Is DeepScribe safe with your data?

DeepScribe

DeepScribe, Inc.

40/100

Weak disclosure · high confidence

DeepScribe earns a D (40/100) because it leaves much about its data practices unstated.

#168

of 177 apps ranked

score · Healthcare avg 45

-5

vs category average

Grade scaleA · 85–100B · 70–84C · 55–69D · 40–54F · 0–39

DeepScribe cites its HIPAA Business Associate role and a clear no-sale stance, and it names the third parties it shares with and the standard it applies to government requests. The policy says nothing about AI model training, user deletion rights, breach notification, or named international transfer safeguards, and its retention language is vague. Those gaps place it at the bottom of the D band. The score comes from real silences, not a harmful reserved right, so no dealbreaker applies.

What DeepScribe's privacy policy says about your data

Does not sell data

The policy states the company "is not in the business of selling your information," which earns full credit on the ad-sale indicator and carries no dealbreaker.

HIPAA Business Associate limit

For Protected Health Information the company acts as a Business Associate under an agreement that "prohibits us from using or disclosing the Protected Health Information in ways that are not permissible," a strong special-category limit.

Vague retention, no deletion timeline

Retention is governed only by keeping data "for as long as it remains necessary," and the company may "retain or destroy, at our discretion" with no stated deletion period or user deletion right.

Silent on training and transfer safeguards

The policy never addresses whether inputs or audio train AI models. It confirms data moves to US servers but names no SCCs, adequacy decision, or DPF safeguard for that transfer.

What the policy is silent or vague on

Not stated: keeping user inputs out of model training
Not stated: a way to opt out of training
Not stated: whether training use differs by plan
Not stated: your ownership of generated outputs

DeepScribe privacy rating

Training-data use0 of 4 disclosed

Keeps user inputs out of model training, or makes training opt-inSilent

Names a way to opt out of or into trainingSilent

Says whether training use differs by plan or tierSilent

Lets the user keep ownership of generated outputsSilent

Data-subject rights2 of 5 disclosed

Grants a right to access your dataPartial

Grants a right to delete your dataSilent

Offers data portability in a usable formatSilent

Grants a right to correct your dataDisclosed

Grants a way to object to or opt out of processingDisclosed

Retention and deletion0 of 4 disclosed

States a retention period for your dataPartial

States a deletion timeline after closure or requestSilent

Sets a shorter retention for AI conversation logsSilent

Commits to collecting only the data it needsPartial

Third-party sharing3 of 5 disclosed

Lists the categories of third parties it shares withDisclosed

References a sub-processor list or data processing agreementPartial

Does not sell or share data for advertising, or offers opt-outDisclosed

Names a safeguard for international data transfersSilent

States a standard for government and law-enforcement accessDisclosed

Transparency1 of 4 disclosed

Discloses that you are interacting with AIPartial

Marks AI-generated or synthetic outputNot applicable

Enumerates the categories of data it collectsDisclosed

Maps processing purposes to legal basesPartial

Is versioned and dated, with change noticePartial

Sensitive data and children2 of 2 disclosed

Discloses automated decisions and a human-review pathNot applicable

Limits the use of special-category dataDisclosed

Governs biometric data specificallyNot applicable

States protections for children's dataDisclosed

Security and accountability0 of 3 disclosed

Describes its security safeguardsPartial

Commits to breach notificationSilent

Names a certification or a privacy contactPartial

DisclosedPartialSilentAdverseNot applicable

Details

Category: Healthcare
Modalities: text, audio
Processes biometrics: No
Policy last updated: Not stated
Region scored: Global / US-default
Assessed: 2026-06-20

Read DeepScribe's privacy policy

Other healthcare apps

Each grade reflects our analysis of what an app states in its public privacy policy and terms as of the assessment date. It measures the transparency of those documents, not the company's actual data practices, security, or compliance. Grades are our opinion, offered for general information. Full disclaimer.