Loretta is the sovereign infrastructure layer that lets German health organisations deploy AI agents with built-in GDNG, EHDS, and EU AI Act compliance. Your data never leaves your building.
In production. Clinically Validated. Sovereign Architecture. Built on IONOS Cloud · FHIR R4 native.
In this section, you'll find answers to common questions about our AI-driven platform and how it empowers personalised healthcare.
Loretta is sovereign AI infrastructure for European health systems, the secure, compliant operating layer that enables insurers and hospitals to deploy preventive care agents via API, while health data never leaves their environment.
Germany’s statutory insurers hold data on 73 million lives but lack the infrastructure to act on it under incoming GDNG and EHDS regulations. Loretta provides the missing layer: production-ready endpoints for risk stratification, causal intervention design, and bias-corrected agent workflows pre-certified for GDNG, EHDS, and EU AI Act requirements. Institutions connect to Loretta’s federated Trust Center nodes alongside their existing systems and go live in weeks, not years.
Loretta is the protocol layer, the rails that institutions build on. We publish a reference implementation to demonstrate what partners can deploy using our APIs, much like Stripe showcases payment flows but sells the infrastructure underneath. The product is the endpoint architecture: sovereignty, causality, and equity correction delivered as API contracts under the institution’s full control.
Germany's statutory insurers hold decades of data on 73 million lives, but their analytics can only answer correlational questions. They know who is at risk. They cannot answer the question that drives intervention ROI: "If we enrol this cohort in programme X, what is the causal effect on outcomes?"
Loretta closes that gap. Our API delivers sovereign risk stratification that keeps data inside Trust Center nodes, causal intervention design that prescribes what works for whom, and equity-corrected resource allocation that withstands regulatory audit. The result: fewer avoidable hospitalisations, lower chronic care costs, and a defensible compliance posture ahead of GDNG enforcement.
Patient data remains inside the responsible institution's secure processing environment (Trust-Centre or equivalent); Loretta's components are deployed locally and central systems only receive aggregated, non-identifiable parameters.
Yes. Loretta's architecture is designed around GDPR principles and GDNG requirements for secondary use of health data, including use of secure processing environments and prohibition of cross-border raw data transfers.
No. Loretta does not move personal health data outside the responsible institution or into non-sovereign cloud environments; this is a core design choice to meet GDNG and EHDS sovereignty requirements.
Secondary use means using health data for research, planning, and prevention rather than direct clinical care; GDNG and EHDS explicitly legalise such use under strict safeguards, and Loretta provides the technical implementation to do this safely.
Loretta's equity correction engine enforces fairness during model training, not after deployment. Models are mathematically constrained so that performance disparities across socioeconomic status, age, and gender remain below defined thresholds, currently set at less than 5% across socioeconomic status. This means any insurer deploying agents through Loretta's infrastructure inherits auditable compliance with fairness standards without building a single bias model themselves. For insurers, the result is preventive interventions that allocate resources based on causal need rather than historical data patterns that reproduce existing inequities.
Models are trained across decentralized nodes inside "Trust-Centres" (Sichere Verarbeitungsumgebungen, SPE), so raw patient data never leaves institutional custody; only encrypted model updates are aggregated centrally.
Causal inference methods estimate the effect of an intervention (for example a diabetes management programme) rather than just correlation, allowing Loretta to model "uplift" and benchmark estimates against randomised controlled trials within about a 20% margin.
Loretta infers socioeconomic status (SES) from privacy-preserving proxies and constrains models so that performance disparities (for example false negatives) between SES groups stay below about 5%, in line with emerging fairness research and regulatory expectations.
No. Loretta augments existing workflows with risk scores and intervention suggestions; all decisions remain under human oversight and institutional clinical governance.
EHDS requires each member state to build interoperable health data spaces and designate data access bodies; Loretta is built to run within these national infrastructures, making it easier to extend from Germany to other EU markets.
