Legal document
Privacy and Compliance Policy
Updated: April 23, 2026
At KYNODE Inc., we understand that in healthcare and humanitarian operations, privacy is more than compliance. It is an operational safeguard for vulnerable populations. The platform is designed around privacy by design and controlled offline-first operations.
1. Local processing and exposure minimization
Voice transcription, note structuring and assisted coding are designed to happen locally on the node. The platform is not intended to send identifiable patient audio or transcripts to third parties.
Cloud synchronization is limited to operational and epidemiological outputs that fit the hybrid model and the governance rules defined by the client organization.
2. Consent, control and retention
The client organization is responsible for obtaining any consent required under its jurisdiction and for operating the platform under an appropriate internal governance model.
KYNODE implements controls, traceability and bounded retention mechanisms to reduce unnecessary exposure.
3. Encryption and secure synchronization
Synchronization flows are designed to protect confidentiality and integrity through cryptographic safeguards and transport validation.
Courier devices and intermediate components should operate as opaque carriers without access to protected clinical content.
4. What travels and what does not
The cloud layer is intended to consolidate operational and epidemiological visibility aligned with anonymization and data minimization goals.
Identifiable clinical records, full clinician notes and audio are not part of the target public synchronization design.
5. Roles and responsibilities
The client organization remains the data controller and is responsible for legal basis, internal governance and data subject response obligations.
KYNODE operates as a platform and processing provider within the contracted scope.