This is huge, congrats on the beta launch! Love the new self-serve demo, and the fact you guys are open-source. Having that option to self-host is always ideal IMO.
We definitely share the same opinion in regards to treating medical data like hazardous waste. Right now our solution is entirely pass-through, but down the road if we're storing data, we won't be just relying on the fact we're HIPAA & SOC 2 compliant, but instead we'll be approaching safe storage as a life-or-death priority. This is why we believe open-source has a huge advantage - by allowing our code to be audited by the world. What we're doing with the data will ultimately be visible for the world to see. We also won't be selling to someone less scrupulous, as we're the ones trying to set the standard in the space.
We definitely understand your concerns here, and appreciate your thoughts in regards to sharing private health information.
One thing to note is almost all of our customers so far are healthtech and healthcare companies that are primarily interested in improving the outcomes of their own patients. Wearables and consumer health data aside, access to medical records in the US is currently a huge problem, as many individuals still aren't able to access their own medical records, largely due to gatekeeping by hospitals and other medical providers who use proprietary systems. We wanted to go after this problem with the main goal of improving patient outcomes at the end of the day, and provide a legitimate alternative to the proprietary players that exist in the space who make access to data much more difficult and expensive than it should be.
Appreciate your perspective on this! We definitely understand the concern for not wanting anyone to have access to your medical data without your explicit consent, so that's why we're approaching this with the idea of ultimately leaving the individual in charge at the end of the day. It should really be up to the individual if they want to allow access to their data, but if they do, it should be as seamless as possible for them. This is exactly the future we see for personal health data, and is the sort of system we would want ourselves.
Of course this should be done in a secure and private manner as well, which is why we're HIPAA & SOC 2 compliant, and are only a pass-through solution with no actual data being stored.
