Privacy-preserving health assistants
Why DiaCare keeps the entire health profile in browser localStorage, what the threat model looks like, and where on-device inference is heading.
An AI health assistant is only worth using if you trust where your data lives.
DiaCare’s current architecture
The user's health profile lives in browser localStorage. The Cloudflare Worker is stateless — it forwards messages to the model and returns the response. Anonymous request counts are logged for reliability, with no content or identifiers.
Threat model
We protect against: server-side data breaches (no server data), accidental sharing (profile never leaves the device), and re-identification (no cross-session linking).
On-device inference
Small models running directly in the browser are becoming viable. A future DiaCare may offload the most sensitive flows (profile interpretation) to on-device inference, with the cloud only handling general questions.