イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

カ

サ

ア

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

カ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

カ

サ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

エ

カ

サ

ア

ク

イ

ケ

セ

エ

カ

サ

ア

ク

ス

ウ

コ

ソ

オ

キ

シ

イ

ケ

セ

Privacy Policy

Last updated: 1 March 2026

1. Overview & Our Entity

TeleScribe is operated by Black Health Intelligence Pty Ltd (ABN: 23 693 026 112), an Australian company (“we”, “us”, “our”). The business name “telescribe” is registered with ASIC under the Business Names Registration Act 2011.

We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we collect, use, disclose, and protect personal information in connection with the TeleScribe platform.

2. Information We Collect

We collect only information that is reasonably necessary for the provision of our clinical documentation service (APP 3):

Account information — email address, full name, provider number, practice name, and specialty, collected at registration.
Clinical data — transcripts and clinical notes generated through the platform, stored within your account.
Audio recordings — consultation and meeting audio is processed in-memory only and is never stored. Audio exists in your browser's memory during the consultation or meeting session and is discarded immediately after transcription. No audio is written to disk, uploaded to permanent storage, or retained by TeleScribe or any third party.
Meeting consent logs — for meeting-minutes mode, we store consent acknowledgements (participant count, method, timestamp, and withdrawing events) to support legal and audit obligations.
Usage data — anonymised analytics (page views, feature usage) collected via Vercel Analytics to improve the service.
Payment information — processed securely by Stripe. We do not store credit card numbers or payment card details.

3. How We Use Your Information

We use your personal information only for the following purposes (APP 6):

Providing the clinical documentation service (transcription and note generation)
Account management and authentication
Service quality, performance monitoring, and improvement
Security, fraud prevention, and abuse detection
Compliance with legal obligations

We do not use patient data to train AI models. We do not sell, rent, or share personal information for marketing purposes.

4. AI and Data Processing

TeleScribe uses third-party AI services for transcription (Deepgram, OpenAI, and Groq — with automatic failover across multiple providers for reliability) and clinical note generation (OpenAI GPT-4.1-mini for standard and quality-tier notes, Anthropic Claude for premium-tier notes). Only healthcare-safe AI providers are used — all process data under API data usage policies that prohibit the use of API input/output data for model training. Our use of these AI services complies with the OAIC's Guidance on Privacy and the Use of Commercially Available AI Products (October 2024), including data minimisation, purpose limitation, and security assessment obligations.

TeleScribe is a documentation aid only. It does not provide clinical decision support, diagnostic suggestions, or treatment recommendations. This is consistent with the TGA's Digital Scribes guidance (5 February 2026) and the broader SaMD classification framework — documentation-only tools that do not influence clinical decisions are not classified as software-based medical devices under the Therapeutic Goods Act 1989.

5. Cross-Border Data Disclosure

AI processing (transcription and note generation) is performed via US-based API providers (Deepgram, OpenAI, Groq, and Anthropic) under contractual protections that prohibit the use of submitted data for model training or any purpose beyond providing the requested service (APP 8).

Core data storage (accounts, notes, transcripts) remains in Australia. We are actively evaluating Australian-hosted AI processing alternatives as they become available.

6. Data Storage and Security

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access (APP 11):

Data stored in Australian-region Supabase infrastructure
Row Level Security (RLS) ensuring users can only access their own data
TLS encryption for all data in transit
Encryption at rest for all stored data
Role-based access control for internal operations
Audit logging for data access events

7. Australian Privacy Principles (APPs)

We are committed to compliance with all 13 Australian Privacy Principles under the Privacy Act 1988. Key areas addressed:

APP 1 — Open and transparent management: this privacy policy
APP 3 — Collection: only information reasonably necessary
APP 5 — Notification: this policy notifies you at or before collection
APP 6 — Use and disclosure: only for stated purposes
APP 8 — Cross-border disclosure: contractual protections with US providers
APP 11 — Security: technical and organisational measures
APP 12/13 — Access and correction: see “Your Rights” below

8. Patient Consent and Clinician Obligations

In accordance with RACGP and Avant guidance on AI-assisted clinical documentation, clinicians using TeleScribe are responsible for:

Obtaining informed patient consent before using AI scribes during consultations
Ensuring consent covers: audio recording, AI-assisted drafting, clinician review of all outputs, and third-party processing
Offering patients the option to opt out without penalty
Documenting consent in the patient record
For meeting-minutes mode, confirming all participants were informed and consented before recording starts
Complying with state and territory listening/surveillance device laws, including all-party consent where required

TeleScribe provides template consent wording that clinics can adapt for their practice.

9. Data Retention and Deletion

Audio — never retained. Processed in-memory only and discarded after transcription.
Notes and transcripts — retained in your account until you delete them. You can delete individual encounters or notes at any time.
Account data — retained while your account is active. Account deletion is available on request by contacting office@telescribe.com.au.

10. Data Breach Notification

We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988. In the event of an eligible data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required by law.

11. Third-Party Services

Supabase — Australian-region database, authentication, and storage
Deepgram — nova-3-medical speech-to-text transcription (US-based, SOC 2 Type II certified, HIPAA BAA available, API data not used for training)
OpenAI — Whisper API for audio transcription, GPT-4.1-mini for standard and quality-tier note generation (US-based, API data not used for training)
Groq — Whisper-large-v3-turbo Layer 4 transcription fallback (US-based, API data not used for training)
Anthropic — Claude API for premium-tier clinical note generation (US-based, API data not used for training)
Stripe — payment processing (PCI-DSS compliant)
Resend — transactional email for document delivery, referral letter emailing, and patient resource sends (US-based)
Vercel — hosting, analytics, and performance monitoring

We maintain contractual protections with each third-party provider regarding the handling of personal information.

12. Your Rights

Under APP 12 and APP 13, you have the right to:

Access the personal information we hold about you
Request correction of inaccurate or incomplete information
Request deletion of your personal information and account
Complain to the Office of the Australian Information Commissioner (OAIC) if you believe your privacy has been breached — www.oaic.gov.au

13. Changes to This Policy

We may update this privacy policy from time to time. Material changes will be communicated via email notification to registered users and by updating the “Last updated” date at the top of this page. Continued use of TeleScribe after changes constitutes acceptance of the updated policy.

14. Contact Us

For privacy inquiries, data access requests, or complaints, contact our privacy officer:

Email: office@telescribe.com.au

Black Health Intelligence Pty Ltd (ABN: 23 693 026 112)