HI
HI Agents AI Agents Marketplace
Back to Home

Privacy Policy

Last updated:

1. Introduction

Welcome to HI Agents. We operate the AI Agents Marketplaceā€”a platform designed to provide safe, governed AI agents for clinical workflows, administrative tasks, and patient intake. This Privacy Policy describes how we collect, use, and protect your information.

Important note regarding Patient Data (PHI): When we process Protected Health Information (PHI) on behalf of healthcare providers (Covered Entities), we act as a Business Associate under HIPAA. In these cases, our use and disclosure of PHI is strictly governed by the applicable Business Associate Agreement (BAA), not this general Privacy Policy.

2. Information We Collect

We collect different types of data depending on how you interact with our platform:

  • Account & Contact Information: When you request a demo, register for the marketplace, or contact us, we collect your name, email address, job title, health system affiliation, and contact details.
  • Platform Usage Data: We automatically collect telemetry regarding how you interact with the marketplace, such as IP addresses, login timestamps, agent deployment metrics, and device information to monitor platform health and security.
  • Clinical Data (PHI): When you actively deploy AI agents (e.g., Clinical Notes Agent, Triage Agent), the system processes clinical documents, transcriptions, and patient data. This data is handled in secure enclaves strictly subject to your organization's BAA.

3. How We Use the Information

We use the collected information for the following purposes:

  • Service Delivery: To operate the AI Agents Marketplace, authenticate users, process clinical text through LLMs, and route information back to your EHR.
  • Security & Compliance: To maintain strict audit logs, monitor for suspicious activity, and enforce access controls required by healthcare regulations.
  • AI Model Training: We never use Customer PHI to train foundational Large Language Models (LLMs). We may use de-identified, aggregated telemetry data strictly to improve platform routing and performance, assuming it complies with our BAA.
  • Communication: To send platform updates, security alerts, and administrative notifications.

4. How We Protect Your Data

We implement enterprise-grade security measures designed specifically for healthcare environments:

  • Encryption: All data is encrypted at rest (AES-256) and in transit (TLS 1.2+).
  • Zero-Trust Architecture: Access to the AI agents and patient data requires strict authentication and authorization.
  • Data Residency: Customer data is confined to specific geographic cloud regions according to your contractual requirements.

5. Sharing Your Information

We do not sell your personal information or patient data. We only share information in the following circumstances:

  • Sub-processors: With trusted third-party cloud infrastructure and LLM providers who have executed downstream BAAs with us to ensure PHI remains protected.
  • Legal Requirements: If explicitly required by law, subpoena, or to protect the safety and rights of HI Agents or others.

6. Your Rights

Depending on your jurisdiction, you may have rights regarding your personal data (such as access, correction, or deletion). If you are a patient whose data was processed by our AI Agents via a healthcare provider, please contact your provider directly to exercise your HIPAA rights, as they serve as the Data Controller / Covered Entity.

7. Contact Us

If you have any questions about this Privacy Policy, data privacy, or security practices, please contact our Data Protection and Compliance team at:

Email: hello@hiagents.digital