Back to Home

Privacy Policy

Last updated: December 18, 2025

1. Information We Collect

ChiroScribe collects information you provide directly, including your name, email address, and any patient data you enter into the system. We also collect audio recordings that you submit for transcription purposes.

2. How We Use Your Information

We use your information to provide and improve our services, including:

  • Processing audio recordings into SOAP notes
  • Managing your patient records
  • Communicating with you about your account
  • Improving our AI transcription services

3. Data Security

We implement industry-standard security measures to protect your data. All data is encrypted in transit and at rest. We do not sell your personal information or patient data to third parties.

4. HIPAA Compliance

ChiroScribe is designed with healthcare privacy in mind. We implement appropriate safeguards to protect Protected Health Information (PHI) in accordance with HIPAA requirements. Business Associate Agreements (BAA) are available for Enterprise customers.

5. Audit Logging & Access History

To comply with HIPAA requirements and ensure the security of your health information, ChiroScribe maintains comprehensive audit logs of all access to Protected Health Information (PHI). These logs record:

  • Who accessed patient records and when
  • What actions were performed (view, create, update, delete)
  • IP address and device information for security monitoring
  • Search queries performed on patient data

As required by HIPAA §164.528, patients have the right to request an "accounting of disclosures"—a report of who has accessed their health information. You may request this report by contacting us at support@chiroscribe.io. Audit logs are retained for a minimum of 6 years as required by HIPAA regulations.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. You may request deletion of your data at any time by contacting us.

7. Third-Party Services

We use third-party services to provide our platform:

  • Google - Authentication and Drive sync
  • OpenAI - AI transcription and SOAP note generation
  • Stripe - Payment processing

These services have their own privacy policies governing their use of your information.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Request an accounting of who has accessed your health information (HIPAA)

9. Contact Us

If you have questions about this Privacy Policy, please contact us at support@chiroscribe.io