Freed

Clinician and patient trust is of the highest priority at Freed. We hold ourselves accountable to a HIPAA-compliant data storage and processing protocol for all data captured and shared through our platform. 

Undergo background checks before being hired 

Complete annual security awareness training on HIPAA, privacy, and information classification 

- Undergo background checks before being hired 
- Complete annual security awareness training on HIPAA, privacy, and information classification 

Freed conducts regular risk assessments to ensure policies remain up-to-date and relevant 

Our CTO is responsible for Privacy and Security 

- Freed conducts regular risk assessments to ensure policies remain up-to-date and relevant 
- Our CTO is responsible for Privacy and Security 

All software changes are reviewed for compliance 

Freed practices infrastructure-as-code. All infrastructure changes are reviewed before deployment 

All engineers complete secure development practices training 

- All software changes are reviewed for compliance 
- Freed practices infrastructure-as-code. All infrastructure changes are reviewed before deployment 
- All engineers complete secure development practices training 

All hosting services and data is stored and processed within Microsoft’s Azure secure data centers 

Freed has a HIPAA Business Associate Agreement with Microsoft 

Freed leverages Azure’s high-availability infrastructure to ensure the data is always accessible 

- All hosting services and data is stored and processed within Microsoft’s Azure secure data centers 
- Freed has a HIPAA Business Associate Agreement with Microsoft 
- Freed leverages Azure’s high-availability infrastructure to ensure the data is always accessible 

All data is encrypted at-rest and in-transit using standard encryption schemes 

- All data is encrypted at-rest and in-transit using standard encryption schemes 

All Vendors who may process patient information are required to be HIPAA compliant and sign BAAs with Freed 

Freed regularly reviews vendor security practices to ensure continued high standards 

- All Vendors who may process patient information are required to be HIPAA compliant and sign BAAs with Freed 
- Freed regularly reviews vendor security practices to ensure continued high standards 

All AI models are HIPAA compliant and don’t retain data 

Protected health information is never used for AI training purposes

- All AI models are HIPAA compliant and don’t retain data 
- Protected health information is never used for AI training purposes

Patient information is encrypted at-rest and in-transit 

Patient recordings are temporarily saved in a secure and HIPAA-compliant manner until they are processed and then automatically deleted

Patient notes can be manually deleted at any time or set to automatically delete after 30 days

- Patient information is encrypted at-rest and in-transit 
- Patient recordings are temporarily saved in a secure and HIPAA-compliant manner until they are processed and then automatically deleted
- Patient notes can be manually deleted at any time or set to automatically delete after 30 days

<a href="https://www.home.getfreed.ai/platform-terms-of-use" rel="nofollow noopener noreferrer" target="_blank">Freed's Platform Terms of Use</a>

<a href="https://www.home.getfreed.ai/freed-privacy-policy" rel="nofollow noopener noreferrer" target="_blank">Freed's Privacy Policy</a>

<a href="https://app.drata.com/trust/1d1964c2-b90c-41ac-8d7c-2ea7f5af001c" rel="nofollow noopener noreferrer" target="_blank">Freed's Security and Privacy Center</a>

- <a href="https://www.home.getfreed.ai/platform-terms-of-use" rel="nofollow noopener noreferrer" target="_blank">Freed's Platform Terms of Use</a>
- <a href="https://www.home.getfreed.ai/freed-privacy-policy" rel="nofollow noopener noreferrer" target="_blank">Freed's Privacy Policy</a>
- <a href="https://app.drata.com/trust/1d1964c2-b90c-41ac-8d7c-2ea7f5af001c" rel="nofollow noopener noreferrer" target="_blank">Freed's Security and Privacy Center</a>

Freed Privacy & Security

Internal Personnel Security

Compliance

Secure Development Lifecycle

Cloud Hosting and Availability

Confidentiality and Data Encryption

Vendor Management

Artificial Intelligence

Patient Information

Additional Details