Back to Home

Privacy Policy

Last updated: April 6, 2026

1. Introduction

ezScribe ("we," "our," or "us") is committed to protecting your privacy and the privacy of your patients. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our HIPAA-compliant medical transcription service.

By using ezScribe, you agree to the collection and use of information in accordance with this policy.

2. HIPAA Compliance

ezScribe is designed to be compliant with the Health Insurance Portability and Accountability Act (HIPAA). We implement appropriate technical, administrative, and physical safeguards to protect Protected Health Information (PHI) as required by HIPAA regulations.

  • Encryption at Rest: All PHI, including transcriptions and clinical summaries, is encrypted using AES-128 encryption before storage.
  • Encryption in Transit: All data transmitted between your device and our servers is encrypted using TLS/SSL.
  • Access Controls: Only authenticated users can access their own transcription data.
  • Audit Logging: We maintain comprehensive audit logs of all access to PHI.
  • Automatic Data Deletion: Transcriptions are automatically deleted after 30 days to minimize data retention.
  • Session Timeout: User sessions automatically expire after 2 hours of inactivity.

3. Information We Collect

Account Information

When you create an account, we collect your name, email address, and password (stored in hashed form).

Audio Recordings and Transcriptions

When you use our transcription service, we temporarily process audio recordings to generate transcriptions and clinical summaries. Audio files are processed in real-time and are not permanently stored. Transcriptions and summaries are encrypted and stored for up to 30 days.

Patient Information

You may optionally enter patient names to organize your transcriptions. This information is encrypted and treated as PHI.

Usage Data

We collect information about how you interact with our service, including login times, feature usage, and IP addresses for security purposes.

4. How We Use Your Information

  • To provide and maintain our transcription service
  • To process audio recordings and generate clinical summaries
  • To authenticate your identity and maintain account security
  • To communicate with you about your account and service updates
  • To comply with legal obligations and HIPAA requirements
  • To improve our service and develop new features

5. Third-Party Services

We use the following third-party services to provide our transcription functionality:

  • OpenAI Whisper: For speech-to-text transcription processing
  • Google Gemini: For AI-powered clinical summary generation
  • MongoDB Atlas: For secure, encrypted database storage
  • Stripe: For secure payment processing (we do not store your payment card details)
  • SendGrid: For transactional email delivery

We have Business Associate Agreements (BAAs) in place with our third-party vendors that handle PHI, as required by HIPAA.

6. Data Retention

We retain your data according to the following schedule:

  • Transcriptions and Summaries: Automatically deleted 30 days after creation
  • Account Information: Retained until you request account deletion
  • Audit Logs: Retained for 6 years as required by HIPAA
  • Audio Recordings: Processed in real-time and not permanently stored

7. Your Rights

You have the right to:

  • Access your personal information and transcription history
  • Delete your transcriptions at any time
  • Request deletion of your account and all associated data
  • Receive a copy of your data in a portable format
  • Opt out of marketing communications

To exercise any of these rights, please contact us at support@ezscribe.net.

8. Security

We implement industry-standard security measures to protect your information, including encryption, secure authentication, access controls, and regular security assessments. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

ezScribe

Email: support@ezscribe.net