Your data, kept safe.

Only you. Your identifiable records - your name, exact dates, and free-text notes - stay inside your care provider's own private OurPrisma database. They are never shown to other patients, and they are never sent to our AI.

When OurPrisma shows you how you compare to people on a similar path, those comparisons run on data that has first been de-identified, so no individual can be picked out.

Before any of your data is used to find patterns across patients or answered on by our AI, it is stripped to the HIPAA Safe Harbor standard. In practice that means:

• Direct identifiers - name, contact details, record numbers - are removed.
• Exact dates are reduced to the year.
• Any names, places, or identifiers left in free text are replaced with neutral markers.

This transformation happens before the data ever leaves the system that holds your identity. The AI and analytics systems only ever receive the de-identified version.

No. The assistant and all cross-patient analysis run in a completely separate system that is built to never receive identifiable data. It works only on the de-identified version of records, so it can help you make sense of your history and the patterns around it without ever knowing who you are.

Your identifiable records live in a database dedicated to your care provider or program - they are not pooled into one shared database with other organizations. Only the de-identified data needed for AI and cohort patterns is sent onward, to a separate system that holds no identities.

Cohort views enforce a minimum group size (k-anonymity): a figure is only ever shown when there are enough people in the group that no single person could be re-identified from the result. You see what's typical and where you fit - never any individual stranger's data.

Yes - both in transit and at rest. Everything moving between your device and OurPrisma travels over an encrypted connection (TLS/HTTPS), and your stored data is encrypted on our servers. See our Privacy Policy for the full list of safeguards.

No. We do not sell your identifiable health information, and we do not use cookies or tracking to build advertising profiles or share your activity with ad networks. Data is shared with research partners only with your separate, explicit consent. The full picture is in our Privacy Policy.

Your account is protected by your password plus optional extra layers you control: two-factor authentication with an authenticator app, and passkeys (sign in with your device's Face ID, Touch ID, or fingerprint instead of a password). New accounts also verify your email before they can be used.

You can turn on biometric unlock, which gates the app behind Face ID, Touch ID, or your Android biometric every time it's opened. Your sign-in tokens are stored in the device's secure keychain (the same hardware-backed vault the operating system uses), not in ordinary app storage - so they can't simply be read off the device.

Screens that show health information block screenshots and screen recording, and they're hidden with a blur in the app-switcher preview - so a glance at your recent apps, or a screenshot, won't expose your records.

Yes. All traffic is encrypted with TLS, and the mobile app uses certificate pinning - it checks that it's talking to the real OurPrisma servers and refuses connections that have been tampered with. That defends against interception on untrusted networks like café or airport Wi-Fi.

If the app detects that a device is jailbroken or rooted - which weakens the protections the operating system normally provides - it shows you a warning banner so you understand the risk. You stay in control of how you proceed.

The web app talks to the same protected backend over encrypted HTTPS, with the same account protections (password, two-factor, passkeys) and the same de-identification boundary for AI and analytics. Some hardware-specific features - like biometric unlock and screenshot blocking - are mobile-only because they depend on the phone's operating system.

No. Research participation is strictly opt-in. You can use OurPrisma entirely for yourself and share nothing with studies - and if you do opt in, you can change your mind at any time from your account settings, without losing access to any core features.

Yes. You have the right to request a copy of the personal information we hold about you. Email privacy@ourprisma.com and we'll handle your request - see Your Rights Over Your Data for details.

Yes - at any time. Follow the steps on the account deletion page. Once your request is verified, we permanently delete your account and associated health data. (De-identified data already pooled into aggregate datasets is no longer attributable to you and can't be pulled back out.)

If you spot something that looks wrong - unauthorized access to your account, or a suspected vulnerability in OurPrisma - email security@ourprisma.com. We take every report seriously and will not penalize good-faith disclosures.

No. OurPrisma helps you understand your own records and the typical patterns in patients like you, so you can have better conversations with your care team. It is not a substitute for medical advice, diagnosis, or treatment from a qualified clinician. If you're experiencing a medical emergency, call your local emergency number.

OurPrisma is built around HIPAA. We apply administrative, technical, and physical safeguards consistent with the HIPAA Security Rule, sign Business Associate Agreements with vendors that handle protected health information, and honor your HIPAA rights. The specifics are documented in our Privacy Policy.

OurPrisma runs on iPhone and iPad (iOS), on Android phones and tablets, and in any modern web browser at app.ourprisma.com. Your data stays in sync across all of them.

OurPrisma is free for individual patients. If your care team or research program gave you a link, any costs are covered by them.