Why we are building Catina

Why our health data isn’t ours

At some point, and no one quite remembers when, we accepted a strange bargain. The details of our biology: our blood work, sleep patterns, genetic variants, the rhythms of our heart at 2am, became, by default, someone else’s property.

Not through coercion. Through convenience.

We didn’t sign away our health data in a moment of desperation. We did it gradually, tap by tap, each time we agreed to terms of service we didn’t read. The default was always “share”. Opting out required effort, and effort is a tax most people don’t pay. And so the most intimate data that exists, data that is essentially us, flowed quietly to servers owned by companies whose incentives we cannot see.

Privacy as a ‘policy’

Most health companies tell you that your data is private. What they mean is they’ve promised not to look. They still hold the keys. Your data lives on their servers, governed by a privacy policy that their legal team can revise, that a regulator can subpoena, or that a breach can expose. It can be reversed by a board, a regulator, an acquirer, or a change in strategy that seemed sensible at the time.

That is not privacy.

What AI made possible and at what cost

The holy grail of digital health was personalization; and for the first time in history, AI has made personal health insight possible. Instead of population averages, AI can apply pattern recognition based on individual’s health dataset across their own genetics, blood biomarkers, wearable data and more. When integrating across modalities, AI can begin to reveal sensitive personal knowledge and individual health trajectories. Your 23andMe results alone feel like a tarot reading, but genetics alongside blood biomarkers alongside lifestyle is a different story entirely. The fuller the picture, the more meaningful the signal.

And this is exactly where AI becomes a double-edged sword.

For most closed-source AI companies, data is stored and processed on servers you don’t control. By default, your conversations, which may include your medical history, symptoms and other sensitive information, are stored and used to train future AI models. Company employees can access conversations for quality control and safety reviews. With every AI interaction you are building a more complete portrait of you, on their servers, in future models.

To get personalized health intelligence, you have to surrender ownership to get it. Privacy and insight are framed as a tradeoff. You can only pick one. The pattern repeats.

Centralized data storage also creates a structural danger. When sensitive data from thousands of people concentrates in a single system, that system becomes an extraordinarily valuable target. A breach doesn’t affect one person; it exposes thousands of genetic profiles, diagnoses, and biomarkers in a single incident. The honeypot exists because of centralization.

Stepping back to go forward

We began by asking the question: what if privacy were designed from the ground up, with data sovereignty as the starting point, not an afterthought? What would it mean to design a system where privacy is guaranteed by its structure, not just by policy?

The answer led to a different architecture: local storage with private AI processing. Your health data lives encrypted on your device. When AI processes it, that processing happens inside a Trusted Execution Environment, a sealed computational vault that not even the AI infrastructure provider running it can inspect. You can verify that the AI is running in the TEE, not just trust the provider.

There is no central server holding a copy, no honeypot to breach. Nothing to log, nothing to train on, no data to sell.