PatientScribe helps you remember what was discussed in medical consultations. Your privacy is fundamental to how we've designed this app. Your notes are generated automatically and may contain transcription or AI errors — they are a memory aid only, not medical advice, and you should check anything important with your healthcare provider before making medical decisions.

Who we are

PatientScribe is developed by DigiFrontiers, an Australian business (ABN 90 618 091 195). When this policy says "we", "us", or "our", it means DigiFrontiers.

What we collect

PatientScribe has no user accounts. We do not use analytics, advertising trackers, or profiling, and we do not collect behavioural usage data. To create your notes, PatientScribe sends your consultation audio to our servers in Australia, where it is transcribed and turned into notes. Your audio, transcript and notes are health-related information — we use them only to produce and deliver your notes, never to profile you, sell your data, or train AI, and they are deleted from our servers shortly afterwards (see "How we process your data" below).

When you record a consultation, your audio, transcript, and notes are processed and held on our servers in Australia to generate the notes and deliver them to your device during processing (see "How the app works" below). When you save or discard a consultation, the copies on our servers are deleted. If that does not happen, automatic deletion removes server audio after about 1 day, and the transcript and notes after about 7 days.

Recording is optional and is not required by law. If you choose not to record, or not to consent to processing, PatientScribe cannot transcribe that consultation or generate notes for it. Under our current configuration, your consultation content is processed and stored using Amazon Web Services regions in Australia, and we are not likely to disclose it to overseas recipients; if this changes, we will update this policy first.

How the app works

When you record a consultation:

  1. Audio is recorded on your device only after you choose to record and confirm that you have your healthcare provider's consent (and the consent of anyone else who will be recorded).
  2. Audio is uploaded to our secure servers in Australia for transcription (converting speech to text).
  3. The transcript is processed by AI to create your notes.
  4. Your notes and transcript are saved to your device.
  5. When you save or discard a consultation, the copies on our servers are deleted. If that does not happen, server audio is automatically deleted after about 1 day, and the transcript and notes after about 7 days.

What stays on your device

This data is stored locally on your iPhone. It is protected by iOS data protection and is excluded from iCloud backup. We do not have remote access to notes and transcripts stored on your device through the PatientScribe service, unless you choose to export or share them; the data remains subject to your device's security settings.

How we process your data

We operate our own servers on Amazon Web Services (AWS) in Australia. Under our current configuration, your consultation content is processed and stored in AWS regions in Australia.

Transcription: Your audio is processed by our self-hosted transcription service running on Amazon Web Services (EC2) in Sydney. Audio is encrypted in transit and at rest.

Note generation: Your transcript is processed by an AI language model (Anthropic's Claude) using Amazon Web Services Bedrock with an Australian inference profile to produce your notes. Your consultation content is not sent to Anthropic's own service — AWS runs the model on our behalf within Australia, and AWS states that Bedrock model providers do not access customer inputs or outputs. We do not use your consultation content to train AI models, and AWS states Bedrock inputs and outputs are not used to train Amazon or third-party models.

Automatic deletion: When you save or discard a consultation, the copies on our servers — including application storage, processing queues, and database records — are deleted. As a backstop, if that does not happen, server audio is automatically deleted after about 1 day, and the transcript and notes after about 7 days. We do not keep separate long-term backups of your consultation audio, transcripts, or notes.

No routine human access: Note generation is automated. DigiFrontiers personnel do not read, review, or listen to your recordings, transcripts, or notes in the normal course of providing the service, and we have no support workflow for human review of consultation content. AWS, as our infrastructure provider, processes your data on our behalf under contractual confidentiality and does not access your consultation content except as needed to operate and secure the service.

Data security

Third-party services

We use Amazon Web Services (AWS) in Australia as our cloud infrastructure provider to host and process consultation data. This includes AWS Bedrock for AI note generation, which runs Anthropic's Claude model within Australia.

We do not share your consultation data with any third-party transcription, analytics, or advertising services. AWS processes data on our behalf under terms that require protections consistent with this policy, and does not use your consultation content to train AI models.

For more information, see the AWS Data Privacy FAQ.

Your control

Access, correction and complaints

Your notes and transcripts are stored on your own device — you can view, correct, or delete them yourself at any time in the app, so you already have direct access to your information. We do not keep a central copy of your consultations: any copy on our servers is temporary and is deleted (see "Automatic deletion" above), so in general there is nothing for us to retrieve or hand over. If you have any other privacy request, concern, or complaint, contact us at support@patientscribe.com.au and we will respond within a reasonable time. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

Children's privacy

PatientScribe is intended for adults. If a consultation concerns a child, or a person who may not have capacity to consent, the user must obtain consent from a parent, guardian, or other legally authorised person where required.

Changes to this policy

If we update this policy, we will post the new version here with an updated date.

Contact

Questions about this privacy policy? Contact us at support@patientscribe.com.au