Privacy

To produce a clinical note, Nextvisit GO processes the audio of a recorded session, the transcript generated from it, and the structured note you create from that transcript. We also store the account and team information needed to sign you in and bill your organization.

Session audio is streamed for real-time transcription and then discarded. It is not written to our database or to disk, and there is no audio file retained anywhere in our systems.

Interim transcript text lives only in your browser during a session. Only the finalized, clinician-edited transcript and the note you save are persisted. Nothing is filed without your review.

Sessions are tied to the clinician who recorded them and sit behind non-enumerable identifiers. Every query is scoped by user and team, so a clinician can only read their own sessions. Templates are shared at the team level.

Our activity log records that an action happened — a note was generated, a session was saved — never the transcript, the note, or the audio. Error logs carry identifiers and error codes only, not clinical content.

Transcription is performed by Deepgram and note generation by a model provider reached through OpenRouter. Both receive session content in the course of providing the service. A compliant deployment must put Business Associate Agreements in place with these providers and pin a configuration with no data retention or model training.

You can delete a session, which removes its transcript and note. A permanent delete purges that content outright rather than hiding it — PHI should be truly deletable, not just archived.

Questions about this policy or a data request can be directed to privacy@nextvisit.example.