Safety is the product,
not an afterthought.
Mental health AI carries real stakes. Citt.ai was built with crisis detection, human oversight, and clinical accountability at its foundation, not bolted on later.
Measured against concrete targets
Targets evaluated via automated adversarial test suite (CEP v2). Automated adversarial test suite (CEP v2)
The Citt Safety Architecture
Four layers that work together to ensure no patient in distress falls through the cracks.
Crisis Detection on Every Message
quickRiskCheck() runs on every patient message (web chat, WhatsApp, and multi-agent paths). 200+ crisis signals covering suicidal ideation, self-harm, abuse, and obfuscation attempts.
Human in the Loop
Every AI output carries provenance and confidence scores. Therapists review, approve, or override AI-generated clinical content. Crisis events trigger immediate therapist notification.
Full Audit Trail
Every safety decision, crisis event, and clinical action is logged with timestamps, user IDs, and context. Immutable audit log for clinical accountability and regulatory review.
Privacy-Sensitive Data Handling
Encryption, access controls, audit logs, and vendor controls support privacy-sensitive care environments and HIPAA-regulated deployments.
Platform safety in practice
Aggregate counts only. No individual patient data.
Tested against attacks designed to defeat it
Our CEP v2 evaluation framework includes dedicated test cases for the failure modes that have caused harm elsewhere: obfuscated crisis language, jailbreak attempts, and gradual escalation patterns designed to slip past keyword filters.
How patient records are created
Therapists can run their full practice in Citt.ai, including for patients who have not yet signed in to the patient portal. We treat those records as Controller-owned care data from the moment they are created and gate every patient-facing feature behind an explicit claim step.
Managed records
A therapist on Plus or Full Access can add a patient by name and email. The record is owned by the therapist's practice and supports scheduling, notes, billing, and transcription. Until the patient claims, no chat, check-ins, assessments, or WhatsApp messages are sent to them.
Claim attaches identity
When the patient is ready, the therapist sends a claim invite. The invite is a 14-day, single-use, HMAC-hashed token. Claiming attaches authentication credentials to the existing record. We do not create a second account or duplicate the data.
Cross-tenant safety
If the patient's email is already on another therapist's roster, the new therapist gets the same response shape as a brand-new creation. No cross-tenant data is revealed. Every cross-tenant link is logged at high severity, the patient is notified where they have claimed, and prior therapists receive a heads-up.
Controller / Processor split for managed records
The therapist or clinic is the Controller for managed care data from creation. Citt.ai is the Processor for the practice-management surface and acts as an independent Controller only for limited security, abuse, fraud, and audit purposes. After the patient claims, patient-facing surfaces follow the standard patient-AI allocation in our DPA template.
Data Practices
We are transparent about who processes your data and why. We maintain contractual and privacy terms for the services listed below and provide DPA materials for customer review on request.
| Sub-processor | Purpose | Data Categories | Location | Safeguard |
|---|---|---|---|---|
| AWS (database and storage) | Database and object storage | Account data, patient-care data, files, logs | US / EU | Encryption, access controls, contractual terms |
| OpenAI | AI chat responses, transcription | Conversation content, prompts, transcription payloads | US | Contractual controls, no training on API customer data by default |
| AWS (application hosting) | Application hosting | Infrastructure processing and operational logs | US / EU | Encryption, access controls, contractual terms |
| Stripe | Payment processing | Payment tokens, subscription metadata | US | PCI DSS Level 1 |
| Demo scheduling, optional calendar integrations, and consent-gated website measurement | Demo-booking contact details, calendar metadata, device identifiers, and consented website measurement data | US / EU | Consent gating where applicable, contractual terms, and vendor transfer commitments | |
| Meta (WhatsApp Business) | Messaging channel | Messages (when opted in) | US / EU | Platform terms, DPA commitments |
| Resend | Transactional email | Email addresses, notification content | US | SOC 2, TLS encryption |
| Mailgun | GTM outbound email | Email addresses, marketing content | EU | SOC 2, GDPR DPA |
| Deepgram | Real-time transcription | Audio streams where transcription is enabled | US | Contractual restrictions and security controls |
Evaluating Citt.ai for your organisation?
We provide full technical documentation, safety architecture whitepapers, and can arrange a clinical review for health system procurement teams.