How Symetri Stores Patient Data
Everything Stays on Your Device
Symetri is a fully local app. There is no cloud server, no account sync, no external data transmission.Local only
iOS encryption
Face ID lock
Screen recording blocked
Patient Consent Fundamentals
Why Written Consent Matters
Even if a patient verbally agrees to photos, publishing them without documented consent creates legal liability. Written consent:- Protects your practice if the patient later claims they didn’t agree
- Specifies exactly what the photos can be used for
- Complies with HIPAA’s authorization requirements
- Is a professional standard expected by regulatory bodies in most jurisdictions
Minimum Consent Elements
A valid patient photo consent form should include:- Patient identification — name, date of birth, date of signing
- Description of the photos — body area, treatment, approximate dates
- Purpose statement — what the photos may be used for
- Scope of use — internal records vs. social media vs. marketing
- De-identification option — whether patient allows face to be shown or prefers eye blur
- Right to withdraw — patient can revoke consent for future use
- Patient signature and date
- Witness or practitioner signature
Consent Categories
Patients should consent to specific uses, not blanket permission:HIPAA Considerations (US Practices)
Are Patient Photos PHI?
Yes. Patient photographs are Protected Health Information (PHI) under HIPAA when associated with a patient’s identity and medical treatment — even if the photo doesn’t show the face.Publishing Before/After Photos
To publish a patient photo on social media or your website, you need a HIPAA-compliant Authorization specifying:- The information to be disclosed (the photos)
- Who can view it (the public)
- The purpose (marketing, education)
- An expiration date or event
- The patient’s right to revoke
De-Identification as an Alternative
HIPAA allows publishing photos without authorization if the image is de-identified. For facial photos, this typically requires:- Eyes obscured (use Symetri’s Eye Blur feature)
- No visible tattoos, birthmarks, or identifying features
- No name, date, location, or other metadata in the image
State Law May Be Stricter
Many US states have medical privacy laws stricter than HIPAA — California (CMIA), New York, Texas, and others. Always check state-specific law for your practice location.International Considerations
EU / UK (GDPR / UK GDPR)
EU / UK (GDPR / UK GDPR)
Australia
Australia
Canada
Canada
Using Symetri’s Privacy Features
Eye Blur for Published Photos
For any photo where the patient has not consented to full face identification, enable eye blur before exporting.Open the case editor
Tap the Eye icon in the toolbar
Toggle Eye Blur on
The AI automatically detects and blurs both eyes
Adjust position and intensity with the sliders if needed
Consent-Based Case Naming
Use a naming convention to flag consent status directly in the case name:Deleting Patient Data
If a patient revokes consent or requests deletion:Open Symetri and find the case
Delete the case — permanently removes the case record and all image files from the app
Delete any exported files from your Photos library
Remove any files uploaded to social media or your website from those platforms
Recommended Consent Workflow
Before the First Appointment
Send a photo consent form with your intake paperwork. Digital forms (DocuSign, PracticeBetter, etc.) create a timestamped record.At the Appointment
- Confirm the patient signed the consent form.
- Note which categories they consented to.
- Encode consent status in the case name (
- OK,- EYES, or- NO).
Before Posting
- Check the case name consent flag.
OK→ export with full branding.EYES→ enable eye blur, export.NO→ records export only, do not post.
Device Security Checklist
Strong passcode — 6-digit or alphanumeric, not Face ID alone
Auto-lock set to 30 seconds or 1 minute (Settings → Display & Brightness → Auto-Lock)
iCloud backup enabled — so data survives if device is lost
Find My iPhone enabled — device can be remotely wiped if lost or stolen
Do not share the device with non-clinical staff for patient-facing use
Face ID / Touch ID enabled for Symetri (prompted on first launch)

