Privacy Policy
NORHI Scribe — AI Clinical Documentation
Last updated: March 26, 2026
No Public Cloud — Your Data Stays in Canada
The NORHI Scribe service is designed and operated so that personal information and health information is processed and stored on Canadian infrastructure under the exclusive control of Northern Health Innovations Inc. AI inference is performed using locally deployed models on NORHI-controlled hardware, and NORHI does not transmit such data to any third-party AI service or model provider.
Audio from clinical encounters is processed in memory and, by design, is not written to disk or other persistent storage. Only the resulting text transcription is stored.
1. About This Policy
This Privacy Policy describes how Northern Health Innovations Inc. ("NORHI", "we", "us") collects, uses, discloses, and protects personal information in connection with the NORHI Scribe clinical documentation service ("Service"). This policy is designed to comply with the Personal Information Protection and Electronic Documents Act (PIPEDA) and applicable provincial health information privacy legislation.
This Privacy Policy supplements NORHI's General Privacy Policy available at https://norhi.ca/privacy/, which is incorporated by reference. The General Privacy Policy governs NORHI's corporate websites, account registration, and business communications. Where this Privacy Policy addresses matters specific to the NORHI Scribe service, including the handling of clinical data, retention periods, and security measures, this Privacy Policy takes precedence over the General Privacy Policy.
NORHI is a Canadian corporation. Our principal office is located at 5600-100 King Street West, Toronto, Ontario M5X 1A9.
2. Definitions
"Clinician" means the licensed healthcare professional who subscribes to and uses the Service.
"Patient" means any individual whose clinical encounter is recorded or documented using the Service.
"Personal Information" has the meaning set out in PIPEDA and includes any information about an identifiable individual.
"Personal Health Information" means information about an identifiable individual that relates to the individual's physical or mental health, the provision of health care, or a health number, as defined under applicable provincial legislation.
3. Information We Collect
3.1 Account Information
When you subscribe to the Service, we collect:
- Email address (used as your account identifier)
- Name
- Payment information (processed by Helcim; NORHI does not store credit card numbers)
3.2 Clinical Data
When you use the Service, the following data is created and processed:
| Data Type | Description | Retention |
|---|---|---|
| Audio from clinical encounters | Audio segments captured through your microphone, transmitted to NORHI servers, and processed in memory only — by design, not written to disk or other persistent storage | Not retained; in-memory processing only |
| Transcriptions | Text generated by AI speech recognition from audio | 90 days |
| Clinical notes | AI-generated structured notes (SOAP, consult, brief communication) | 90 days |
| Hand notes | Free-text notes entered by the Clinician | 90 days |
| Encounter metadata | Encounter title, disposition, timestamps | 90 days |
3.3 Technical Data
We automatically collect:
- IP address (for security, audit logging, and session management)
- Login timestamps and session duration
- Browser type and operating system (from HTTP headers)
We do not use cookies for tracking or advertising. Session cookies are used solely for authentication and are deleted when you log out or after eight hours of inactivity.
4. How We Use Your Information
| Purpose | Data Used | Legal Basis (PIPEDA) |
|---|---|---|
| Provide the Service | Audio (in-memory only), transcriptions, clinical notes | Consent (subscription agreement) |
| Account management | Email, name, login data | Contractual necessity |
| Payment processing | Payment information (via Helcim) | Contractual necessity |
| Security and fraud prevention | IP address, login attempts, audit logs | Legitimate interest |
| Service improvement | Aggregate, de-identified usage statistics only | Legitimate interest |
We do not:
- Use your clinical data (audio, transcriptions, or notes) to fine-tune AI models or otherwise modify model weights. Audio is processed in memory only and immediately discarded; transcriptions and notes are not incorporated into any AI model.
- Share, sell, or disclose your personal information to third parties for marketing purposes.
- Use automated decision-making that produces legal or similarly significant effects on individuals.
- Transfer your data outside of Canada, other than as required by law.
