Is Hippocratic AI safe with your data?

Hippocratic AI

45/100

Weak disclosure · medium confidence

Hippocratic AI earns a D (45/100) because it leaves much about its data practices unstated.

#159

of 177 apps ranked

score · Healthcare avg 44

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

Hippocratic AI publishes a generic website privacy policy. It grants US state data rights and states it does not sell personal information. The policy says nothing about AI model training, retention timelines, breach notification, or named security controls. It reads as a general website notice and is not tailored to a conversational health agent, so every AI-specific indicator (training use, output ownership, AI transparency) scores zero for silence. There are no dealbreaker reservations, and the entity, contact address, and state-law disclosures confirm this is Hippocratic AI's own policy.

What Hippocratic AI's privacy policy says about your data

No training disclosure

The policy describes generic collection to operate and improve products. It never addresses whether user inputs or conversations train AI models, so all four training indicators score zero for silence.

Full data rights

The state-specific section grants access in a portable format, correction, and deletion. You can request access to, correct, or delete your personal information by emailing privacy@hippocraticai.com, covering access, portability, rectification, and deletion.

Does not sell data

The policy states that in the twelve months prior to the effective date it has not sold any personal information of consumers and does not engage in cross-context behavioral advertising, which earns full credit on the ads indicator.

Vague retention, generic security, no breach notice

Retention is described only as for as long as it is required to fulfill the relevant purposes, with no day count or deletion timeline. Security is generic (encryption protocols and physical, electronic, and procedural safeguards) with no named controls, and the policy is silent on breach notification and on any certification or named data protection officer.

What the policy is silent or vague on

Not stated: keeping user inputs out of model training
Not stated: a way to opt out of training
Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs

Hippocratic AI privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights4 of 5 disclosed

Grants a right to access your dataDisclosed

Grants a right to delete your dataDisclosed

Offers data portability in a usable formatDisclosed

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingPartial

Retention and deletion0 of 4 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestSilent

Sets a shorter retention for AI conversation logsSilent

Commits to collecting only the data it needsPartial

Third-party sharing2 of 4 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementSilent

Does not sell or share data for advertising, or offers opt-outDisclosed

Names a safeguard for international data transfersNot applicable

States a standard for government and law-enforcement accessPartial

Transparency1 of 5 disclosed

Discloses that you are interacting with AISilent

Marks AI-generated or synthetic outputSilent

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesPartial

Is versioned and dated, with change noticePartial

Sensitive data and children3 of 3 disclosed

Discloses automated decisions and a human-review pathDisclosed

Limits the use of special-category dataDisclosed

Governs biometric data specificallyNot applicable

States protections for children's dataDisclosed

Security and accountability0 of 3 disclosed

Describes its security safeguardsPartial

Commits to breach notificationSilent

Names a certification or a privacy contactSilent

DisclosedPartialSilentAdverseNot applicable

Details

Category: Healthcare
Modalities: text, audio
Processes biometrics: No
Policy last updated: 2023-09-13
Region scored: Global / US-default
Assessed: 2026-06-20

Read Hippocratic AI's privacy policy

Other healthcare apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.