ScribeMDPro Privacy Policy
Last Updated: July 2026
1. Data Minimization & Zero-Retention Policy
ScribeMDPro is built on a foundational philosophy of data minimization. Your patient conversations are confidential, and we treat them as such:
- Audio Data Processing: When a physician records a consultation, the audio stream or file is transmitted securely using end-to-end encryption (TLS 1.2/1.3) to our transcription processing pipeline.
- Immediate Deletion: Once the text transcription and structured SOAP note are delivered to the user's browser interface, the raw audio file is permanently deleted from our servers. We do not keep, log, store, or archive the audio files.
- No AI Training on Patient Data: ScribeMDPro explicitly guarantees that your clinical text outputs and patient audio files are never used, cached, or sold to train public large language models (LLMs) or speech-to-text algorithms.
2. Compliance and Local Regulatory Alignment
Our infrastructure maps directly to strict international and regional data sovereignty guidelines:
- HIPAA & SOC 2 Standards: Data is encrypted at rest and in transit using industry-standard AES-256 encryption metrics.
- Regional Protection Acts: We respect regional data protection acts (such as Nigeria's NDPR or East Africa's data privacy frameworks). Because we do not permanently store or retain patient health identifiers (PHI) on our backend infrastructure, ScribeMDPro acts purely as a transient data processor, minimizing your facility's data exposure risks.
3. Third-Party Edge Processors
To provide our multilingual capabilities, ScribeMDPro partners with secure infrastructure APIs (such as OpenAI's zero-data-retention endpoints). These technical partners are contractually bound to process data transiently with strict data privacy protocols enabled, ensuring your data never enters public AI pools.
See also our Terms of Service.