Privacy Policy

Last updated: October 21, 2024

Welcome to TranscribeMD! We are committed to protecting the privacy and security of your information. This Privacy Policy outlines how we collect, use, share, and protect the data you provide when using our services, in compliance with the Health Insurance Portability and Accountability Act (HIPAA). By using TranscribeMD, you agree to the terms of this Privacy Policy. If you do not agree with these terms, please refrain from using our services.

1. Information We Collect

We may collect the following types of information through our platform:

Protected Health Information (PHI): Clinical data, encounter notes, transcripts, and any patient-related data uploaded for processing.
Personal Information: User account details such as email address, name, and login credentials.
Usage Data: Data related to your use of our services, including interaction logs and service usage statistics.

2. How We Use Your Information

We use the information collected to:

Generate transcripts and clinical summaries from audio recordings of patient encounters.
Provide real-time updates and results for your documentation needs.
Improve our machine learning models and services (with de-identified data only).
Communicate with you about your account, features, and updates.
Ensure compliance with HIPAA and other applicable laws.

3. Data Security and HIPAA Compliance

We take the privacy and security of PHI seriously and comply with HIPAA regulations. This includes:

Encryption: All data is encrypted in transit and at rest.
Access Control: Access to PHI is limited to authorized personnel only.
Audit Logging: We maintain logs of access and activity related to PHI.
Data Redaction: We redact all personal identifiers from transcripts before using them in any further processing.
No Storage of PHI: We do not store PHI beyond what is required for immediate processing.

4. Sharing of Information

We do not sell or share your information with third parties for marketing purposes. We may share information only:

With your authorization or as required to deliver services.
With trusted service providers (e.g., Vim for EHR integration), who are also subject to HIPAA compliance.
As required by law, such as in response to legal proceedings or government requests.

5. User Controls and Data Retention

User Control: You retain full control over your data. You can request the deletion of your data at any time.
Data Retention: We retain data only as long as required per HIPAA compliance.

6. Third-Party Services and Integrations

Our service integrates with external systems, such as EHRs, to streamline workflows. We ensure that all third-party services we work with are HIPAA-compliant. Please note that we are not responsible for the privacy practices of third parties.

7. Your Rights

As a user of TranscribeMD, you have the following rights:

Access: You can request access to your personal data and any PHI processed through the platform.
Access Control: Access to PHI is limited to authorized personnel only.
Correction: You can request corrections to any inaccurate information.
Deletion: You can request the deletion of your data.
Complaint: If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services (HHS).

8. Cookies and Usage Tracking

We may use cookies and other tracking technologies to improve the functionality and performance of our platform. Usage data is anonymized and does not contain PHI.

9. Changes to the Privacy Policy

We reserve the right to update this Privacy Policy as needed. We will notify users of any significant changes through email or in-app notifications.