Privacy Policy
- Last Updated: June 13 , 2026
Welcome to Scribente (“Scribente,” “Company,” “we,” “our,” or “us”). We are committed to protecting the privacy, confidentiality, integrity, and security of the information entrusted to us by healthcare providers, patients, business partners, website visitors, and all individuals who interact with our services.
This Privacy Policy explains how we collect, use, store, disclose, process, and safeguard information through our website, communications, and healthcare support services, including but not limited to:
- Virtual Medical Scribe Services
- Virtual Medical Assistant Services
- Medical Receptionist Support
- Administrative Healthcare Support
- Insurance Verification Assistance
- Appointment Scheduling
- Patient Follow-Up Services
- Medical Documentation Support
- Front Desk Operations
- Remote Healthcare Staffing Services
- Other healthcare administrative and clinical support solutions
This Privacy Policy applies to all users of our website and services, including healthcare organizations, providers, staff members, contractors, and visitors.
By accessing or using our website or services, you acknowledge that you have read, understood, and agreed to the practices described in this Privacy Policy.
1. Our Commitment to Privacy and Security
Scribente understands the highly sensitive nature of healthcare-related information and recognizes the importance of maintaining strict confidentiality standards.
Protecting healthcare data is one of our highest priorities. We are committed to implementing appropriate administrative, physical, and technical safeguards to protect all personal information and Protected Health Information (“PHI”) from unauthorized access, disclosure, misuse, alteration, or destruction.
We continuously evaluate and improve our privacy and security measures to align with industry best practices, HIPAA requirements, and evolving cybersecurity standards.
2. Information We Collect
We may collect information directly from users, healthcare organizations, patients, website visitors, vendors, business partners, and through automated technologies.
A. Personal Information
We may collect personal information including:
- Full name
- Email address
- Phone number
- Company or practice name
- Job title
- Mailing address
- Billing information
- Payment-related information
- Employment information
- Communication preferences
- Information submitted through forms or consultations
B. Healthcare-Related Information
While providing healthcare support services, we may access or process Protected Health Information (“PHI”) and other healthcare-related data on behalf of healthcare providers and organizations.
This information may include:
- Patient names
- Dates of birth
- Contact information
- Appointment schedules
- Insurance details
- Clinical documentation
- Medical histories
- Treatment plans
- Prescription information
- SOAP notes
- Progress notes
- Diagnostic information
- EMR/EHR documentation
- Other healthcare records necessary for service delivery
Scribente does not own patient data. We process healthcare information solely on behalf of our healthcare clients and only as permitted under applicable agreements and laws.
This information may include:
C. Website Usage Information
When users interact with our website, we may automatically collect technical and usage information such as:
- IP address
- Browser type
- Device type
- Operating system
- Internet service provider
- Geographic location
- Referring URLs
- Website pages visited
- Time spent on pages
- Clickstream data
- Date and time of access
- User interactions with website features
D. Communication Information
We may retain records of communications, including:
- Emails
- Phone calls
- Contact form submissions
- Chat conversations
- Meeting requests
- Customer support interactions
These communications may be monitored or retained for quality assurance, compliance, training, and operational purposes.
3. How We Use Information
We use collected information for legitimate business and operational purposes, including:
Service Delivery
- Providing virtual healthcare staffing services
- Supporting medical documentation workflows
- Assisting with administrative healthcare operations
- Managing appointment scheduling and coordination
- Facilitating communication between healthcare providers and patients
- Assisting with patient intake and follow-up processes
Operational Purposes
- Managing business relationships
- Processing invoices and payments
- Providing customer support
- Improving internal workflows
- Training and quality assurance
- Monitoring performance and service effectiveness
Website and Technology Improvements
- Improving website functionality
- Enhancing user experience
- Understanding website traffic and engagement
- Diagnosing technical issues
- Preventing fraudulent or malicious activity
Compliance and Legal Obligations
- Complying with HIPAA and other healthcare regulations
- Responding to lawful requests
- Protecting legal rights and interests
- Enforcing contracts and policies
- Maintaining security and compliance records
4. HIPAA Compliance
Scribente recognizes the critical importance of maintaining compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
Where applicable, Scribente acts as a Business Associate to healthcare providers and healthcare organizations.
We maintain safeguards designed to protect Protected Health Information (“PHI”) in accordance with HIPAA requirements, including the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.
Our HIPAA Security Practices Include:
Administrative Safeguards
- HIPAA compliance training for team members
- Confidentiality and non-disclosure agreements
- Workforce access management
- Risk management procedures
- Internal compliance monitoring
- Limited PHI access based on job responsibilities
Technical Safeguards
- Secure login systems
- Password-protected systems
- Access controls
- Multi-factor authentication where applicable
- Encrypted communication systems
- Secure cloud-based platforms
- Session monitoring and access tracking
- Secure remote access procedures
Physical Safeguards
- Controlled device access
- Secure workstation policies
- Device monitoring and management
- Restricted access environments where applicable
Scribente only accesses PHI when necessary to provide contracted services and never uses healthcare information for unauthorized marketing, sales, or unrelated business activities.
We may enter into Business Associate Agreements (“BAAs”) with covered entities as required by HIPAA regulations.
5. Confidentiality Obligations
All Scribente staff members, contractors, virtual assistants, scribes, and support personnel are required to comply with strict confidentiality standards.
