Tandem Health

AI medical scribe and coding assistant built to EU medical-device standards

PrivateNode

AI specialists for UK professional services — employment law, tax, immigration, and more with zero data retention

Tandem Health

Excellent

25/25

PrivateNode

Strong

18/25

Score Breakdown

DimensionTandem HealthPrivateNode

Data Residency

Where is your data stored and processed?

Tandem Health: Patient data is processed and stored exclusively in European data centres, and audio is deleted immediately after transcription with no storage — an explicit EU-only posture.

PrivateNode: All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.

5/5

Patient data is processed and stored exclusively in European data centres, and audio is deleted immediately after transcription with no storage — an explicit EU-only posture.

5/5

All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.

Legal Jurisdiction

Which laws govern the company and your data?

Tandem Health: Incorporated as Tandem Health AB in Sweden with no US parent, placing it fully within EU/EEA jurisdiction.

PrivateNode: UK limited company (Twakka Ltd, England & Wales). UK GDPR-equivalent jurisdiction with EU adequacy decision. Not subject to US CLOUD Act. Outside EEA but UK adequacy provides smooth data transfer basis.

5/5

Incorporated as Tandem Health AB in Sweden with no US parent, placing it fully within EU/EEA jurisdiction.

3/5

UK limited company (Twakka Ltd, England & Wales). UK GDPR-equivalent jurisdiction with EU adequacy decision. Not subject to US CLOUD Act. Outside EEA but UK adequacy provides smooth data transfer basis.

Data Retention & Training

Is your data used for model training?

Tandem Health: States it does not train AI models on patient or personal data, deletes audio immediately after transcription, offers enterprise data agreements, and operates under an ISO 13485 medical-device QMS.

PrivateNode: Explicit zero data retention policy. Conversations are not stored after session ends. No user data used for model training. Single-tenant architecture provides full isolation.

5/5

States it does not train AI models on patient or personal data, deletes audio immediately after transcription, offers enterprise data agreements, and operates under an ISO 13485 medical-device QMS.

5/5

Explicit zero data retention policy. Conversations are not stored after session ends. No user data used for model training. Single-tenant architecture provides full isolation.

Certifications

ISO 27001, SOC 2, Cyber Essentials, etc.

Tandem Health: Exceptional stack: ISO 27001:2022, ISO 13485:2016, ISO 42001:2023, ISO 14001, NEN 7510, plus CE/MDR Class IIa and UKCA medical-device marks, NHS DSPT and Cyber Essentials Plus. No SOC 2 published, but sector-specific medical-device certification more than compensates.

PrivateNode: No SOC 2 or ISO 27001 certifications publicly confirmed. Hosting provider (Hetzner) holds ISO 27001 certification. Early-stage company; formal certifications would strengthen trust posture.

5/5

Exceptional stack: ISO 27001:2022, ISO 13485:2016, ISO 42001:2023, ISO 14001, NEN 7510, plus CE/MDR Class IIa and UKCA medical-device marks, NHS DSPT and Cyber Essentials Plus. No SOC 2 published, but sector-specific medical-device certification more than compensates.

1/5

No SOC 2 or ISO 27001 certifications publicly confirmed. Hosting provider (Hetzner) holds ISO 27001 certification. Early-stage company; formal certifications would strengthen trust posture.

Regulatory Fit

Suitability for regulated industries and professional services

Tandem Health: Purpose-built and CE/MDR-certified as a medical device for EU and UK clinical use, with named applicability to healthcare regulators (EMA, MHRA) and NHS frameworks.

PrivateNode: Strong fit for UK regulated professional services. Domain-specific specialists trained on authoritative legislation sources. Zero data retention addresses key GDPR concerns. Suitable for SRA-regulated solicitors and FCA-regulated advisers.

5/5

Purpose-built and CE/MDR-certified as a medical device for EU and UK clinical use, with named applicability to healthcare regulators (EMA, MHRA) and NHS frameworks.

4/5

Strong fit for UK regulated professional services. Domain-specific specialists trained on authoritative legislation sources. Zero data retention addresses key GDPR concerns. Suitable for SRA-regulated solicitors and FCA-regulated advisers.

Total Score

25/25

18/25

Best For

Tandem Health

Best for regulated industries (ICO, SRA); privacy-conscious teams who need strong data retention controls.

PrivateNode

Best for EU-headquartered organisations needing maximum data sovereignty; organisations requiring broad certification coverage (CE mark (EU MDR), MDR Class IIa, UKCA); regulated industries (EMA, MHRA); privacy-conscious teams who need strong data retention controls; teams on a tight budget; enterprises requiring SSO integration.

