Skip to main content

Can my administrator or colleagues see my BastionGPT chats?

No. Every BastionGPT user has a completely private workspace. Colleagues and admins cannot read your chats, and sharing is always opt-in.

J
Written by Josh Spencer

No. Every BastionGPT user has a completely private workspace. Your colleagues cannot open your chats, your administrator cannot read them, and nothing you enter is visible to anyone else in your organization. Sharing is always something you choose, never a default.

This article explains how chat privacy works on BastionGPT team accounts: what administrators can and cannot do, how opt-in sharing works, and why we designed it this way.

Does every user get a private workspace?

Yes. Every account is kept entirely separate, with no cross-communication between workspaces. Your chats, uploaded documents, and saved prompts live in your workspace, and you are the only person who puts eyes on them.

Teams tell us this is exactly what they want: no one overseeing anyone else's client work. It also protects patients in group practices where staff members are sometimes patients themselves. Because workspaces never cross-communicate, there is no path for one clinician's patient information to appear in a colleague's chats.

The same thinking applies within your own workspace: each chat starts fresh, with no AI memory carrying information from one conversation into the next. You can read why in Can BastionGPT remember information across chats?

Can my administrator see my chats?

No. Whoever manages your organization's subscription handles the business side of the account, such as adding team members and adjusting plans. There is no administrator view that opens another user's conversations, and no setting that turns one on.

For organizations that need oversight controls, such as confirming an internal AI use policy is being followed, options exist that still keep human eyes off the conversations themselves:

  • Keyword and theme reports. We can set up reporting that tells your organization whether specified topics, themes, or keywords appear in usage, without giving anyone read access to the underlying chats.

  • Account reset. An administrator can have a team member's account reset, for example when someone leaves the organization.

  • Authorized representative access. In rare situations, such as a legal or compliance matter, your organization can work with our team to give an authorized representative access to a specific account. This is deliberately not self-service, and it very rarely happens.

Can I share prompts and results with colleagues when I want to?

Yes, and it is always opt-in. If you build a prompt that works well, you can share it with others in your organization: select the share option on the prompt and choose exactly which prompts your colleagues receive. Teams use shared prompts to keep documentation consistent across the organization, with everyone working from the same templates and instructions while their actual conversations stay private.

Conversations themselves are not shared. When you want a colleague to see a result, copy or download the output and pass it along through your normal systems, the same way you would any document you produce.

Why does BastionGPT work this way?

Our guiding principle is to keep human eyes off your data as much as possible. That applies to your colleagues, to your administrators, and to our own team. Messages and documents you send are processed in a hardened secure enclave, securely wiped after processing, and your results are returned to your account. Your data is never used to train AI models, never resold, and never used for marketing. The full data lifecycle is covered in How is BastionGPT secure?

It also reflects a rule we apply across BastionGPT: we will never ship a feature that could put your compliance at risk. Anywhere data can go, we assume patient data will go. An administrator dashboard that exposed everyone's conversations would turn a routine login into a potential privacy incident, so we build oversight tools that answer the organization's question without exposing patient records.

This privacy model is backed by contract as well as design. Every plan includes our HIPAA Business Associate Agreement, in place from the moment you sign up; see Does BastionGPT offer a HIPAA Business Associate Agreement (BAA)?

If your organization is rolling out BastionGPT and has specific oversight or compliance requirements, email us at [email protected] and we will walk through the options with your team. Still evaluating? Your whole team can test BastionGPT together on one free trial.

Did this answer your question?