Privacy Policy

Effective Date: October 18, 2025

Last Updated: October 17, 2025

Mindspeak Software (“we,” “us,” or “our”) is committed to protecting your privacy and maintaining the confidentiality of sensitive health information in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and all applicable laws.

This Privacy Policy explains how the app collects, uses, stores, and protects personal and protected health information (“PHI”) when used by licensed healthcare professionals in the United States.

1. Who This Policy Applies To

This product is for use exclusively as a Decision Support tool for Licensed Physicians and Licensed Nurse Practitioners only. This policy applies to licensed healthcare professionals using the app in the United States.

This policy does not apply to patients directly or to consumers who are not properly licensed.

2. Information We Collect

We do not collect personal or medical information from patients directly. Any data entered, uploaded, or generated via the app is handled as PHI by the healthcare provider using the app.

We may collect the following from users:

• User account information: name, email, medical license info, login credentials

• PHI inputs: patient notes, audio transcripts, diagnostic images (e.g. X-rays, EKGs) — as provided by the user

• Usage data: session logs, access times, feature usage (for security and performance improvement)

• Device data: operating system, version, crash logs

3. How We Use Information

We use your data to:

• Provide the core features of the app

• Generate AI-assisted documentation, SOAP notes, and clinical summaries

• Maintain audit logs for accountability and compliance

•Improve functionality and performance (only with de-identified data)

•Prevent misuse or unauthorized access

We do not use your data for advertising, profiling, or selling to third parties.

4. HIPAA Compliance

The app is designed to comply with HIPAA regulations and incorporates the following safeguards:

• Encryption of data in transit and at rest

• Use of HIPAA-compliant third-party services with signed Business Associate Agreements (BAAs)

• Role-based access controls

• Comprehensive audit logging

• No PHI stored unencrypted on any device

5. Data Security and Storage

All PHI is encrypted using AES-256 encryption standards and stored on HIPAA-compliant cloud infrastructure, currently provided by Microsoft Azure.

Security measures include:

• End-to-end encryption

• Encrypted backups

• Multi-factor authentication

• Limited internal access to data

6. User Responsibilities

As a licensed medical professional, you are responsible for:

• Ensuring patient consent where required

• Uploading only data that you are authorized to handle

• Securing your own login credentials

• Not sharing PHI in public or insecure environments

7. Third-Party Services

The app may integrate with the following HIPAA-compliant services:

• Microsoft Azure (hosting and infrastructure)

• Paubox (encrypted PHI email delivery)

• Azure OpenAI (for generating medical summaries)

All services operate under signed BAAs to maintain HIPAA compliance.

8. Data Retention

• AI-generated content is retained only as long as necessary for documentation and audit purposes.

• Audit logs are maintained for a minimum of 6 years for HIPAA compliance.

• Upon user account deletion, data may be anonymized or securely destroyed, subject to legal obligations.

9. Your Rights

As a user, you may:

• Request a summary of your account and access logs

• Request to delete your account

• Report any data concerns to our support team

10. Policy Changes

We may update this Privacy Policy periodically. Updates will be posted within the app or on our website. Continued use of the app after changes constitutes your acceptance of the updated policy.

11. Contact Information

If you have any questions or concerns about this policy, please contact:

Mindspeak Software

Email: info@mindspeaksoftware.com

Summary

We are committed to protecting your privacy and ensuring secure use of the app. All features are built to align with HIPAA standards and to support — not replace — clinical decision-making by licensed healthcare professionals.