# Privacy Policy
*Last updated: February 2026*
## Overview
Dr SignOut ("we", "our", or "us") is committed to protecting your privacy and the privacy of your patients. This Privacy Policy explains how we collect, use, and safeguard information when you use our AI-powered patient handoff service.
## HIPAA Compliance
Dr SignOut is designed to be HIPAA-compliant. We have implemented appropriate physical, technical, and administrative safeguards to protect Protected Health Information (PHI).
## Information We Collect
### Information You Provide
- Account information (name, email, password)
- Practice information (hospital, specialty)
- Payment information (processed securely via Stripe)
### Information Processed Temporarily
- Dictated patient information for AI extraction
- Sign-out documents you create
**Important:** Patient data is processed in real-time and is NOT stored on our servers after your session ends.
## How We Use Information
- To provide the sign-out extraction service
- To generate PDF documents
- To send sign-outs via email (if you choose)
- To improve our AI accuracy
- To communicate service updates
## Data Security
- All data is encrypted in transit (TLS 1.3)
- Temporary processing occurs in HIPAA-compliant AWS infrastructure
- We maintain a Business Associate Agreement (BAA) with AWS
- Regular security audits and penetration testing
## Data Retention
- **Patient Data:** Deleted immediately after document generation
- **Account Data:** Retained while your account is active
- **Payment Data:** Retained per legal requirements
## Your Rights
You have the right to:
- Access your account data
- Request deletion of your account
- Opt out of marketing communications
- Request a copy of this policy
## Contact Us
For privacy concerns or questions:
Email: privacy@drsignout.com
## Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of significant changes via email.