FAQs and Troubleshooting
      Back to home
      1. Public Knowledge Base
      2. FAQs and Troubleshooting

      How Zanda AI Note Scribe Works: Keeping Your Data Safe and Secure

      This article has been written to share with patients to explain how the AI Note Scribe by Zanda improves the quality of your sessions and explains how your data is securely managed.

      The AI Note Scribe tool by Zanda allows your practitioner to automatically transcribe your session and have a note draft produced. This feature helps your practitioner to produce more accurate notes while having more time to focus on engaging with you during the session.

      • AI Powered Scribe: With your consent, your practitioner may have the transcription service running which will convert the discussion into text in real time. At the end of the session, the tool then creates a draft of the notes based on what was discussed. This helps save time while ensuring that nothing important is missed. While the AI provides a draft, your practitioner will review and personalize the notes to make sure they reflect the session accurately.
      • AI Note Refine: Your practitioner may use an AI powered editor to refine the note draft to improve formatting and structure. As above, your practitioner will be able to review the output for accuracy and make any changes required.

      How We Protect Your Data

      Your privacy and trust are our top priority. The AI feature is built with strict security standards to keep your personal and session information safe. Here's how your data is protected:

      • Confidentiality: All information shared in the sessions is kept confidential. The AI feature uses encryption to ensure that your data is securely stored and transmitted. Only your practitioner will be able to see the transcription and note draft. No data is stored by the AI service or used to train any AI models.

      • Compliance with Data Protection Laws: The AI feature is fully compliant with data protection laws including GDPR, HIPAA, Australia’s Privacy Act and more, which ensures that your data is handled with the highest level of care and security.

      In short, the AI feature helps your practitioner to keep accurate records without compromising your privacy. It’s designed to make the process easier, safer, and more efficient, so that your practitioner can focus on what truly matters: your well-being.

      If you have any concerns or questions about how your data is handled, please discuss this with your practitioner. You can also review the FAQs below for more information:

      About the services Zanda AI Note Scribe uses:

      Zanda Health:

      • Zanda Health is a leading Practice Management System used by healthcare professionals. Zanda securely stores patient information including session notes. The AI Scribe is an AI-powered feature in Zanda Health for transcribing and producing session notes. 

      Transcription Service:

      • Zanda uses Amazon Web Service (AWS) Transcription for transcribing the sessions. AWS is an industry leading AI service that converts speech to text in real time. AWS meets rigorous industry standards for security and compliance and does not retain or store any session data after processing. Zanda has a zero data retention agreement with AWS. All API calls are encrypted with SSL/TLS to ensure data security.

      Note Summarization and AI Actions:

      • Zanda is using the AWS Bedrock service to access an industry leading LLM (large language model) for generating the note draft summary and for performing updates to the note. Data is encrypted in transit and at rest. No data is used to train the AI model, and all information is processed securely in real-time.

      FAQs

      • Who can view the transcript?
        Only authorized users who can log in to a Zanda account can view the note and transcript. The transcript and note content are double encrypted in the database and not visible to the Zanda team. AWS who provide the AI service do not store the transcript. 
      • Are the recordings stored?
        Zanda streams the audio to the transcription service, who returns the transcription text back Zanda for processing in real time. There is no storage of the audio for the recorded session, and Zanda only store the text based transcription output which is double encrypted in the database.
      • Will my data be used to train the AI model?
        No, the service (AWS) does not use any data input out output for training their own or any third party model providers. 
      • How accurate is the transcription output?
        Zanda uses a highly accurate automatic speech recognition service that handles a wide range of speech and acoustic characteristics, including variations in volume, pitch, and speaking rate. The quality and content of the audio signal (such as background noise, overlapping speakers, accented speech, or switches between languages within a single audio file) may affect the accuracy of output. While this is an industry leading service, it is expected that on occasion some words may not be transcribed accurately given the variety of factors that can affect speech recognition.
      • How accurate is the note output?
        Zanda delivers an extensively fine-tuned instruction to the LLM service to control the information being returned to ensure that it is is healthcare specific and based on the information provided in the transcript, note draft, context notes, and AI prompting. The instructions have been built by practitioners in line with healthcare documentation standards. It is recommended that the practitioner reviews all note output content as the practitioner remains responsible for the documentation.
      • Where is the transcription and note draft content stored?
        The transcription, note content, and context notes are double encrypted at rest in the database in a region according to your Zanda account region.
      • Do the Scribe and Refine features comply with data protection laws?
        Yes, the Scribe & Note Refine features are compliant with GDPR, HIPAA and other regional laws. AWS services and Zanda are designed to meet healthcare industry regulations, ensuring patient information is handled in accordance with legal and ethical standards.
          1. HIPAA Compliance: Adheres to U.S. HIPAA regulations, safeguarding protected health information (PHI) with robust privacy and security measures.
          2. GDPR: Full compliance with EU and UK GDPR, ensuring lawful data processing, minimization, and protection of data subject rights.
          3. Regional Laws: Complies with other key regulations, including Australia’s Privacy Act, Canada’s PIPEDA, South Africa’s POPIA, and California’s CCPA.
          4. ISO 27001 Certification: This certification demonstrates that we have implemented stringent security measures to protect sensitive information and maintain data integrity.
          5. Business Associate Addendum (BAA): We had signed a binding BAA agreement with AWS covering all the services included in the AI functionality. We offer the same standardized BAA for customers, providing them a secure environment to process, maintain, and store PHI.