Privacy Policy
Effective Date: February 9, 2026
Healthcare Privacy Commitment: MyMediScribe is a HIPAA-compliant medical scribe platform.
We take the privacy and security of your health information seriously. This policy explains how we collect,
use, protect, and share your information.
At MyMediScribe ("MyMediScribe," "we," "us," or "our"), operated by AI Driven Healthcare Solutions, LLC,
your privacy matters. This Privacy Policy explains how we collect, use, and protect your information when
you use our mobile application ("App"), visit our website at
https://www.mymediscribe.com (the "Website"), use our software
platform (the "Platform"), or otherwise engage with us.
1. Who This Policy Covers
This Privacy Policy applies to:
- Visitors – those who browse the Website or download the App without creating an account.
- Healthcare Providers – medical professionals who use MyMediScribe to transcribe and document patient encounters.
- Customers – individuals or healthcare organizations that subscribe to the Platform.
- Authorized Users – employees or contractors of Customers who are granted access to the Platform.
By using our App, Website, or Platform, you agree to this Privacy Policy and the applicable Terms of Use.
2. Information We Collect
2.1 Information You Provide
Account Information
To use MyMediScribe, you must create an account. We collect:
- Name
- Email address
- Phone number (optional)
- Password (encrypted)
- Professional credentials (for healthcare providers)
- Organization/practice information
Patient Information
When you use MyMediScribe to document patient encounters, you may enter:
- Patient names and identifiers
- Medical history and conditions
- Treatment notes and diagnoses
- Any information dictated during encounters
Important: This constitutes Protected Health Information (PHI) under HIPAA and is handled with the highest level of security.
Audio Recordings
Microphone Access: MyMediScribe requires access to your device's microphone to record
medical encounters for transcription. Audio is:
- Encrypted during transmission using TLS 1.2+
- Processed by our AI transcription service
- Stored securely in HIPAA-compliant infrastructure (AWS)
- Deleted according to your retention settings or upon request
Billing Information
If you subscribe to paid services, our third-party payment processor (Stripe) collects billing details.
MyMediScribe does not store credit card numbers or bank account information.
2.2 Information Collected Automatically
Device Information
When you use our App, we automatically collect:
- Device type and model
- Operating system and version
- App version
- Unique device identifiers (for app functionality only, not advertising)
- IP address
- Time zone
Usage Data
We collect information about how you use the App:
- Features used
- Session duration
- Errors and crashes
- Performance metrics
Push Notifications
If you enable push notifications, we collect your device token to send you important updates about your
transcriptions, account, and service status. You can disable notifications in your device settings.
2.3 Information We Do NOT Collect
- We do not use health data for advertising
- We do not sell your personal information or health data
- We do not use the Apple Advertising Identifier (IDFA) for tracking
- We do not share data with data brokers
3. How We Use Your Information
- Provide transcription services – Audio recordings, patient data (Contract performance, HIPAA authorization)
- Create and manage your account – Account information (Contract performance)
- Process payments – Billing information via Stripe (Contract performance)
- Improve our services – Usage analytics and feedback only; we do NOT use your data to train AI models (Legitimate interest)
- Send service notifications – Contact information, device tokens (Contract performance)
- Ensure security and prevent fraud – Device info, usage patterns (Legitimate interest)
- Comply with legal obligations – As required by law (Legal obligation)
4. AI and Automated Processing
MyMediScribe uses artificial intelligence to:
- Transcribe audio: Convert spoken medical encounters to text
- Generate clinical notes: Create structured documentation from transcriptions
- Suggest medical terminology: Improve accuracy of clinical documentation
🔒 AI Training Policy: We do NOT use your data to train AI models.
Your audio recordings, transcriptions, clinical notes, and any patient information are never used
to train, improve, or develop artificial intelligence or machine learning models. Your data is used
solely to provide you with transcription and documentation services. This commitment applies to both
our internal systems and any third-party AI services we use.
