How Hakim-DZ Protects Your Medical Data

Discover how Hakim-DZ handles your data with an architecture designed so that AI never sees patient identity. Full transparency.

Trust is built with proof

When it comes to artificial intelligence applied to healthcare, skepticism is legitimate. Questions come fast: Who can see my data? Is my medical record stored somewhere? Does the AI know my name? These concerns are valid, and they deserve clear answers — not empty reassurances.

At Hakim-DZ, we have chosen architectural transparency. This article describes precisely how your data flows through our system, why our AI never sees the patient's name, and what that means for you in practice.

Phase 1: a record summary, not a diagnosis

It is important to understand what Hakim-DZ does in its first operational phase. Our platform does not make medical diagnoses. That is not its role, and that is not what it does.

What Hakim-DZ does is summarize a medical record: extracting the relevant information, organizing it, and making it readable for a healthcare professional in seconds rather than minutes. We help physicians read faster. We do not replace their clinical judgment.

This distinction matters. It fundamentally changes the nature of data processing. We are not trying to infer a health condition from raw data. We synthesize what has already been documented by healthcare professionals, for other healthcare professionals.

Pseudonymization: the core of our architecture

The key concept that underpins all of our data processing is called pseudonymization. Here is what that means in practice.

When a medical record enters our system, the very first step — before any analysis — is to remove or replace all direct patient identifiers. First name, last name, exact date of birth, social security number, address: these elements are detached from the body of the record and replaced with an anonymous technical identifier.

The AI never sees the patient's name. Ever. It receives a document from which all personal identifiers have been stripped before any analytical processing even begins.

This is not a promise. It is a technical constraint built into the data pipeline. Even if someone wanted to work around this rule, the architecture would not allow it: the two data streams — personal identifiers and medical data — are separated from the moment they enter the system.

Pseudonymization vs. anonymization: why the distinction matters

Pseudonymization differs from full anonymization. The data can technically be re-linked to a patient via a secure matching key, held exclusively by authorized personnel within the healthcare institution. This makes it possible to:

  • Return results to the correct patient record after processing
  • Ensure traceability in the event of an audit or review
  • Uphold patients' right to access their data (GDPR, Article 15)

Full anonymization would make these operations impossible. Pseudonymization is therefore the right balance between protection and usability.

What the AI actually receives

To be even more concrete, here is what our artificial intelligence model sees when it processes a record:

  • Medical history expressed in generic terms
  • Consultation or hospitalization reports with all personal references removed
  • Test results with no reference to the patient's identity
  • A temporary technical identifier, meaningless outside the context of the session

What the AI does not see:

  • The patient's first and last name
  • Their address or contact details
  • Their social security number
  • Any information that could lead to direct identification

The summary produced by the AI is then re-linked to the correct record via the matching key, on the institution's side. This re-linking takes place in a secure environment, entirely out of reach of the AI model.

Why we are publishing this article

Transparency about the technical architecture of a digital health product is still rare. Most vendors settle for a legal privacy policy — difficult to read and even harder to verify.

We have chosen the opposite approach. We believe that the healthcare professionals who use Hakim-DZ, as well as the patients whose records are processed, have the right to understand precisely what happens with their data. Not in vague terms, but in technical and verifiable ones.

This is not a marketing argument. It is an ethical stance. AI in healthcare can only earn the trust it deserves if those who build it commit to full transparency.

In summary

If you take away three points from this article:

  • Hakim-DZ's AI never sees the patient's name, thanks to pseudonymization applied before any analytical processing takes place
  • Hakim-DZ summarizes records, it does not make diagnoses: the physician remains the sole decision-maker
  • The infrastructure is HDS-certified and processing is GDPR-compliant by design, not by declaration

Questions about our architecture or data processing? We are available to discuss them openly — with technical teams, medical leadership, or the Data Protection Officers of our partner institutions.