← Back to mydischarge.org
Privacy Policy
Last updated: March 17, 2026
MyDischarge is designed so that we never know who you are. We do not collect, store, or sell personal information. Your privacy is the foundation of everything we build.
What MyDischarge Does
MyDischarge helps you understand your hospital discharge paperwork by reading your documents and explaining them in plain language. You can photograph your discharge papers or type your diagnosis manually. The app processes your health and medical data solely to provide you with plain-language explanations of your discharge instructions.
Health Data We Access and Process
MyDischarge accesses and processes the following categories of health data in order to explain your discharge paperwork:
- Diagnosis information — The medical conditions listed on your discharge paperwork, used to generate plain-language explanations.
- Medication information — Medication names, dosages, and instructions from your discharge paperwork, used to explain what you were prescribed and how to take it.
- Follow-up care instructions — Doctor names, appointment dates, and follow-up instructions, used to help you understand your next steps.
- Warning signs and clinical notes — Symptoms that require an ER return and other clinical guidance from your discharge paperwork.
- Hospital and provider information — Hospital names, clinic addresses, and provider phone numbers from your paperwork, preserved so you can contact your care team.
This health data is processed solely to generate plain-language explanations, text-to-speech audio, and to answer your follow-up questions about your discharge instructions. It is not used for advertising, profiling, or any purpose other than helping you understand your discharge paperwork.
How Health Data Is Protected
Before any health data leaves your device, we apply multiple layers of on-device protection to remove all patient-identifying information:
- On-device OCR — Photos of your discharge paperwork are read using on-device text recognition (Google ML Kit). Photos are never uploaded to any server.
- On-device PII redaction — Your name, date of birth, Social Security number, insurance IDs, medical record numbers, patient phone numbers, patient email addresses, and patient home addresses are automatically detected and removed on your device before any data is transmitted. This uses both pattern-based detection (supporting 15 languages) and natural language processing (NER) to catch names that appear anywhere in the document.
- Encrypted on-device storage — Your session data (discharge summary and chat history) is stored in encrypted storage on your device (iOS Keychain / Android Keystore). It is never stored on our servers.
- Chat message redaction — If you type personal information in the chat, it is automatically redacted on your device before being sent to our server.
Only de-identified medical content (diagnosis, medications, follow-up instructions, hospital information) is transmitted to our server for processing. We never receive your name, date of birth, age, Social Security number, insurance information, home address, or any other personally identifying information.
What Leaves Your Device
- De-identified health data only — After all patient identity has been stripped, only the medical content (diagnosis, medication names, follow-up instructions, hospital/clinic information) is sent to our server for processing by a language model.
- An anonymous device token — A randomly generated identifier (not tied to your identity) is used solely for rate limiting to prevent abuse.
How Health Data Is Used
Your de-identified health data is used exclusively for the following purposes:
- Generating plain-language explanations — Your de-identified discharge text is sent to a language model to produce a structured summary of your diagnosis, medications, warnings, and follow-up instructions.
- Answering your follow-up questions — When you ask questions in the chat, your de-identified discharge text is used as context so the language model can answer questions about your specific discharge instructions.
- Text-to-speech — De-identified text is sent to a text-to-speech service to read explanations aloud. For non-English languages, speech is generated entirely on your device.
- Translation — When you change languages, de-identified chat messages are sent for translation so you can read explanations in your preferred language.
Your health data is never used for advertising, marketing, data mining, profiling, or any purpose other than those listed above.
What We Do NOT Collect or Do
- We do not create user accounts or require sign-up
- We do not store your health data or medical information on our servers
- We do not log the content of your requests on our servers
- We do not sell, share, or transfer any data to third parties for advertising, marketing, or data brokering
- We do not use analytics, tracking tools, or advertising SDKs
- We do not use cookies
- We do not display advertisements
- We do not upload or transmit your photos or images to any server
Third-Party Services
We use the following third-party service to process your de-identified health data:
- Groq — A language model provider that processes de-identified health text to generate plain-language explanations and text-to-speech audio. Groq receives only de-identified medical content with all patient identity removed. Groq does not store request data. Groq's privacy policy is available at groq.com/privacy.
No other third-party services receive any of your data. We do not use Firebase, Google Analytics, Facebook SDK, or any other third-party tracking or analytics tools.
Data Retention
- On our servers: We do not retain any data. Our server processes requests in real-time and does not store request or response content. No health data is persisted server-side.
- On your device: Your session data (de-identified discharge summary and chat history) is stored in encrypted storage on your device. You can clear this data at any time by closing the app or clearing the app's data in your device settings.
- At Groq: Groq processes requests in real-time. Refer to Groq's privacy policy for their data retention practices.
Children's Privacy
MyDischarge does not knowingly collect information from children under 13. The app does not require any personal information to use. If you believe a child under 13 has provided personal information through the app, please contact us at privacy@mydischarge.org.
Your Rights
Because we do not collect or store personal information on our servers, there is no personal data for us to access, correct, or delete. Your session data is stored only on your device under your control. You may delete it at any time by clearing the app's data in your device settings.
Medical Disclaimer
MyDischarge is not a substitute for professional medical advice, diagnosis, or treatment. It explains your existing discharge paperwork in simpler terms. Always call 911 in an emergency. Always follow up with your healthcare provider as directed in your discharge instructions.
Changes to This Policy
If we make material changes to this privacy policy, we will update the "Last updated" date above. We encourage you to review this policy periodically.
Contact
If you have questions about this privacy policy, how MyDischarge handles your health data, or wish to exercise any privacy rights, contact us at privacy@mydischarge.org.