Privacy Policy

Last Updated: April 3, 2026

1. Introduction

AIMS (AI Medical Scriber) ('we', 'our', or 'us') is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, store, and share your information when you use our website and services. This policy complies with HIPAA, CCPA/CPRA, and other applicable privacy laws.

2. Information We Collect

We collect the following types of information:

  • Account information (name, email, organization)
  • Site usage data and analytics
  • Technical information (IP address, browser type, device)
  • Protected Health Information (PHI) only when provided through an executed Business Associate Agreement (BAA)
  • Cookies and tracking technologies (see our Cookie Policy)

3. HIPAA Compliance

AIMS is committed to protecting all Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996 (45 CFR Parts 160 and 164), including the HITECH Act modifications and the 2013 Omnibus Rule.

We implement the following safeguards:

  • Administrative safeguards: Regular risk assessments, employee training, data access policies
  • Technical safeguards: AES-256 encryption at rest and in transit, access controls, audit logs, two-factor authentication
  • Physical safeguards: Secure data centers, physical access controls, disaster recovery plans

Covered entities must execute a Business Associate Agreement (BAA) with AIMS before transmitting any PHI. Contact us at jasmel@aimedicalscribe.com to request a BAA.

4. Data Retention and Disposal Policy

AIMS retains medical documentation records for a minimum of 6 years from the date of service barring any outstanding requests or issues. After this period:

  • Records are disposed of in a HIPAA-compliant manner by permanently deleting electronic PHI
  • Electronic backup records may be stored for longer periods for disaster recovery but are de-identified if retained past 6 years
  • Exception: Records subject to litigation holds will be retained until the hold expires

5. Quality Assurance Policy

AIMS follows rigorous quality assurance (QA) procedures for AI-generated documentation:

  • Automated checks: NLP algorithms scan all notes to detect potential errors
  • Manual auditing: A sample of visit notes are reviewed monthly by our clinical documentation specialists
  • Target accuracy: Our target is 98% accuracy on key documentation elements
  • Physician feedback: Doctors can report any errors found after submission

6. How We Use Your Information

  • To provide and improve our services
  • To process transactions and send related notifications
  • To respond to inquiries and provide customer support
  • To send marketing communications (with your consent)
  • To comply with legal and regulatory obligations
  • To prevent fraud and improve security

7. Sharing Your Information

We do not sell your personal information. We may share your information with: service providers operating on our behalf (subject to confidentiality agreements), legal authorities when required by law, or in connection with a merger, acquisition, or sale of assets. Any PHI shared is subject to an executed BAA.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access, correct, or delete your personal information
  • Object to the processing of your information
  • Request portability of your data
  • Withdraw consent at any time
  • File a complaint with a supervisory authority
  • HIPAA rights: Access your PHI, request amendments, receive a notice of privacy practices
  • CCPA/CPRA rights (California): Know what data is collected, delete data, opt out of sale/sharing of data

9. Data Security

We implement technical and organizational security measures designed to protect your information against unauthorized access, alteration, disclosure, or destruction. These include AES-256 encryption, two-factor authentication, continuous security monitoring, and regular vulnerability assessments. However, no method of transmission over the Internet or electronic storage is 100% secure.

10. AI & Data Notice

Our services use artificial intelligence to process and analyze data. AI models are trained on de-identified and aggregated data. We do not use identifiable PHI to train AI models without express consent. Users may opt out of AI training by contacting privacy@aimedicalscribe.com.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the 'Last Updated' date. We encourage you to review this policy periodically.

12. Contact

If you have questions about this Privacy Policy, contact us at: jasmel@aimedicalscribe.com

Important Medical Disclaimer

AIMS is an AI-powered administrative assistant. It is NOT a medical device, NOT a doctor, and does NOT provide medical advice, diagnosis, or treatment. All AI-generated content (including clinical notes, code suggestions, and diagnostic support) is for administrative and documentation assistance only. AIMS does not replace the professional judgment of a licensed healthcare provider. All clinical decisions must be made by qualified medical professionals. AIMS has not been cleared or approved by the U.S. Food and Drug Administration (FDA).

NOT MEDICAL ADVICEFOR ADMINISTRATIVE USE ONLYAI Assistant — Not a Doctor

FDA Notice

AIMS is not classified as a medical device by the FDA. The features described on this website, including clinical documentation support, code extraction, and clinical reasoning assistance, are intended solely for administrative and documentation purposes. They are not intended to diagnose, treat, cure, or prevent any disease. AIMS has not been evaluated or cleared by the FDA under 21 U.S.C. § 321(h) or any other provision of the Federal Food, Drug, and Cosmetic Act.

Medicare & Billing Notice

AIMS provides documentation and coding assistance tools only. It does not submit claims to Medicare, Medicaid, or any insurance payer on behalf of providers. All billing codes generated by AIMS must be reviewed, verified, and approved by a qualified healthcare professional before submission. The provider bears full responsibility for the accuracy of all claims submitted to CMS or any payer. AIMS does not guarantee reimbursement or claim approval.

HIPAA & Data Privacy

AIMS implements administrative, technical, and physical safeguards designed to protect protected health information (PHI) in accordance with HIPAA (45 CFR Parts 160 and 164). However, HIPAA compliance is a shared responsibility. Covered entities (healthcare providers, health plans, clearinghouses) must execute a Business Associate Agreement (BAA) with AIMS before using the platform with PHI. AIMS does not guarantee HIPAA compliance without a signed BAA and proper configuration by the covered entity.