5. Data Storage and Security
5.1 Infrastructure
All data is stored and processed on infrastructure that is:
- Physically located in Canada
- Under the exclusive control of NORHI (no public cloud providers)
- Protected by network-level segmentation (separate application, database, and storage networks)
- Connected via encrypted WireGuard mesh networking
5.2 Security Measures
- TLS encryption for all data in transit, including audio segments from browser to server
- Encrypted database connections
- Mandatory two-factor authentication (TOTP) for all user accounts
- Minimum 12-character password requirement with account lockout
- Eight-hour session timeout
- Complete audit trail of all account and data access events
- Automated 90-day data purge for text-based clinical data
- Logical data isolation between users
5.3 Audio Processing
Audio from clinical encounters is captured in short segments in the Clinician's browser and transmitted to NORHI's on-premises servers via encrypted connection (TLS). Each audio segment is held in server memory (RAM) only for the duration required to perform speech recognition (typically seconds). Upon completion of transcription, the audio data in memory is released and garbage collected. By design, audio is not written to disk, object storage, database, backup media, or other persistent medium, and NORHI does not create, store, or retain audio files.
6. Data Retention
Text-based clinical data (transcriptions, clinical notes, hand notes, and encounter metadata) is automatically and permanently deleted ninety (90) days after creation. This deletion is performed by an automated process that runs daily. Deleted data cannot be recovered.
Audio from clinical encounters is not retained at all. Audio exists only transiently in server memory during speech recognition processing and is never persisted to any storage medium.
Account data (email, name, login history, audit logs) is retained for the duration of the subscription and for ninety (90) days after account deactivation. To the extent the General Privacy Policy specifies a different retention period for account information, this Section 6 governs for NORHI Scribe accounts.
Payment records are retained by Helcim in accordance with their privacy policy and applicable tax law requirements.
7. Disclosure of Information
NORHI does not disclose your personal information except in the following limited circumstances:
- Legal requirement: Where disclosure is required by law, regulation, or court order.
- Payment processing: Your payment information is shared with Helcim solely for the purpose of processing subscription payments. Helcim is a Canadian payment processor subject to PCI DSS requirements.
- With your consent: Where you have provided explicit, informed consent to a specific disclosure.
NORHI does not have sub-processors for clinical data. All clinical data processing is performed by NORHI's own infrastructure and employees.
8. Clinician's Obligations Regarding Patient Information
As the Clinician, you act as the custodian or controller of any patient personal health information processed through the Service. NORHI processes this information on your behalf as a service provider.
You are responsible for:
- Obtaining informed consent from patients before recording clinical encounters.
- Complying with applicable privacy legislation governing the collection, use, and disclosure of personal health information in your jurisdiction (e.g., PHIPA, HIA, FIPPA).
- Ensuring that clinical documentation exported from the Service is managed in accordance with your professional and legal obligations regarding medical records.
- Notifying NORHI immediately if you become aware of any unauthorized access to patient information.
9. Your Rights
Under PIPEDA, you have the right to:
- Access: Request a copy of the personal information we hold about you.
- Correction: Request correction of inaccurate personal information.
- Withdrawal of consent: Withdraw your consent to the collection, use, or disclosure of your personal information, subject to legal or contractual restrictions. Withdrawal of consent may result in the inability to provide the Service.
- Complaint: File a complaint with the Office of the Privacy Commissioner of Canada if you believe your privacy rights have been violated.
To exercise any of these rights, contact us at privacy@norhi.ca.
10. Children
The Service is intended for use by licensed healthcare professionals. We do not knowingly collect personal information from individuals under the age of 18. If a minor's personal health information is included in a clinical encounter, the Clinician is responsible for ensuring appropriate consent has been obtained.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by sending notice to your registered email address at least thirty (30) days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the revised policy.
12. Privacy Officer
For questions, concerns, or requests regarding this Privacy Policy or NORHI's privacy practices, contact our Privacy Officer:
Northern Health Innovations Inc.
Attention: Privacy Officer
5600-100 King Street West
Toronto, Ontario M5X 1A9
Canada
Email: privacy@norhi.ca
Phone: (647) 601-5499
Toll-free: (844) 283-3615