Data Use and Transparency
Roots of Compliance
How ROC-AI Handles Your Information
ROC-AI is powered by AI technology and embedded using services such as Framer and
Re:tune. These platforms may temporarily store user prompts and interactions on secure servers to operate effectively. While ROC-AI does not intentionally collect or store personally identifiable information (PII) or protected health information (PHI), users should:
· Never input sensitive or identifiable data into the tool.
· Understand that prompts may be stored on Re:tune’s platform for operational or improvement purposes.
· ROC-AI is intended for informational and decision-support purposes only, not for direct clinical or legal advice.
We believe in transparency, user control, and data security. Below is an overview of how we manage information:
No Use of PHI or PII
Users should never input protected health information (PHI) or personally identifiable information (PII) into ROC-AI. The system is designed to support general legal, ethical, and procedural guidance, not to manage individual student records or clinical data.
How ROC-AI Uses Information
No Training on User Inputs ROC-AI does not use user inputs to train its AI model. All AI outputs are based on curated legal, ethical, and professional resources, not on user conversations or identifiable data. No Selling of Data ROC-AI does not sell, share, or license data to third-party marketers or external vendors. Any de-identified analytics data used for internal improvement is kept securely and never monetized. Data is Not Retained We do not store or retain individual user input history, unless explicitly permitted for feedback, user support, or opt-in development purposes.
Security, Privacy, & Platform Information
Encryption and Technical Safeguards All interactions occur over encrypted HTTPS connections (SSL/TLS), which protects your data in transit. HIPAA and FERPA Alignment Framer complies with general web security best practices, but neither Framer nor Re:tune makes public claims about AES-256 encryption at rest, HIPAA compliance, or FERPA safeguards. The system is not a substitute for direct clinical judgment or legal counsel. BAAs Not Applicable ROC-AI does not offer Business Associate Agreements (BAAs) and should not be used to store, process, or transmit PHI.