Built by our local Heidi team of doctors and AI experts. Backed by GCC clinicians.
Heidi is offering free access to Heidi Pro for small clinics in the GCC — no strings attached. Just book your personalised one-to-one onboarding call and we'll get your account set up and tailored to your clinic. See how Heidi adapts to your specialty, your workflows, and the way you work, giving you more time with patients and less time on documentation.
Heidi speaks your language. Arabic — check. Qatari dialect — check. Multilingual conversations — check. Hindi — check. Farsi — check. Urdu — check. We support over 110 languages and dialects and we're growing. See how Heidi can support your diverse healthcare setting in real time.
Heidi is built for the GCC — regionally compliant, with data stored locally in-country. Our data handling meets local Ministry guidelines, allowing you to focus on delivering patient care. Your data is fully protected.
Heidi is fully compliant with the UAE's Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and Qatar's Law No. 13 of 2016 on Privacy of Personal Data Protection, upholding the highest standards of data privacy and security so clinicians can use Heidi with confidence.
Heidi collects consent in accordance with applicable data protection laws in both the UAE and Qatar, and processes personal data lawfully to fulfil contracts with healthcare providers. Data is collected only for two defined purposes: enabling clinical documentation generation and workflow support across Heidi's products, and to enable secure access to the Heidi platform — limited strictly to what is necessary.
Data is stored in-country in the UAE and Qatar on cloud infrastructure certified to the highest international security standards, including ISO 27001 and SOC 2 Type II. This means your data stays where it belongs, under local jurisdiction, with appropriate safeguards to preserve data sovereignty and ensure Data Subjects can exercise their legal rights at all times.
Data is encrypted in transit (TLS 1.2/1.3) and at rest (AES-256), with secure key management and strict access controls. Platform access is protected by token-based authentication, Role-Based Access Control (RBAC), and MFA. Heidi maintains 24/7 incident response, with breaches reported in line with applicable legal requirements across the UAE and Qatar.
Heidi facilitates all Data Subject rights under applicable law in both jurisdictions, including access, portability, correction, erasure, restriction, and objection. Users can verify, correct, or delete their data at any time.
Heidi is an assistive documentation tool only. It does not diagnose or make clinical decisions. All outputs are reviewable and editable by the clinician. Data is retained only for the duration specified by the user or organisation, then securely and irreversibly deleted.
Heidi holds ISO 27001, SOC 2 Type II, ISO 42001, and Cyber Essentials Plus certifications, with regular independent audits conducted by accredited third parties. Our Data Protection Officer is Yassin Omar (Head of Legal and Regulatory Affairs). A DPIA is reviewed annually and upon any new feature or integration, in compliance with data protection obligations across the UAE and Qatar. For more information about our security and compliance posture, please visit our Trust Centre.