Privacy Policy

DoctorScribe is built for Canadian healthcare privacy law — PHIPA (Ontario), PIPEDA (federal) and Quebec's Law 25. This policy explains how we handle data.

Data residency

All data is stored and processed on servers physically located in Canada. Data is never transferred outside Canada.

The Privacy Vault

Consultation audio is processed in memory and is never written to disk or retained. Patient identifiers (name, date of birth, health card number) are encrypted at rest using PostgreSQL pgcrypto. Patients are referred to by an anonymised pseudonym before any AI processing step.

What we collect

Clinic and physician account details; patient records you create; consultation transcripts and the generated clinical notes; and operational logs that never contain patient health information.

Your rights

You may export all data held for your clinic at any time, and you may request erasure of your account and its data. Both are available from your account settings (data export and erasure endpoints).

Data retention

Records are soft-deleted and retained only for the legally required window before permanent purge. Encrypted database backups are kept on a rolling basis for disaster recovery.

Contact

For privacy questions, contact the clinic owner's designated privacy officer via doctorscribe.ca.