Responsible AI and Transparency Policy
Version 2.1 · Effective 07/01/26 · Reviewed annually and with any material change
1What we do and why this policy exists
Sensavera helps people be heard. We invite a person to share their experience in a short, guided, voice-first conversation on behalf of an organization they trust. We call each conversation a sensagram. AI runs inside that conversation. It decides what to ask next, reflects back what it heard so the person feels understood, transcribes what they say, and helps the organization understand what was shared across many conversations.
Our AI is an instrument of listening. It carries a person's voice to the organization that wants to hear it. This policy explains how we use that AI responsibly: what it does, what it does not do, and the commitments we hold ourselves to.
2Our commitment
We use AI to help people be heard and to help organizations listen better. We do not use AI to make judgments about a person, to present the AI as a human being, or in any way that trades on a person's trust. Because our work often touches health, wellbeing, and people in difficult moments, we treat disclosure, consent, safety, and human oversight as requirements rather than features.
3What our AI does and does not do
Our AI listens, asks follow-up questions, reflects back what it heard, transcribes the conversation, and helps the organization see patterns across many conversations.
It works from the words a person speaks, transcribed to text. We do not analyze voice recordings for judgment, personality, or health status.
It does not diagnose. It does not give medical or clinical advice. It does not make decisions for the person. Every output the AI produces is advisory to the organization we serve, and a person reviews inferred output before the organization acts on it.
4How we separate fact from interpretation
Sensavera distinguishes two kinds of output and never blends them.
Reportable outputs are what a person directly said or answered. Where a conversation includes structured questions, the responses are captured as given and handled deterministically. The AI does not author these.
Inferred outputs are what the AI draws from the conversation: reflections, themes, and summaries. These are identified as AI-generated, and each one links back to the source evidence it came from, so a person at the organization can check any interpretation against what was actually said.
This separation is what lets an organization trust the direct responses and read the interpretation for what it is.
5How we govern AI
Accountable owner. Responsibility for AI at Sensavera sits with our Co-Founder and Chief Technology Officer. Clinical and ethical judgment sits with our Co-Founder and Chief Health Officer, a physician researcher, who reviews AI behavior in sensitive domains.
Oversight. AI use is governed by a cross-functional review spanning product, engineering, security, privacy, and clinical judgment. This group reviews new AI behavior, model and vendor changes, and any incident involving AI.
Assessment before launch. Before we deploy a new sensagram type or a new member-facing AI behavior, we complete an AI impact assessment. It identifies the intended use, who is affected, the harms we can foresee, the criteria the behavior must meet to be fit for use, and the conditions under which it may be released. A behavior that does not meet its release conditions does not ship. This assessment is specific to each use, and we complete it for a defined use before that use goes live.
Evaluation before member exposure. We test AI behavior against scripted scenarios and real end-to-end sessions, scored by an evaluation model separate from the one being tested. A successful demonstration is not treated as evidence of quality.
Review. This policy and our practices are reviewed at least annually, and sooner when we materially change our models, our vendors, or our data flows, or when applicable regulation changes.
6Frameworks we align to
We do not adopt any framework wholesale. We align to the ones that fit healthcare and a US member base, and we claim only alignment we can support.
NIST AI Risk Management Framework. Its govern, map, measure, and manage structure shapes our governance and our impact assessments.
Coalition for Health AI (CHAI) and the Joint Commission. Their healthcare-specific guidance informs our controls for transparency, oversight, and safety.
HITRUST. We are pursuing HITRUST certification with an authorized external assessor. HITRUST integrates HIPAA, NIST, and other requirements into one validated program, and it offers an AI-specific path we intend to follow as the platform grows.
HIPAA. Our handling of protected health information follows the HIPAA Security and Privacy Rules, including access controls, auditing, and Business Associate Agreements where PHI is in scope.
ISO/IEC 42001, the international AI management-system standard, is a longer-horizon target. We structure our governance so that certification is reachable, and we do not claim it today.
7Our principles
People first. We design for the person in the conversation who may not be a confident technology user, not for the average software user. Conversations run at a plain reading level, work by voice with a text option, and are built to a WCAG 2.1 AA accessibility target.
