1. Introduction
Voice Consultant AI ('we', 'us', 'our') is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, disclose, and safeguard your personal and protected health information when you use our clinical documentation platform.
2. HIPAA Compliance
Voice Consultant AI operates as a Business Associate under HIPAA. We maintain technical, administrative, and physical safeguards required to protect Protected Health Information (PHI). We will enter into a Business Associate Agreement (BAA) with all covered entities that process PHI through our platform. We comply with the HIPAA Security Rule, Privacy Rule, and Breach Notification Rule.
3. Information We Collect
We collect information you provide directly, including: account registration data (name, email, clinic name), clinical consultation audio recordings, AI-generated clinical notes, patient demographic data you enter, billing and payment information processed through our payment provider. We also collect usage data such as feature interactions, session duration, and error logs to improve our service.
4. How We Use Your Information
We use the information we collect to provide and improve the Voice Consultant AI platform, generate AI-powered clinical notes from your audio recordings, process payments, communicate service updates, ensure platform security and prevent fraud, comply with legal obligations, and analyse aggregated, de-identified usage patterns to improve our AI models.
5. Third-Party Service Providers
We share data only with carefully vetted sub-processors that have signed HIPAA-compliant BAAs where required. These include: OpenAI (transcription and note generation), Amazon Web Services (cloud infrastructure and storage), Stripe / Polar (payment processing — no PHI shared). We do not sell your data to any third party.
6. Data Security
We implement industry-standard security measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, SOC 2 Type II certified infrastructure, regular penetration testing and vulnerability scans, role-based access controls and audit logging, and automatic session expiry and MFA support.
7. Your Rights
Depending on your jurisdiction, you may have the right to access, correct, or delete your personal data; request data portability; withdraw consent for certain processing; opt out of marketing communications; request a copy of your Business Associate Agreement. To exercise these rights, contact us at privacy@voiceconsultantai.com.
8. Data Retention
We retain your account information for as long as your account is active. Clinical notes and audio recordings are retained for 7 years by default to support medical recordkeeping requirements, unless you request earlier deletion in accordance with applicable law. Billing records are retained for 7 years as required by tax regulations. Deleted data is purged from our systems within 30 days.
9. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact our Privacy Officer at privacy@voiceconsultantai.com or write to us at: Voice Consultant AI, Attn: Privacy Officer. We aim to respond to all privacy inquiries within 5 business days.
Privacy Contact
For all privacy-related enquiries, including HIPAA-related requests, please contact our Privacy Officer at privacy@voiceconsultantai.com. We aim to respond within 5 business days.