Privacy Policy

iNoteAid Privacy Policy

This Privacy Policy describes how iNoteAid collects, uses, and protects information collected from healthcare providers and their patients.

1. What We Collect

  • Personal Information: Name, NPI, email, practice information.
  • Protected Health Information (PHI): Patient data entered by healthcare providers.
  • App Usage Data: Device type, operating system, error reports, usage logs.

2. How We Use Your Information

  • To enable AI-powered medical documentation and workflow optimization.
  • To improve our models, dashboards, and overall system performance.
  • To ensure legal compliance and security monitoring.

3. How We Share Information

  • We do not sell or lease personal or health data. We may share it only with:
  • Cloud providers (AWS and Azure), under signed HIPAA-compliant BAAs.
  • Subcontractors who are under strict confidentiality and compliance obligations.
  • Governmental or legal authorities as required by law.

4. Hosting and Storage

  • All PHI is stored on HIPAA-eligible infrastructure:
  • Microsoft Azure: Azure OpenAI, Azure SQL, Blob storage under a signed HIPAA DPA.
  • Amazon Web Services: EC2, S3, RDS under a signed BAA.

5. Your Rights

  • You may request:
  • Access or export of your data.
  • Correction of inaccuracies.
  • Deletion of your account (if not restricted by contract or law).

6. Security Measures

  • 256-bit encryption for PHI at rest and in transit.
  • Identity verification for access controls.
  • Routine auditing and vulnerability scanning.

7. Policy Updates

  • We will notify users of any changes to this Policy. Please review it periodically.

Contact Us

Questions? Please email info@inoteaid.com.