Transparency. Before a conversation begins, a person is told in plain language by us and/or the organization that they are speaking with an AI system, that their voice is recorded and transcribed, and that a person at the organization may review what they share. An organization can adapt the wording and branding for each campaign, but that core disclosure is not optional. AI-generated summaries and analytics for the organization are identified as AI-generated.
Human oversight. No AI output is used on its own to make a consequential decision about a person. Our AI is advisory. People, not models, decide what to act on, and ambiguous cases go to a person rather than being resolved silently.
Privacy and data use. We collect only what a conversation needs. Many of our campaigns are de-identified by design: a person reaches the conversation through a generic link, is never asked to identify themselves, and no roster or identifier is collected. Where an organization provides member identity, we hold that data under a Business Associate Agreement and isolate it per organization. We do not use member content to train third-party or foundation models. We finalize data processing agreements with organizations, and business associate agreements where PHI is in scope. We are establishing formal retention schedules by data class as part of our HITRUST work. Because voice is inherently identifiable, we treat member data as identifiable and protect it accordingly rather than representing it as anonymous. Members may ask to access, correct, or delete their data, and we are building the workflows that support these rights.
Fairness. Voice and language models can perform unevenly across people. We evaluate our models across a range of member scenarios and run an independent automated check on outputs for bias, and we are extending this to explicit testing across language, dialect, accent, and age. Where we find limits, we disclose them.
Safety and clinical boundaries. Sensavera does not diagnose, treat, or give medical advice, and it is not a substitute for professional care. Our models are guardrailed against producing clinical guidance. When a person shares something that suggests elevated risk, such as self-harm or acute distress, the conversation routes to a human-reviewed screen with real, reachable crisis resources. We treat that path as a monitored safety function, and we test adversarial and unsafe inputs before deployment.
Security. Voice and transcripts are encrypted in transit and at rest. Access is authenticated, role-scoped, and limited by policy, with secrets held in a managed key store. We log access to sensitive data, including PHI reveal and export events, and are extending this to append-only audit logging and field-level masking of protected data as part of our HITRUST work. AI incidents are handled through our incident response process.
8Transparency to members
Because our conversations are warm and can feel personal, we hold a high bar for disclosure.
A person is entitled to know what the AI does with their words. In plain terms: the AI listens, asks follow-up questions, reflects back what it heard, and helps the organization understand patterns across many conversations. It does not diagnose, and it does not decide anything for the person. It works from what a person actually says.
Each campaign's disclosure wording is reviewed with the organization, within the fixed baseline that a person is always told by us and/or the organization they are speaking with an AI system, that the conversation is recorded, and that a person may review it.
We maintain a current inventory of the models and subprocessors we use, and we provide it to organizational clients on request.
9Commitments in sensitive settings
Health, wellbeing, and vulnerable people are the setting we work in, not an edge case. We hold ourselves to additional commitments there.
We state plainly that Sensavera does not provide medical or clinical advice. Where a conversation asks about health or other sensitive topics, we obtain consent that is specific and informed. Before conversations that reach vulnerable groups go live, we apply heightened testing. We minimize the sensitive data we collect and hold it only as long as the purpose requires.
10Uses we restrict and prohibit
Sensavera does not:
- Use AI output on its own to make a legal or similarly significant decision about a person, including coverage, benefits, payment, employment, credentialing, or care eligibility.
- Use member content for any purpose not disclosed when it was collected.
- Use member content to train third-party, foundation, or public models.
- Present the AI as a specific human, or hide the fact that it is AI.
- Use inferred sentiment or tone to penalize a person.
- Re-identify individuals from aggregated analytics, or expose raw sensitive content to an organization beyond the agreed, minimized, evidence-linked form.
11Review, ownership, and contact
This policy is owned by our Co-Founder and Chief Technology Officer, who is accountable for AI at Sensavera. It is reviewed annually and whenever we materially change our models, vendors, or data flows, or when applicable regulation changes. Each material change updates the version and date on this document. The current version of this policy is always available at sensavera.com/responsible-ai.
Anyone can raise a concern about our AI, or ask that an AI output be reviewed by a person, by contacting support@sensavera.com. We respond within 48 hours.