Is Heidi Health safe with your data?
Heidi Health
Heidi Health Pty
Weak disclosure · high confidence
Heidi Health earns a D (49/100) because it leaves much about its data practices unstated.
#102
of 205 apps ranked
49
score · Healthcare avg 38
+11
vs category average
Heidi Health discloses opt-out data training only for de-identified queries, grants core user rights with 30-day response promise, but lacks named retention periods and automated decision-making governance.
What Heidi Health's privacy policy says about your data
Training-data governance
PHI will not be used for model training; queries may be reviewed in de-identified form only
User rights enforcement
Access, deletion, correction, data portability, and object-to-processing requests answered within 30 days
Health data protection
Unless permitted or required by law, health information not used without explicit consent; no marketing without consent
Security implementation
Robust encryption, multi-layered encryption, stringent access controls, continuous threat monitoring named
The area-by-area breakdown for Heidi Health is being prepared and will appear after its next scoring pass on the current rubric. The summary and highlights above reflect the latest assessment.
Details
- Category
- Healthcare
- Modalities
- text, audio
- Processes biometrics
- Yes
- Policy last updated
- 2024-10-01
- Region scored
- Global / US-default
- Last assessed
- 2026-06-21
Documents examined
Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.