Acceptable Use Policy

Last reviewed: May 2026

This document defines acceptable-use boundaries for Regenemm Healthcare products and services.

Regenemm systems are designed for authorised healthcare, clinical workflow, administrative, interoperability, patient-controlled sharing, and governance use.

Users remain responsible for using Regenemm systems only within their role, authority, clinical governance obligations, contractual obligations, and applicable law.

Prohibited Use

Users must not use Regenemm systems to bypass clinical review, access unauthorised data, impersonate another person, exfiltrate health information, disrupt care workflows, or attempt to weaken security controls.

Users must not:

• access information without authorisation;
• upload information they are not authorised to provide;
• disclose patient information outside an approved purpose;
• interfere with clinical workflows or availability;
• bypass release gates or human review;
• misrepresent AI-assisted outputs as independent clinical judgement;
• use Regenemm systems to generate, store, or distribute malware;
• attempt unauthorised scanning, scraping, probing, or testing;
• share credentials or tokens;
• weaken audit, provenance, consent, or release controls;
• use systems for harassment, discrimination, abuse, or unlawful activity;
• use synthetic data workflows to re-identify people or recreate patient records.

AI-Assisted Workflows

AI-assisted outputs must be treated as workflow support and must not be represented as independent clinical judgement.

Users must not use AI-assisted workflows to:

• make autonomous diagnosis or treatment decisions without authorised clinical review;
• release clinically material content without required review;
• bypass consent, role, purpose, data, tool, audit, release, or network boundaries;
• use identifiable patient data for foundation model training by default;
• rely on AI-generated content as the sole source for clinical, billing, medicolegal, or access-control decisions.

Data Handling

Users must not upload or disclose information unless they are authorised to do so and the workflow supports that purpose.

Health information, patient-identifiable information, credentials, and operationally sensitive information must be handled only in approved workflows and approved systems.

Users should avoid adding unnecessary sensitive content to support requests, issue reports, telemetry, screenshots, exports, or governance documents.

Hub, Spoke, Link, Connect, and Edge Use

Regenemm Voice acts as the Hub and clinical control plane.

Spokes must not be used as ungoverned systems of record.

Regenemm Link patient-controlled sharing must not be used to bypass consent, release, recipient, revocation, or audit requirements.

Regenemm Connect interoperability workflows must not be used to disclose information to unauthorised systems or recipients.

Edge Connector pathways must not be used to ingest unapproved data sources or bypass Hub governance.

Security Responsibilities

Users must protect credentials, report suspected compromise, and follow approved access pathways.

Users must not attempt to disable, evade, or weaken security controls, audit controls, release gates, logging, rate limits, provider boundaries, or network controls.

Reporting Concerns

Suspected security, privacy, safety, clinical governance, or acceptable-use concerns should be reported through approved Regenemm channels.