Privacy Policy

Last Updated: December 2025

1. Introduction

ProfixMed AI ("we," "our," or "us") is committed to protecting the privacy of healthcare providers and their patients. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our AI-powered medical documentation platform.

As a healthcare technology provider, we are committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.

2. Information We Collect

Account Information

  • Name and email address
  • Professional credentials and specialty
  • Organization and practice information
  • Authentication credentials

Clinical Data (Protected Health Information)

  • Audio recordings of patient encounters
  • Transcriptions of medical conversations
  • Generated clinical documentation (SOAP notes, summaries)
  • Patient identifiers as entered by providers

Usage Information

  • Log data (IP address, browser type, access times)
  • Feature usage and preferences
  • Device information

3. How We Use Your Information

We use the information we collect to:

  • Provide and improve our medical documentation services
  • Generate clinical notes and summaries from recorded encounters
  • Authenticate users and maintain account security
  • Provide customer support
  • Comply with legal obligations and HIPAA requirements
  • Detect and prevent fraud or security incidents

4. How We Protect Your Information

We implement robust security measures to protect your data:

  • Encryption: AES-256 encryption at rest, TLS 1.2+ in transit
  • Access Controls: Role-based access with least privilege principles
  • Audit Logging: Comprehensive logging of all data access
  • Session Management: Automatic timeout after 15 minutes of inactivity
  • Infrastructure: Hosted on secure cloud providers (AWS, Supabase)

For detailed security information, please see our HIPAA Compliance & Security page.

5. Information Sharing

We do not sell, rent, or trade your personal information. We may share information with:

  • Service Providers: Third-party vendors who assist in providing our services (all bound by Business Associate Agreements)
  • EHR Systems: When you choose to sync data with your electronic health record
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specific retention periods include:

  • Clinical Data: Retained per your organization's policy and applicable regulations
  • Audit Logs: Retained for minimum 7 years per HIPAA requirements
  • Account Data: Deleted upon account termination request

7. Your Rights

You have the right to:

  • Access: Request a copy of your personal data
  • Correction: Request correction of inaccurate data
  • Deletion: Request deletion of your account and associated data
  • Export: Request an export of your data in a portable format
  • Withdraw Consent: Withdraw consent for optional data processing

To exercise these rights, visit Settings > Privacy or contact us at privacy@profixmed.com.

8. HIPAA Compliance

As a Business Associate under HIPAA, we:

  • Enter into Business Associate Agreements with covered entities
  • Implement required administrative, physical, and technical safeguards
  • Report security incidents and breaches as required
  • Ensure our subcontractors comply with HIPAA requirements
  • Maintain documentation of our compliance efforts

9. Cookies and Tracking

We use essential cookies to:

  • Maintain your authenticated session
  • Remember your preferences
  • Ensure security of the platform

We do not use cookies for advertising or third-party tracking purposes.

10. Children's Privacy

Our service is intended for use by healthcare professionals and is not directed to individuals under 18. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. Continued use of our service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

Privacy Officer
ProfixMed AI
Email: privacy@profixmed.com