Data Processing Policy

What patient information does Aidence process?

Aidence develops and provides software solutions, based on Artificial Intelligence, to support healthcare providers with their diagnostic procedures, which include the automated diagnostic evaluation of medical images for identification and evaluation of abnormalities. These services require hospitals to send medical images to the servers of Aidence (either a server placed within the hospital or to a cloud server). Prior to sending medical images to Aidence servers, these images are required to be completely stripped from any patient identifiable information (e.g. name, patient number, date of birth, and so on). As a result Aidence does not receive, process or has direct access to any personal identifiable data which can be used to link medical images to an individual person.

How does Aidence protect Information?

In order to further safeguard medical images processed by Aidence, Aidence has installed an Information Security Management System according to the ISO 27001 management standard (EN-ISO / IEC 27001:2013 Information technology - Information Security Management Systems - Requirements). Aidence has implemented relevant technical and organisational measures in line with the requirements of the ISO 27001 standard and as required by law to safeguard the information processed pertaining to the Services provided by Aidence.

As Information Security and handling of medical images requires a high level of protection, Aidence is continuously reviewing its Information Security Management System and is implementing security measures where necessary to minimise risks related to handling of information.

As such Aidence implements:

  • •  Continuous information security risk management activities;
  • •  Internal information security audits;
  • •  Information security trainings to its staff;
  • •  Management reviews;
  • •  HR procedures and policies;
  • •  Strict information access and authorization policies;
  • •  Security measures such as state-of-the-art cryptography;
  • •  Security agreements with customers and third parties.

Storage Duration

Medical images are stored by default for 3 days on Aidence servers, before being fully erased, unless specified differently by the healthcare provider. The purpose of the 3 days data retention is for support purposes, to investigate potential bugs in odd system behaviour. Under no circumstances medical images are retained for any other purpose. Aidence does not retain back-ups thereof.

Certificate ISO 27001:2013

A copy of the ISO 27001:2013 standard is available on request from Aidence. Please contact

Enquiries regarding how Aidence protects information?

Should your healthcare provider work together with Aidence, and do you have any questions as to how your medical image(s) is (are) handled? Please contact your healthcare provider directly, they should be able to answer any question you may have. Should you have any request with regards to access, rectification, deletion, restrictions for processing, portability of your information, we also ask of you to contact your healthcare provider. Aidence does not have access to any identifiable patient data and therefore is unable to link any image we process to an individual person.

Should you have a general enquiry as to how Aidence treats medical images, please feel free to get in touch with us via