TRUST
Stewardship above and beyond HIPAA
TRUST
Stewardship above and beyond HIPAA
TRUST
Stewardship above and beyond HIPAA
OUR PHILOSOPHY
OUR GUARANTEES
A letter from our CEO:
Most companies send you a checklist of acronyms and inscrutable technical jargon and call it a day. While that information is important (see "Our Guarantees" above), I want to share how we think more broadly about stewardship of your data, practice, and patients.
We take a counterintuitive approach: to require as little trust as possible.
While we're committed to earning your trust over time, we know we can't expect it on day one. That's why we rely on an even more powerful force: aligned incentives.
One of the best tools to align incentives is the humble contract. Ink on paper, enforced by government. We use this tool to constrain ourselves such that it would be both challenging and extremely unwise to act against your interests.
We sign a highly restrictive, single-purpose Business Associate Agreement (BAA) with each healthcare provider we work with. This contract is deliberately designed to reduce our own flexibility in exchange for more strongly aligning our incentives with yours — and your patients.
Our BAA allows us to do one thing and one thing only with your PHI: help you find treatment alternatives for your patients.
We cannot sell your PHI
We cannot license your PHI
We cannot use your PHI for marketing
We cannot train models with your PHI
If we ever want to expand the services we can offer utilizing PHI, we'll need your explicit permission through a new BAA. And this all remains true if we get acquired or take new investment, too.
My cofounder and I previously led software engineering teams at Palantir where we built data infrastructure for intelligence agencies, energy producers, and pharmaceutical companies — some of the most justifiably paranoid organizations on Earth. Much of our work was to carefully control data usage, including inventing one such system that's used today to protect tens of millions of patient records at the NIH, the UK's NHS, and other institutions.
We're intimately aware of the types of threats that sensitive datasets face — both malicious and inadvertent; internal and external. When vendors tell you "there's no reason to worry", I promise they're not thinking hard enough.
We worry every day. We channel that concern into a comprehensive approach to data stewardship that goes beyond basic compliance and shapes every aspect of our business model, technology, and operations.
CEO & Co-founder
OUR PHILOSOPHY
OUR GUARANTEES
A letter from our CEO:
Most companies send you a checklist of acronyms and inscrutable technical jargon and call it a day. While that information is important (see "Our Guarantees" above), I want to share how we think more broadly about stewardship of your data, practice, and patients.
We take a counterintuitive approach: to require as little trust as possible.
While we're committed to earning your trust over time, we know we can't expect it on day one. That's why we rely on an even more powerful force: aligned incentives.
One of the best tools to align incentives is the humble contract. Ink on paper, enforced by government. We use this tool to constrain ourselves such that it would be both challenging and extremely unwise to act against your interests.
We sign a highly restrictive, single-purpose Business Associate Agreement (BAA) with each healthcare provider we work with. This contract is deliberately designed to reduce our own flexibility in exchange for more strongly aligning our incentives with yours — and your patients.
Our BAA allows us to do one thing and one thing only with your PHI: help you find treatment alternatives for your patients.
We cannot sell your PHI
We cannot license your PHI
We cannot use your PHI for marketing
We cannot train models with your PHI
If we ever want to expand the services we can offer utilizing PHI, we'll need your explicit permission through a new BAA. And this all remains true if we get acquired or take new investment, too.
My cofounder and I previously led software engineering teams at Palantir where we built data infrastructure for intelligence agencies, energy producers, and pharmaceutical companies — some of the most justifiably paranoid organizations on Earth. Much of our work was to carefully control data usage, including inventing one such system that's used today to protect tens of millions of patient records at the NIH, the UK's NHS, and other institutions.
We're intimately aware of the types of threats that sensitive datasets face — both malicious and inadvertent; internal and external. When vendors tell you "there's no reason to worry", I promise they're not thinking hard enough.
We worry every day. We channel that concern into a comprehensive approach to data stewardship that goes beyond basic compliance and shapes every aspect of our business model, technology, and operations.
CEO & Co-founder
OUR PHILOSOPHY
OUR GUARANTEES
A letter from our CEO:
Most companies send you a checklist of acronyms and inscrutable technical jargon and call it a day. While that information is important (see "Our Guarantees" above), I want to share how we think more broadly about stewardship of your data, practice, and patients.
We take a counterintuitive approach: to require as little trust as possible.
While we're committed to earning your trust over time, we know we can't expect it on day one. That's why we rely on an even more powerful force: aligned incentives.
One of the best tools to align incentives is the humble contract. Ink on paper, enforced by government. We use this tool to constrain ourselves such that it would be both challenging and extremely unwise to act against your interests.
We sign a highly restrictive, single-purpose Business Associate Agreement (BAA) with each healthcare provider we work with. This contract is deliberately designed to reduce our own flexibility in exchange for more strongly aligning our incentives with yours — and your patients.
Our BAA allows us to do one thing and one thing only with your PHI: help you find treatment alternatives for your patients.
We cannot sell your PHI
We cannot license your PHI
We cannot use your PHI for marketing
We cannot train models with your PHI
If we ever want to expand the services we can offer utilizing PHI, we'll need your explicit permission through a new BAA. And this all remains true if we get acquired or take new investment, too.
My cofounder and I previously led software engineering teams at Palantir where we built data infrastructure for intelligence agencies, energy producers, and pharmaceutical companies — some of the most justifiably paranoid organizations on Earth. Much of our work was to carefully control data usage, including inventing one such system that's used today to protect tens of millions of patient records at the NIH, the UK's NHS, and other institutions.
We're intimately aware of the types of threats that sensitive datasets face — both malicious and inadvertent; internal and external. When vendors tell you "there's no reason to worry", I promise they're not thinking hard enough.
We worry every day. We channel that concern into a comprehensive approach to data stewardship that goes beyond basic compliance and shapes every aspect of our business model, technology, and operations.
CEO & Co-founder
Further questions?
We're always happy to talk about security and privacy. Reach out to support@getnovelcare.com to learn more about our approach.