5. Data Sharing and Disclosure
5.1 Service Providers
We share data with trusted service providers who help us operate:
- Amazon Web Services (AWS): HIPAA-compliant cloud hosting and storage
- AWS Bedrock: AI processing for transcription (BAA in place)
- Stripe: Payment processing
- AWS Cognito: Authentication services
All service providers with access to PHI have signed Business Associate Agreements (BAAs).
5.2 We Do NOT Share Data With
- Advertising networks
- Data brokers
- Social media platforms
- Any third party for marketing purposes
5.3 Legal Requirements
We may disclose information if required by law, court order, or government regulation, or to protect
the rights, property, or safety of MyMediScribe, our users, or others.
6. Data Security
We implement robust security measures to protect your information:
- Encryption: All data encrypted in transit (TLS 1.2+) and at rest (AES-256)
- Access Controls: Role-based access, multi-factor authentication available
- HIPAA Compliance: Full compliance with HIPAA Privacy and Security Rules
- SOC 2 Type II: Annual security audits
- Secure Infrastructure: AWS GovCloud-eligible infrastructure
- Regular Audits: Penetration testing and vulnerability assessments
7. Data Retention
- Audio recordings: Retained for 30 days by default, or per your organization's settings
- Transcriptions and notes: Retained until you delete them or close your account
- Account information: Retained while your account is active plus 7 years for legal compliance
- Billing records: Retained for 7 years per tax requirements
Healthcare organizations may have longer retention requirements. Check with your compliance officer.
8. Your Rights and Choices
8.1 Access and Portability
You can:
- Access your personal data through your account settings
- Export your transcriptions and notes
- Request a copy of all data we hold about you
8.2 Correction
You can update your account information at any time through the App or by contacting us.
8.3 Deletion
Right to Delete: You can request deletion of your personal data by:
Upon request, we will delete your personal data within 30 days, except where retention is required by law
or for legitimate business purposes.
8.4 Opt-Out Rights
- Marketing emails: Unsubscribe link in every email
- Push notifications: Disable in device settings
- AI training contribution: Opt out in account settings
9. App Tracking Transparency
MyMediScribe does not track you across other companies' apps or websites.
We do not use the Apple Advertising Identifier (IDFA) or participate in ad networks.
If we ever change this practice, we will request your permission through Apple's App Tracking
Transparency framework before any tracking occurs.
10. Children's Privacy
MyMediScribe is designed for use by healthcare professionals and is not intended for children under 18.
We do not knowingly collect personal information from children.
If healthcare providers document encounters with pediatric patients, that information is protected
under HIPAA and handled with the same security measures as all patient data.
11. International Data Transfers
Your data is processed and stored in the United States using HIPAA-compliant infrastructure.
If you access our services from outside the U.S., your information will be transferred to and processed
in the U.S. By using our services, you consent to this transfer.
12. California Privacy Rights (CCPA/CPRA)
California residents have additional rights:
- Right to Know: What personal information we collect and how it's used
- Right to Delete: Request deletion of your personal information
- Right to Opt-Out: We do not sell personal information
- Right to Non-Discrimination: We won't discriminate against you for exercising your rights
To exercise these rights, contact us at privacy@mymediscribe.com.
13. Nevada Privacy Rights
Nevada residents may opt out of the sale of personal information. We do not sell personal information,
but you may submit a request to privacy@mymediscribe.com
with subject line "Nevada Do Not Sell Request."
14. Changes to This Policy
We may update this Privacy Policy from time to time. When we make significant changes:
- We will update the "Effective Date" at the top
- We will notify you via email or in-app notification
- We will provide a summary of key changes
Continued use of MyMediScribe after changes constitutes acceptance of the updated policy.
15. Contact Us
For questions, concerns, or to exercise your privacy rights:
AI Driven Healthcare Solutions, LLC
5284 Floyd Rd SW, Suite 1001
Mableton, GA 30126
Email: privacy@mymediscribe.com
Support: support@mymediscribe.com
Phone: (404) 731-8400
© 2026 AI Driven Healthcare Solutions, LLC. All rights reserved.