Privacy Policy

1. Information We Collect

We may collect the following types of information:

a) Protected Health Information (PHI)

• Patient demographics (name, date of birth, gender, etc.)
• Medical histories, diagnoses, treatment plans, prescriptions, and other clinical data
• Audio recordings, transcripts, or notes from patient encounters

b) Personal Information (Non-Clinical)

• Name, email address, specialization and organization details of healthcare providers and clients
• Account login credentials (if applicable)

c) Technical Information

• Device type, browser, IP address, and usage data to improve platform performance and security

2. How We Use Information

We use collected information strictly for the following purposes:

• Medical Documentation & Coding: To transcribe, summarize, and code clinical encounters accurately.
• Service Improvement: To enhance accuracy, efficiency, and performance of our AI systems.
• Compliance & Security: To comply with HIPAA, GDPR, and other applicable laws and regulations.
• Customer Support: To respond to inquiries, troubleshoot issues, and provide service updates.
• Analytics: To monitor usage patterns in a de-identified and aggregated form.

3. Data Sharing & Disclosure

We do not sell or rent your data. Information may be disclosed only under the following circumstances:

• Authorized Use: With healthcare providers and organizations using Scribe AI for clinical documentation.
• Legal Obligations: When required by law, regulation, or court order.
• Service Providers: With trusted vendors who support our services under strict confidentiality agreements.
• De-identified Data: For research, benchmarking, and AI model training, ensuring no individual patient can be identified.

4. Data Security

We implement industry-leading safeguards, including:

• End-to-end encryption (in transit and at rest)
• HIPAA-compliant infrastructure and access controls
• Regular audits, vulnerability testing, and compliance monitoring
• Role-based access with strict authentication measures

5. Data Retention

• PHI and related clinical records are retained only as long as necessary to provide services and comply with applicable laws.
• Non-clinical information may be retained for account management, billing, and compliance purposes.
• Upon request, data can be securely deleted or returned, subject to legal and regulatory requirements.

6. Your Rights

Depending on your location, you may have rights under HIPAA, GDPR, or other laws, including:

• Right to access and obtain a copy of your information
• Right to request corrections or updates
• Right to request deletion (where applicable)
• Right to restrict or object to certain processing activities
• Right to data portability

Requests may be made by contacting us at the details below.

7. Children's Privacy

Our services are directed to healthcare professionals and organizations. We do not knowingly collect information directly from individuals under 18 years of age.

8. Changes to this Policy

We may update this Privacy Policy from time to time. Any changes will be posted with an updated effective date. Continued use of our services indicates acceptance of the revised policy.

9. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact: