Lyrebird Health is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA) and other relevant US privacy regulations.
All sensitive health information remains within the United States and is not processed overseas, ensuring complete data sovereignty.
Furthermore, by default, Lyrebird Health never stores any information from your consults once it has concluded. Consult notes and documents can be saved at the clinician's discretion.
All information is stored on Lyrebird Health’s US Amazon Web Services (AWS) infrastructure, fully encrypted using bank-level 256-bit encryption during transit and at rest. Lyrebird Health's Data Processing Agreements with AWS ensure that any information stored is only accessible to Lyrebird Health. No party, including AWS, can access or alter information. By default, this information is stored for no longer than 7 days.
During a consult, all audio is transcribed in real-time on Lyrebird Health's US servers. At no point in time are audio files saved or permanently stored. The audio stream from the consultation is completely encrypted and securely transferred to Lyrebird Health servers.
All AI & LLM processing occurs on-premises via our US servers. No third party has access to this information. By default, Lyrebird Health immediately deletes this information unless requested to be saved by the practitioner.
Lyrebird Health has been medico-legally approved for use by Medical Defence Organisations (MDOs).
Lyrebird Health worked closely with MDA National to create their guidelines for Using AI tools for record management in doctor consultations.
The platform upholds clinical best practice at all times. This includes prompting practitioners to obtain consent prior to each consult recording and timestamp consent capturing to protect practitioners.
Lyrebird Health is exempt from the FDA’s Software as a Medical Device (FDA SaMD) regulations.
Lyrebird Health is not intended to replace the clinical judgment of a healthcare professional in making a clinical diagnosis or treatment decision for an individual patient.
Lyrebird Health’s notes are generated post-consult and are not designed to impact clinical decision-making at any time. It is the responsibility of the clinician to review all documentation generated by Lyrebird Health and ensure its accuracy.
To read more about the FDA’s SaMD guidelines, refer here.
All access to information is granted based on the fundamental principle of Least Privilege. Dictated by Lyrebird Health's business and security requirements, users granted access is strictly based on absolutely necessity to perform their job functions. Permissions and access rights not granted, are by default prohibited.
Lyrebird Health retains patient data only as long as necessary for clinical use or as required by law.
Consult recordings are automatically deleted after note generation. All generated information is set for automatic deletion after a period of 7 days, by default. Manual deletion is also available at any time.
If you have any questions, please don't hesitate to email the Lyrebird Health team at security@lyrebirdhealth.com.