Lucid Rare

Privacy Policy

Last updated: April 11, 2026

Data Collection

Lucid collects only the clinical data you explicitly provide during active diagnostic sessions. We do not collect personal information beyond what is necessary for clinical analysis. All data is processed in real-time and is not stored persistently unless you explicitly choose to save your session.

Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in Transit: All data is encrypted using TLS 1.3 when transmitted over the network
  • Encryption at Rest: Any stored data is encrypted using AES-256 encryption
  • Access Controls: Strict access controls ensure only authorized personnel can access system data
  • Regular Audits: Security practices are regularly audited and updated

Data Usage

Your clinical data is used solely for the purpose of:

  • Generating differential diagnoses based on provided symptoms and clinical findings
  • Retrieving relevant scientific literature and evidence
  • Providing clinical decision support during your active session

We do not use your data for marketing, advertising, or any purpose beyond clinical assistance.

Data Retention

Clinical data is retained only for the duration of your active session. By default, no data is stored persistently. If you choose to save a case, you can delete it at any time. We do not retain data beyond what is necessary for the clinical service you request.

Your Rights

You have the right to:

  • Access: View all data processed during your session
  • Deletion: Clear session data at any time using the "Clear Case" function
  • Export: Export your clinical case data in a structured format
  • Correction: Edit and modify extracted data during the review stage

Third-Party Services

OpenAI

We use OpenAI's GPT-4o API for clinical data extraction and analysis. Data shared with OpenAI is subject to their Business Terms and data processing agreement. We do not share patient identifiers or personal information beyond anonymized clinical notes.

OpenAlex

We query OpenAlex, a public scientific literature database, to retrieve relevant research papers. Only search queries (not patient data) are sent to OpenAlex. OpenAlex is a non-commercial, open-access service.

Compliance

Lucid is designed with healthcare data privacy in mind. While we implement security measures aligned with HIPAA and GDPR principles, please note that Lucid is a clinical decision support tool and should be used in accordance with your institution's policies and applicable regulations.

Contact

If you have questions about this privacy policy or our data handling practices, please contact us through your institution's designated channels.