Introduction

At Hivemynds, our iSeva AI-based voice agent facilitates seamless healthcare interactions by partnering with entities such as healthcare providers, EHR systems, and pharmacies. This policy outlines how we handle and share data with our partners to ensure security, compliance, and transparency in all interactions.

1. Scope

This policy applies to all data processed by iSeva in partnership with external entities, including personal, health, or sensitive information collected through voice interactions, API integrations, or other interfaces.

• •Personal identifiers (e.g., name, contact details).
• •Health-related data (e.g., appointment details, medication requests).
• •Technical data (e.g., session logs for operational purposes).

2. Our Role in Partner Data Handling

iSeva acts as a data conduit, securely transmitting information between users and authorized partner systems.

We comply with applicable privacy and data protection regulations, including the Privacy Act 1988 (Cth), HIPAA, GDPR,and other relevant frameworks depending on the region of service. We do not:

• •Store personal or health data on our systems beyond temporary processing needs.
• •Use partner-shared data for analytics, marketing, or other purposes unless explicitly authorized.
• •Share data with unauthorized third parties.

3. Data Collection and Sharing with Partners

iSeva collects and shares data with partners to enable features like appointment scheduling, medication refills, and diagnostic results notifications. Data shared includes:

• •Voice input data (e.g., user commands for scheduling or refills).
• •Processed outputs (e.g., appointment confirmations, notifications of diagnostic results).
• •Metadata for integration (e.g., user session IDs).
• •Data sharing with partners is subject to user consent where legally required. Users are informed of the purpose of data collection, how it will be used, and the recipients of their data before processing occurs.

Data is shared only with partners under strict contractual agreements, ensuring:

• •Data minimization to share only what is necessary.
• •Secure transmission via encrypted channels using APIs (e.g., FHIR-compliant interfaces).
• •Compliance with partner-specific data handling requirements.

4. Data Security for Partnerships

We implement robust measures to protect data during collection, processing, and transmission to partners, including:

• •End-to-end encryption using HTTPS and TLS 1.2+ for data in transit.
• •Role-based access controls (RBAC) to limit partner access to authorized data.
• •Secure cloud infrastructure (e.g., AWS regions selected by partners).
• •Regular security audits and penetration testing to ensure compliance.
• •Work with trusted sub-processors and third-party service providers (such as cloud hosting, communication APIs, or infrastructure vendors) that ensure ongoing compliance with data protection laws.

5. Partner Responsibilities

Our partners (e.g., healthcare providers, EHR vendors) are contractually obligated to:

• •Adhere to the Australian Privacy Principles, My Health Records Act, HIPAA, GDPR, and other applicable regulations for shared data.
• •Implement their own security measures for data received from iSeva.
• •Restrict data use to agreed-upon purposes (e.g., patient care, billing).

6. Data Retention and Deletion

• •iSeva does not retain personal or health data after transmission to partners.
• •Temporary session data is deleted automatically post-processing.
• •Partners are responsible for their own data retention policies, as outlined in our agreements.

7. Data Access and Control

As iSeva does not store data, requests for access, correction, or deletion should be directed to the partner organization (e.g., healthcare provider or EHR system) that retains the data. We can facilitate such requests if authorized by the partner.

8. Data Breach Response

In the unlikely event of a data breach involving iSeva's systems, we will:

• •Immediately assess the breach's scope and impact.
• •Notify affected partners promptly, as per contractual obligations.
• •Support partners in investigation and remediation efforts.

9. Policy Governance

• •This policy is regularly reviewed to align with evolving regulations, technologies, and partnership needs.
• •All Hivemynds staff and contractors involved in iSeva partnerships receive training on data handling practices.
• •Partners are expected to adhere to this policy as part of our collaboration agreements.

10. Partner with Confidence

We are committed to fostering trusted partnerships by ensuring secure and compliant data handling for iSeva's AI-based voice agent. For questions or to discuss partnership opportunities, please contact us at:

Email: support@hivemynds.com

Ready to collaborate? Get in touch to explore how iSeva can enhance your healthcare services.