How It Works
Explore
Resources Ask a Question
Who It's For
Patients
Decode results, prep for appointments, weigh options.
Caregivers & advocates
Carry the research load for someone you love.
Providers & clinicians
Resources for patients in your practice.
Log In Ask a Question
FAQs

Is It Safe to Share My Medical Records with Inciteful Med?

A reasonable thing to ask. Here's exactly how we treat your records.

Who can see your records

  • You. Your records are visible to you in the app.
  • Inciteful Med systems that need to read records to answer your questions - encrypted in transit and at rest.
  • No one else by default. We don't share records with insurers, employers, advertisers, marketers, internal employees, or anyone outside the systems that run Inciteful Med.

A small number of Inciteful Med staff have the technical ability to access stored data for legitimate operational reasons (debugging, customer support you've asked for, abuse investigation). Access is logged and limited.

Do humans read my records?

Not as a routine practice. We use automated systems to process and answer questions. A staff member would only look at specific data if you ask us to (e.g., support) or in a narrow security/abuse investigation.

Do you train AI models on my data?

No. We do not use your records, questions, or reports to train models - ours or anyone else's. The AI components Inciteful Med uses are configured to not retain your inputs for model training.

Encryption

  • Records are encrypted in transit (TLS) between your device and our systems.
  • Records are encrypted at rest in the database.
  • Backups are also encrypted.

What if Inciteful Med is breached?

We take security seriously and follow industry best practices. No company can claim a breach is impossible. If we ever discover a security incident affecting your data, we'll notify affected users in line with applicable laws (HIPAA breach notification, state privacy laws).

You can reduce your own exposure by being thoughtful about what you upload - see Which records should I add?. You can delete any record at any time.

What if Inciteful Med gets acquired?

Any change of control is governed by our privacy policy, which spells out how your data would be handled. The short version: any successor is bound by the same commitments, and you can delete your account at any time.

What about asking questions without an account?

Anonymous questions on /ask don't get the same privacy protections as authenticated accounts. Don't include personally identifiable information (PII) - full names, dates of birth, addresses, MRNs, insurance IDs - in an anonymous question. See Asking a question without an account.

If you want personalized research using your records, create an account.

Sharing reports with others

When you generate a share link, the recipient sees the report - not your underlying records or account. See What's included when I share a report?.

Deleting your data

You can delete individual records, individual patients, or your whole account at any time. See How do I delete my data? and Closing your account.

See also