Is Ambience Healthcare safe with your data?

Ambience Healthcare

52/100

Weak disclosure · high confidence

Not really. Ambience Healthcare earns a D (52/100) for what it discloses about your data: the policy grants access, deletion, correction, portability, and opt-out rights to residents of applicable states and to EEA, Switzerland, and UK individuals, including the right to delete personal information that we have obtained and the right to receive data in a machine-readable format.

#57

of 69 apps ranked

score · Healthcare avg 48

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Ambience Healthcare's privacy policy grants consumer and GDPR data-subject rights: access, deletion, correction, portability, and opt-out. It does not say whether user inputs train AI models, gives no day-count retention period or deletion timeline, makes no breach-notification commitment, and claims no security certification. Clinical and patient data are scoped out to HIPAA business associate agreements with its provider customers, so the consumer-facing policy never addresses the most safety-relevant training and retention disclosures.

What Ambience Healthcare's privacy policy says about your data

Full rights catalog

The policy grants access, deletion, correction, portability, and opt-out rights to residents of applicable states and to EEA, Switzerland, and UK individuals, including the right to delete personal information that we have obtained and the right to receive data in a machine-readable format.

Silent on AI training

Ambience is a clinical documentation AI vendor, yet the policy never says whether user inputs train models and names no training opt-out. It scopes clinical data to HIPAA business associate agreements with provider customers.

Vague retention, no breach clause

Retention is described only as not retaining information for longer than needed to fulfill these purposes, with no day-count and no deletion timeline. The policy makes no breach-notification commitment.

Ad sharing with opt-out

The policy discloses sharing email addresses with Facebook Custom Audiences and lists categories that may be sold or shared in its California notice. It also grants a right to opt out of the sale or sharing of personal information.

What the policy is silent or vague on

Doesn't clearly: keeps user inputs out of model training, or makes training opt-in
Doesn't clearly: names a way to opt out of or into training
Doesn't clearly: says whether training use differs by plan or tier
Doesn't clearly: lets the user keep ownership of generated outputs

Ambience Healthcare privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights5 of 5 disclosed

Grants a right to access your dataDisclosed

Grants a right to delete your dataDisclosed

Offers data portability in a usable formatDisclosed

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingDisclosed

Retention and deletion0 of 4 disclosed

States a retention period for your dataDisclosed

States a deletion timeline after closure or requestSilent

Sets a shorter retention for AI conversation logsSilent

Commits to collecting only the data it needsDisclosed

Third-party sharing2 of 4 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementDisclosed

Does not sell or share data for advertising, or offers opt-outDisclosed

Names a safeguard for international data transfersNot applicable

States a standard for government and law-enforcement accessDisclosed

Transparency2 of 4 disclosed

Discloses that you are interacting with AISilent

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesDisclosed

Is versioned and dated, with change noticeDisclosed

Sensitive data and children2 of 3 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

Governs biometric data specificallySilent

States protections for children's dataDisclosed

Security and accountability0 of 3 disclosed

Describes its security safeguardsDisclosed

Commits to breach notificationSilent

Names a certification or a privacy contactDisclosed

DisclosedPartialSilentAdverseNot applicable

Details

Category: Healthcare
Modalities: audio, text
Processes biometrics: Yes
Policy last updated: 2023-12-01
Region scored: Global / US-default
Assessed: 2026-06-20

Read Ambience Healthcare's privacy policy

Other healthcare apps

AbridgeD

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.