Detailed Comparison

PrivateNode vs Tandem Health: Trust & Compliance Comparison

PrivateNode (PrivateNode, GB) scores 18/25 overall with a Silver (Strong) trust badge. AI specialists for UK professional services — employment law, tax, immigration, and more with zero data retention. Tandem Health (Tandem Health, SE) scores 25/25 with a Gold (Excellent) trust badge. AI medical scribe and coding assistant built to EU medical-device standards.

Dimension-by-Dimension Breakdown

#### Data Residency

Both score equally at 5/5.

●PrivateNode (5/5): All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.

●Tandem Health (5/5): Patient data is processed and stored exclusively in European data centres, and audio is deleted immediately after transcription with no storage — an explicit EU-only posture.

#### Legal Jurisdiction

Tandem Health leads with 5/5 vs 3/5.

●PrivateNode (3/5): UK limited company (Twakka Ltd, England & Wales). UK GDPR-equivalent jurisdiction with EU adequacy decision. Not subject to US CLOUD Act. Outside EEA but UK adequacy provides smooth data transfer basis.

●Tandem Health (5/5): Incorporated as Tandem Health AB in Sweden with no US parent, placing it fully within EU/EEA jurisdiction.

#### Data Retention & Training

Both score equally at 5/5.

●PrivateNode (5/5): Explicit zero data retention policy. Conversations are not stored after session ends. No user data used for model training. Single-tenant architecture provides full isolation.

●Tandem Health (5/5): States it does not train AI models on patient or personal data, deletes audio immediately after transcription, offers enterprise data agreements, and operates under an ISO 13485 medical-device QMS.

#### Certifications

Tandem Health leads with 5/5 vs 1/5.

●PrivateNode (1/5): No SOC 2 or ISO 27001 certifications publicly confirmed. Hosting provider (Hetzner) holds ISO 27001 certification. Early-stage company; formal certifications would strengthen trust posture.

●Tandem Health (5/5): Exceptional stack: ISO 27001:2022, ISO 13485:2016, ISO 42001:2023, ISO 14001, NEN 7510, plus CE/MDR Class IIa and UKCA medical-device marks, NHS DSPT and Cyber Essentials Plus. No SOC 2 published, but sector-specific medical-device certification more than compensates.

#### Regulatory Fit

Tandem Health leads with 5/5 vs 4/5.

●PrivateNode (4/5): Strong fit for UK regulated professional services. Domain-specific specialists trained on authoritative legislation sources. Zero data retention addresses key GDPR concerns. Suitable for SRA-regulated solicitors and FCA-regulated advisers.

●Tandem Health (5/5): Purpose-built and CE/MDR-certified as a medical device for EU and UK clinical use, with named applicability to healthcare regulators (EMA, MHRA) and NHS frameworks.

Certifications at a Glance

Certification	PrivateNode	Tandem Health
CE mark (EU MDR)	No	Yes
Cyber Essentials Plus	No	Yes
GDPR	No	Yes
ISO 13485:2016	No	Yes
ISO 14001:2015	No	Yes
ISO 42001:2023	No	Yes
ISO/IEC 27001:2022	No	Yes
MDR Class IIa	No	Yes
NEN 7510	No	Yes
NHS DSPT	No	Yes
UKCA	No	Yes

Overall Verdict

Tandem Health has a clear trust advantage, scoring 25/25 compared to PrivateNode's 18/25. Tandem Health particularly excels in legal jurisdiction, certifications, regulatory fit.

Frequently Asked Questions

Which is better for EU compliance, Tandem Health or PrivateNode?

Tandem Health has a TrustKit score of 25/25 while PrivateNode scores 18/25. Tandem Health currently rates higher across data residency, legal jurisdiction, data retention, certifications, and regulatory fit.

How do Tandem Health and PrivateNode compare on data residency?

Tandem Health scores 5/5 for data residency (Patient data is processed and stored exclusively in European data centres, and audio is deleted immediately after transcription with no storage — an explicit EU-only posture.), while PrivateNode scores 5/5 (All infrastructure hosted on Hetzner servers in Germany (EU). Zero US cloud dependency — no AWS, Azure, or GCP. Data stays within the EU at all times.).

Are Tandem Health and PrivateNode GDPR compliant?

Both tools are assessed across five compliance dimensions. Tandem Health has a regulatory fit score of 5/5 and PrivateNode scores 4/5. Check the full comparison above for a detailed breakdown.

Explore Each Tool