication for clinicians

No system is 100% secure, but we follow healthcare cybersecurity standards.

10. Children's Privacy

Our services are not intended for children under 13 unless operated by a licensed healthcare facility in compliance with HIPAA pediatric protections.

11. International Users / GDPR Notice

If you are in the EU, EEA, or UK:

  • GDPR applies
  • You have the right to access, correct, delete, restrict, or export your data
  • Data transfers to the U.S. occur under appropriate safeguards

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes take effect immediately when posted, and the "Last Updated" date will be revised.

13. Contact Information

Doctor AI, LLC
Privacy Office
Email: privacy@ddxrx.net
1120 Beach Blvd, Biloxi, Mississippi, USA

14. Your Rights

You may:

  • Review your account information
  • Update or correct your data
  • Request deletion when permitted
  • Opt out of non-essential communications
  • Request a copy of your data (clinical context permitting)

Requests may be made by email or through your account dashboard.