Savva CAIHL draft report

HugoScore CAIHL Draft Report: Savva

• Status: Draft for human review
• Last reviewed: 2026-06-30
• Review method: Public-source review of Savva's homepage, About page, Universal Records page, beta launch blog, privacy policy, and terms of use. No hands-on app walkthrough, network-traffic inspection, source-code review, vendor interview, patient interview, connector audit, security review, or independent model evaluation was performed.
• Service: Savva
• Vendor: Vircode, Inc. (Savva)
• URL: https://www.savva.ai/
• Category: Patient-controlled health records AI

Summary

Savva is a patient-controlled, local-first health records AI app from Vircode, Inc. It is designed to bring medical records, labs, medications, visit notes, scans, PDFs, wearables, fitness data, and multiple AI models into a patient-owned phone experience. Public materials describe a no-account, on-device default design, with optional cloud AI calls only when the user selects a third-party model provider.

From a CAIHL perspective, Savva is strongly agency-oriented on paper. It is patient-installed, record-centered, model-choice oriented, and explicit about AI involvement. The most agency-positive claim is that connected health data remains on the user's device by default. If accurate in practice, this is meaningfully different from vendor-hosted personal health record or enterprise digital front door designs.

The main caution is that the strongest claims are vendor-stated and not independently verified. As of June 30, 2026, the homepage says Savva is launching on July 7, 2026, while a company blog describes a beta already available to early users. The practical app experience, record connector reliability, export controls, deletion controls, local storage behavior, cloud AI routing, and model-provider data handling still need hands-on review.

• Agency posture: Potentially agency-expanding
• Agency axis position: 78 of 100
• Confidence: Medium draft, official sources only, not independently verified

Evidence Reviewed

• Savva homepage: https://www.savva.ai/
• Savva About page: https://www.savva.ai/about
• Universal Records page: https://www.savva.ai/universal-records
• Savva beta launch blog: https://www.savva.ai/blogs/savva-beta-is-here-a-new-way-to-understand-medical-records-and-fitness
• Savva privacy policy, last updated 2026-02-12: https://www.savva.ai/legal/privacy
• Savva terms of use: https://www.savva.ai/legal/terms

CAIHL Profile

Who does this AI serve?

Savva primarily serves patients and caregivers who want to consolidate, understand, and question their own health records. The public positioning is patient-directed rather than institutional. However, the architecture also depends on record connector ecosystems, app stores, AI model providers, and possibly future hospital QR-code workflows, so patient control depends on how those handoffs work in practice.

Can patients tell AI is involved?

Yes. AI-generated summaries, multiple model comparison, and cloud/on-device AI choices are central product claims.

Can patients meaningfully choose?

Partially documented. The privacy policy says each data connection is opt-in, no account is required by default, cloud AI requires explicit provider consent, and app deletion withdraws consent. Hands-on review of onboarding, export, deletion, subscription, and model-selection UX remains necessary.

Can patients correct or challenge what the AI produces?

Weakly documented. The privacy policy includes correction rights for personal data, and the product emphasizes source visibility, but public materials do not document an AI-output challenge flow, error-reporting workflow, model-disagreement handling, or clinician annotation process.

Does it help patients understand or act?

Potentially, with caveats. Timelines, source-linked summaries, lab explanations, fitness charts, and multiple AI perspectives could support visit preparation and self-advocacy. No independent outcome, accuracy, safety, or patient-burden evaluation was found.

Agency Interpretation

Savva is unusually aligned with the patient side of CAIHL because it treats the patient as the integrator of their own health information. It aims to make records legible, comparable, portable, and explainable without requiring a health system, payer, employer, or clinician workflow to mediate access.

That design could be agency-expanding if the privacy architecture is accurate and if the app preserves source traceability. A patient who can compare a lab panel across models, see where a number came from, and bring a coherent timeline to a visit is better positioned to ask informed questions.

The agency constraint is operational trust. A local-first claim is only as good as the implementation. A patient may still send sensitive records to cloud AI providers, depend on third-party connector infrastructure, rely on OCR and summaries that may be wrong, or misunderstand AI-generated wellness insights as medical advice.

Key Unknowns

• Whether Savva is publicly available, beta-only, waitlisted, iOS-only, Android-ready, or otherwise limited as of June 30, 2026.
• Whether the local-first and no-account privacy architecture can be verified through app behavior or network inspection.
• What data leaves the device during record connection, scanning, OCR, cloud AI calls, analytics, billing, crash reporting, and support requests.
• Which record connector or aggregator powers the claimed healthcare-site/EHR connections, and what policies govern that flow.
• Whether patients can export all data and AI summaries in usable formats.
• Whether patients can delete imported records, delete OCR outputs, revoke individual connectors, and verify deletion.
• Whether patients can correct source data, annotate disputed records, or challenge incorrect AI-generated summaries.
• How Savva handles conflicting answers across different AI models.
• How high-risk findings, urgent symptoms, medication conflicts, abnormal labs, and possible emergencies are surfaced.
• Whether the broad user-content license in the terms applies to uploaded, scanned, or AI-submitted health materials.
• Whether cloud AI providers retain, train on, or otherwise process selected data under their own terms when invoked through Savva.
• Whether the app is accessible for disabled users, low-literacy users, multilingual users, caregivers, older adults, and users without current portal credentials.

Publication Recommendation

Ready for human review as a source-backed draft profile. Raise confidence from low to medium draft because official sources now support the core service description, local-first data-governance claim, AI-provider choice, patient-directed classification, clinical-boundary finding, and launch/beta caveat. Keep the agency axis at 78 unless Hugo revisits calibration. Do not mark reviewed or verified until availability, hands-on app behavior, network egress, connector governance, export/deletion/correction controls, cloud AI provider terms, terms/privacy ambiguity, accessibility, and independent evaluation are reviewed.