Our workforce is trained to:
- Handle sensitive information responsibly
- Maintain patient confidentiality
- Follow secure communication procedures
- Protect client and patient information at all times
- Report potential privacy or security incidents immediately
Unauthorized disclosure or misuse of confidential information may result in disciplinary action, termination, legal liability, and reporting obligations where required.
6. Information Sharing and Disclosure
Scribente does not sell personal information, patient information, or healthcare data.
We may share information only under limited circumstances, including:
A. With Healthcare Clients
We may share information with healthcare organizations and providers as part of service delivery and contractual obligations.
B. With Authorized Service Providers
We may use trusted third-party vendors and service providers to support our operations, including:
- Website hosting providers
- Secure communication platforms
- Cloud storage providers
- Scheduling systems
- Payment processors
- CRM systems
- Analytics tools
- IT and cybersecurity providers
These parties are expected to maintain appropriate confidentiality and security measures.
C. Legal and Regulatory Requirements
We may disclose information if required to:
- Comply with laws or regulations
- Respond to subpoenas or legal requests
- Protect legal rights or safety
- Investigate fraud or security threats
- Enforce agreements or company policies
D. Business Transfers
In the event of a merger, acquisition, restructuring, sale, or transfer of business assets, information may be transferred as part of the transaction, subject to appropriate confidentiality protections.
7. Cookies and Tracking Technologies
Our website may use cookies, tracking pixels, analytics tools, and similar technologies to improve website functionality and user experience.
Cookies may be used to:
- Remember user preferences
- Analyze traffic and website performance
- Improve navigation
- Support marketing and advertising campaigns
- Enhance website security
Users may manage or disable cookies through browser settings; however, disabling cookies may affect website functionality.
8. Third-Party Websites and Services
Our website may contain links to third-party websites, applications, or external platforms.
Scribente is not responsible for the privacy practices, security policies, or content of third-party websites or services.
Users are encouraged to review the privacy policies of any third-party websites they visit.
9. Data Security Measures
We implement commercially reasonable and industry-standard security measures designed to protect information from unauthorized access, disclosure, misuse, loss, alteration, or destruction.
Security measures may include:
- Secure servers
- Encryption technologies
- Access restrictions
- Firewall protections
- Secure cloud infrastructure
- Activity monitoring
- Device management policies
- Password management requirements
- Security awareness training
Despite our efforts, no internet-based system or electronic storage method can be guaranteed to be completely secure. Users acknowledge that all online systems carry inherent risks.
10. Data Retention
We retain information only for as long as necessary to:
- Provide services
- Meet legal obligations
- Comply with HIPAA requirements
- Resolve disputes
- Enforce agreements
- Maintain business records
- Support operational continuity
When information is no longer needed, we take reasonable measures to securely delete, anonymize, or destroy data in accordance with applicable laws and internal policies.
11. User Rights and Choices
Depending on applicable laws and jurisdictions, individuals may have certain rights regarding their personal information.
These rights may include:
- Accessing personal information
- Requesting corrections or updates
- Requesting deletion of information
- Restricting certain processing activities
- Opting out of marketing communications
- Requesting information about data practices
Requests may be subject to identity verification and applicable legal limitations.
12. Marketing Communications
Scribente may send communications related to:
- Service updates
- Business announcements
- Educational materials
- Industry insights
- Promotional content
Users may opt out of non-essential marketing communications at any time through unsubscribe links or by contacting us directly.
Operational and service-related communications may still be sent where necessary.
13. International Data Transfers
If users access our services from outside the United States, information may be transferred to and processed in countries where data protection laws may differ from those in the user’s jurisdiction.
By using our services, users consent to such transfers and processing where permitted by law.
14. Children's Privacy
Our services and website are not intended for individuals under the age of 13.
We do not knowingly collect personal information from children. If we become aware that information from a child has been collected without appropriate consent, we will take reasonable steps to delete such information.
15. Incident Response and Breach Notification
Scribente maintains internal procedures for identifying, responding to, and mitigating potential privacy and security incidents.
In the event of a data breach involving Protected Health Information or other sensitive information, we will take appropriate actions in accordance with applicable laws, contractual obligations, and HIPAA breach notification requirements.
16. Workforce and Subcontractor Compliance
Scribente may utilize remote personnel, contractors, virtual assistants, scribes, or subcontractors to support healthcare operations.
All workforce members and subcontractors are expected to:
- Follow HIPAA-related procedures
- Maintain confidentiality obligations
- Complete security and privacy training
- Use approved communication systems
- Adhere to internal compliance standards
Access to information is restricted based on operational necessity and role requirements.
17. Limitation of Liability
While Scribente takes significant measures to protect information, users acknowledge that no electronic system or transmission method can be completely secure.
To the maximum extent permitted by law, Scribente disclaims liability for unauthorized access, cyberattacks, service interruptions, or events beyond reasonable control.
18. Changes to This Privacy Policy
We reserve the right to modify or update this Privacy Policy at any time.
Changes will become effective upon posting the updated version on our website unless otherwise required by law.
Users are encouraged to review this Privacy Policy periodically.
19. Contact Information
If you have questions, concerns, or requests related to this Privacy Policy or our privacy practices, please contact us:
Scribente
20. Acknowledgment
By accessing or using Scribente’s website or services, users acknowledge that they have read, understood, and agreed to this Privacy Policy and the practices described herein.
Scribente remains committed to maintaining the confidentiality, integrity, and security of all information entrusted to us while delivering reliable healthcare support services to providers and organizations across the healthcare industry.