Abridge

43/100

Weak disclosure · high confidence

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Carves clinical PHI out to business associate agreements and is silent on AI model training, reserving only generic product-improvement use of non-PHI data; strong state-privacy rights but weak retention, deletion, and security specifics.

What the policy says

Training silent

The policy never says whether inputs are used to train AI models; the closest clause is generic, stating Abridge will conduct research and development to enhance our products, with no training opt-out named.

Strong rights menu

Section 6 grants the right to know, delete, correct, opt out of sale and sharing, and opt out of profiling, with a Do Not Sell or Share link and recognition of Global Privacy Control signals.

Vague retention

Retention is described only as for as long as needed to fulfill the purposes and as long as reasonably necessary, with no day-count and no deletion timeline.

Generic security, no breach clause

Section 8 commits to appropriate administrative, physical, and technical safeguards but names no specific controls like TLS or AES-256, and the policy is silent on breach notification.

Score by area

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights4 of 5 disclosed

Grants a right to access your dataDisclosed

Grants a right to delete your dataDisclosed

Offers data portability in a usable formatSilent

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingDisclosed

Retention and deletion0 of 4 disclosed

States a retention period for your dataDisclosed

States a deletion timeline after closure or requestSilent

Sets a shorter retention for AI conversation logsSilent

Commits to collecting only the data it needsDisclosed

Third-party sharing1 of 5 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementDisclosed

Does not sell or share data for advertising, or offers opt-outDisclosed

Names a safeguard for international data transfersSilent

States a standard for government and law-enforcement accessDisclosed

Transparency2 of 4 disclosed

Discloses that you are interacting with AISilent

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesDisclosed

Is versioned and dated, with change noticeDisclosed

Sensitive data and children2 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

Governs biometric data specificallyNot applicable

States protections for children's dataDisclosed

Security and accountability0 of 3 disclosed

Describes its security safeguardsDisclosed

Commits to breach notificationSilent

Names a certification or a privacy contactSilent

DisclosedPartialSilentAdverseNot applicable

Details

Category: Healthcare
Modalities: audio, text
Processes biometrics: No
Policy last updated: 2025-08-22
Region scored: Global / US-default
Assessed: 2026-06-20

Read Abridge's privacy policy

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.