Privacy isn't a checkbox at Lisner. It's the architecture. Voice never leaves the device. Data is never sold. Consent is always patient-controlled.
Lisner's HIPAA compliance program is independently verified and maintained by Accountable HQ. This includes policies, workforce training, risk assessments, and Business Associate Agreement infrastructure.
A BAA is executed with every clinical partner before any PHI enters the system. Contact privacy@lisner.ai to initiate a BAA.
Request BAA →The most sensitive data — the patient's voice — is processed entirely on-device using WhisperKit. No audio file is ever created, stored, or transmitted. Only the text transcript the patient chooses to share reaches our servers.
Recorded locally, never saved as a file
WhisperKit — runs entirely on the iPhone
Only text the patient approves leaves the device
TLS 1.2+ HTTPS — no unencrypted transmission
AES-256 at rest — Google Cloud Firestore
We believe in transparency about what we've achieved and what we're working toward. We will never claim a certification we don't hold.
Verified by Accountable HQ. BAA available. Policies, training, and risk assessments in place.
Business Associate Agreement executed with Google Cloud for Firebase / Firestore PHI handling.
WhisperKit on iOS — voice never transmitted. Zero audio retention by architectural design.
Third-party security assessment scheduled for Q3 2026 prior to scaled clinical deployment.
Audit period initiated as we scale to enterprise clinical customers. SOC 2 Type II target: Q4 2026.
Information security management certification aligned with international healthcare requirements.
Our security team responds to all inquiries within one business day. For BAA requests, contact privacy@lisner.ai.