Our AI principles
- Human oversight. Every AI-assisted decision affecting a person remains subject to meaningful human review.
- Purpose-limited data. We do not use patient clinical data to train any model, internal or external. Doctena does not train or maintain its own AI model.
- EU residency. AI features that touch personal data run on EU-hosted infrastructure or under SCCs with documented Transfer Impact Assessments.
- Explainability. Features powered by AI are labelled clearly in the user interface.
- Reversibility. Every AI feature can be disabled by the practitioner customer for their tenant.
AI voice assistant
Doctena offers practices an optional AI voice assistant, a telephone tele-secretary that answers calls, books, cancels and reschedules appointments, and routes callers to the right place. It is offered to a practice as an option; the practice decides whether to enable it. This is the one AI system that a patient may interact with directly, so we describe it in full below.
- You are told it is an AI. At the start of the call the assistant tells the caller they are speaking with an AI assistant, in line with the EU AI Act's Article 50 transparency duty.
- A human handover is available. A caller can ask to be put through to a person rather than continue with the assistant, and a human fallback can always be set.
- EU-hosted. The assistant runs on EU infrastructure (AWS Frankfurt), and explicit consent is collected before the call is processed.
- It does not decide about your care. The assistant routes calls and handles scheduling; it makes no automated decision about your treatment. The practitioner retains all booking and clinical decisions, so there is no solely-automated decision within the meaning of Article 22 GDPR.
- Human oversight. In line with EU AI Act Article 14, a person can always step in and override the assistant, and its outputs are reviewable.
- No training on patient data. Doctena's contract with the vendor forbids it from training its models on patient data. Doctena does not train or maintain its own AI model.
- Governed and assessed. The assistant is governed by Doctena's AI Usage & Governance Policy and Standard and is covered by a Data Protection Impact Assessment. Our AI governance is inspired by ISO/IEC 42001; we are not certified against it.
- Retention. Call data is kept for as long as the practitioner data retention period (by default three years), or until a deletion or anonymisation request, and is anonymised when the practitioner leaves the platform.
Where AI is used internally
Beyond the voice assistant, Doctena's other uses of artificial intelligence are internal assistive tools that support our own teams. They are not visible to patients or practitioners and do not act on patient clinical data. The list below is exhaustive at the date of this page.
| Internal use | What it does | Provider | Human-in-the-loop? |
|---|---|---|---|
| Drafting and research | Drafting assistance and internal research for Doctena staff. | OpenAI | Mandatory human review of any AI-generated content; not used for clinical decisions. |
| Meeting notes | Summarisation of internal meetings. | Google Gemini | Notes reviewed by staff before they are relied on. |
| Software development | Coding assistance and documentation lookup by Doctena engineers, in an enterprise environment with no training on customer code. | Anthropic (Claude Code) and Cursor AI | Every generated suggestion is reviewed by the engineer before commit; PR review is mandatory. |
| Office productivity | Assistive features within our office suite (Docs, Slides, Sheets). | Google Workspace via Gemini | All outputs are reviewed by the staff member using the tool. |
| Internal communications | Summarisation and search assistance within our internal messaging tool. | Slack AI | All outputs are reviewed by the staff member using the tool. |
| Support-response assistance | Assists support agents in drafting and classifying responses to inbound support tickets. Suggestion only; final triage and reply are human. | AI integrated into Zendesk | Human oversight of support responses. |
| Task management | Assistive features within our internal task-management tool. | Asana AI | All outputs are reviewed by the staff member using the tool. |
More of the tools we use are adding AI features over time. Each one is evaluated under Doctena's internal AI governance process before it is activated. Doctena does not train or maintain its own AI model.
Where AI is not used
Doctena also does not currently operate:
- Automated clinical decisions or treatment recommendations.
- No AI system automatically rejects patients or filters appointments.
- Biometric identification or emotion recognition.
- AI-generated voice or video impersonating a practitioner or a patient.
EU AI Act applicability
Under Regulation (EU) 2024/1689 ("AI Act"), Doctena acts as a deployer of the AI features described above. We classify them as follows:
- AI voice assistant. The directly-applicable EU AI Act duty is the Article 50 transparency obligation (callers are told they are interacting with an AI). Because the assistant processes health data, Doctena classifies it as high-risk under its internal risk framework and applies high-risk-grade governance to it: a Data Protection Impact Assessment, documented human oversight and sub-processor controls on the vendor.
- Internal deployer use. Software development, drafting and research, meeting notes, office productivity, internal communications, support-response assistance and task management. These tools are used internally only; patients and practitioners do not interact with them. The Article 50 transparency duties for these systems rest with the tool vendors as providers. Our operative duty as deployer is AI literacy under Article 4, in force since 2 February 2025 and implemented through our AI usage policy and staff training. Article 50(4) would apply only if we published AI-generated text to inform the public; our mandatory human review and editorial responsibility cover that case.
- Prohibited (Article 5). Not applicable. Doctena does not deploy any of the prohibited AI practices, which apply since 2 February 2025. The pending omnibus adds two further prohibitions from 2 December 2026, which are equally not applicable to Doctena.
Should Doctena build a high-risk AI system, the provider conformity assessment under Article 43 will be conducted before it is placed on the market. Should Doctena deploy a third-party high-risk system, we will meet the deployer obligations under Article 26 and, where required, carry out a Fundamental Rights Impact Assessment under Article 27 before deployment.
Human oversight
Every AI-assisted decision affecting an identified or identifiable person can be reviewed by a Doctena employee on request. A human fallback can always be set, so a person can step in wherever an AI feature is in use.
Training data and model providers
Doctena does not train foundation models and develops no proprietary AI or machine-learning models. Where we use third-party AI features, the training of the underlying model is the responsibility of the provider, and that training was performed on the provider's own training data, not on Doctena customer or patient data.
Our contracts with each AI provider explicitly:
- Prohibit the use of Doctena prompts, completions or context for further training.
- Confirm the retention of inputs and outputs (zero retention preferred, otherwise short-window).
- Place processing inside the EU/EEA or under SCCs with a documented Transfer Impact Assessment.
Your choices
- Patients: the only AI a patient may interact with directly is the AI voice assistant, where enabled by the practice, and the assistant tells you it is an AI at the start of the call and lets you ask to be put through to a person. If you contact support, the answer you receive may have been AI-assisted, for example to help identify and narrow the issue or to phrase the reply; support replies may be AI-assisted, and we maintain human oversight of support responses.
- Practitioners: the AI voice assistant is optional and is enabled upon subscription; internal assistive tools are not exposed to practitioner workspaces.
- Doctena employees: internal AI tools are opt-in by team, governed by the AI usage policy and the data classification policy.