Yes, by design. Health AI that influences clinical and coverage decisions should meet the highest standard. Loretta's infrastructure embeds the required risk management, audit documentation, human oversight controls, and bias monitoring as default API capabilities, not as compliance layers added after the fact. Any agent deployed through Loretta is EU AI Act-compliant by design. For institutions evaluating build-versus-buy decisions: building these controls in-house takes 12–18 months of engineering. Loretta delivers them as endpoint features on day one.
Loretta plans to pursue DiGA (Digital Health Application) listing in Germany where appropriate for patient-facing modules; for B2B infrastructure, compliance with GDNG, EHDS, and the EU AI Act is the primary focus.
A clinical randomized controlled trial is planned to demonstrate improvements in outcomes such as HbA1c and blood pressure, with all results stratified by SES to test equity.
German statutory health insurers (GKV) and large health systems are the initial focus, with expansion to other EU payers and providers as EHDS infrastructures come online.
Initial deployments target high-burden chronic conditions such as type 2 diabetes and hypertension, with a roadmap to extend to other cardiometabolic and respiratory diseases.
Loretta connects to claims and EHR systems via standard interfaces such as HL7/FHIR and operates within existing secure processing environments, reducing the need to change institutional IT.
Yes. Through insurer or provider partnerships, Loretta can power employer health programmes using the same risk and intervention engine, with pricing aligned to per-member-per-month models.
Loretta provides a reference implementation that institutions can white-label to deliver reminders, education, and monitoring within their existing clinical workflows; it is not a standalone direct-to-consumer product and operates entirely under institutional governance.
All messages, prompts, and recommendations delivered through the clinical workflow are triggered and approved under institutional clinical rules and oversight; Loretta provides the tooling, not autonomous decision-making.
A governed clinical workflow interface can be included within a DiGA-style pathway where appropriate; regulatory classification depends on the specific configuration and intended use agreed with the institution.
Chronic disease accounts for over 80% of Germany's statutory health spending. Most of that cost is due to avoidable hospitalisations and late-stage complications among patients who could have been identified and reached earlier. Loretta's infrastructure enables insurers to move from reactive claims processing to targeted, causal prevention, identifying which interventions will reduce costs for which cohorts, and deploying them via API before expensive acute episodes occur. The economic logic is straightforward: every prevented hospitalisation is a direct cost avoidance, and Loretta makes prevention programmable at the population scale.
Loretta is priced as infrastructure, not software seats. The primary model is an annual enterprise licence per insurer or health system, with optional per-API-call pricing for high-volume deployments. As deployment density scales across a covered population, per-member-per-month fees apply. This structure converts capital expenditure into predictable operating expenditure — and scales linearly with the institution's covered population.
Established prevention programmes in Germany demonstrate 3–5x ROI over three years. Loretta's goal is to improve on those returns by making prevention more precisely targeted through causal inference, more equitably distributed through bias correction, and faster to deploy through API infrastructure. For context: a single prevented diabetes-related hospitalisation saves an insurer approximately €5,000–€8,000 per event. At the population scale across a major Krankenkasse, even modest improvements in prevention targeting translate to millions in annual cost avoidance.
Only if your doctor, hospital, or health insurance decides to use Loretta's tools to help manage your care. Even then, your data stays with your healthcare provider and is never shared outside their secure systems. Loretta is a tool they use like a calculator, not a separate company collecting your information.
Your healthcare provider or insurer will inform you if they are using Loretta to support your treatment plan. In some cases, you may receive helpful reminders or personalised health tips through your provider's clinical workflow, but only if your provider has set this up for you. You can always ask your care team if and how Loretta is being used.
Yes, you will always give explicit consent for the use of your data. With your consent, your healthcare provider or insurer will comply with all legal requirements regarding consent and data protection under German and EU law. If you have questions about how your data is used, speak to your doctor's office or insurance representative. They control all decisions about your information.