Privacy Policy
This policy explains what information MLS collects through the MLS web application and the MLS Assist browser extension, how we use and protect it, and the choices available to the clinicians and practices who use our service.
Contents
- Who we are
- Information we collect
- How we use information
- Single purpose & limited use
- How information is shared
- Service providers / subprocessors
- HIPAA & Business Associate context
- Data retention
- Security
- The MLS Assist extension
- Your rights & choices
- Children's privacy
- Changes to this policy
- Contact us
1. Who we are
MLS is an ambient AI medical-scribe service operated by MLS Scribe LLC ("MLS," "we," "us," or "our"). MLS is built for spine, pain-management, and physical-medicine & rehabilitation (PM&R) practices. The service consists of the MLS web application (at mlsscribe.com) and the MLS Assist browser extension. Together they help a clinician capture a visit, draft a structured clinical note, suggest coding for the clinician's review, and place the finished note into the clinician's electronic medical record (EMR) only after the clinician explicitly approves it.
2. Information we collect
The information MLS processes depends on which parts of the service a clinician uses. It falls into the following categories.
Health and visit information
To draft clinical documentation, MLS processes the content a clinician chooses to capture during or about a patient visit. This may include visit audio and its transcript, dictation, text the clinician highlights or enters, and the protected health information contained in that material — for example symptoms, history, examination findings, assessments, plans, medications, diagnoses, and suggested procedure or diagnosis codes. When the clinician uses MLS to read an existing chart, MLS may process the patient and prior-visit information shown on that page so it can structure it into the clinician's MLS record.
Patient and clinician identifiers
MLS may process identifying details that appear in captured material or that a practice enters into MLS, such as patient names and identifiers, and clinician account details (name, email address, practice or specialty, and role). Account holders are clinicians and practice staff, not patients.
Authentication information
To connect securely to the MLS backend, the service uses your MLS login session. The MLS Assist extension reads your existing MLS authentication token (a session token) from an open, signed-in MLS browser tab and sends it to the MLS backend as a bearer credential so the backend can confirm the request is yours. A practice may instead configure an MLS API key. These credentials authenticate you to MLS only; they are not shared with your EMR vendor or any other third party.
Website and session content
When you actively use the MLS Assist panel on a web page (for example, your EMR), the extension reads content from that page — such as visible text, the structure of on-screen fields, and, for the supervised "autopilot" feature, a screenshot of the page — so it can place a note in the correct field or help you navigate. This content is processed to perform the action you requested. The extension stays dormant until you open its panel; it does not silently read pages in the background outside the features you invoke.
Account, billing, and support information
When a practice subscribes, we process account and billing information needed to manage the subscription (such as contact details and payment status). Card payments are handled by our payment processor; MLS does not store full card numbers. If you contact us for support or request a demo, we keep the information you provide so we can respond.
Limited technical and security information
We process basic technical information necessary to operate and secure the service, such as server logs, error reports, and records needed for security, auditing, and backups.
3. How we use information
We use the information described above only to provide and support the MLS service. Specifically, we use it to:
- transcribe captured audio and generate draft clinical notes, suggested coding, and related documentation for the clinician to review, edit, and sign;
- place an approved note into the clinician's EMR and, when requested, read chart information into the clinician's MLS record;
- authenticate users, maintain sessions, and keep the service secure;
- operate billing and provide customer support; and
- maintain, troubleshoot, back up, and improve the reliability of the service.
MLS produces draft documentation and coding suggestions for a clinician's independent review. It does not practice medicine, and the clinician remains responsible for the content of the medical record.
4. Single purpose & limited use
The single purpose of MLS and the MLS Assist extension is clinical documentation and coding support — helping a clinician create, review, and file medical notes. We do not use the data we process for any unrelated purpose. In particular:
- We do not sell or rent personal information or health information to anyone.
- We do not use or transfer the information for advertising, and we do not build advertising or marketing profiles from it.
- We do not use or transfer the information to determine creditworthiness or for lending purposes.
- We do not allow humans to read your health or visit content except in the limited ways described in this policy (for example, to provide support you request, or where required for security or by law).
5. How information is shared
We share information only as needed to run the service and as described here:
- With your practice. Information you create or capture in MLS is available to your own practice and authorized users within it, according to the roles your practice configures.
- With service providers (subprocessors). We use a small set of vendors to provide core functions such as AI generation, hosting, email, and payments. They may process information only to perform services for us, under contract. See the next section.
- For legal and safety reasons. We may disclose information if required by law, to respond to lawful requests, to enforce our agreements, or to protect the rights, safety, and security of users, the public, or MLS.
- In a business transfer. If MLS is involved in a merger, acquisition, or sale of assets, information may be transferred as part of that transaction, subject to this policy.
We do not share your information with EMR vendors except to carry out the action you direct — for example, when you approve placing a note into your own EMR session.
6. Service providers / subprocessors
MLS relies on the following categories of providers. We work to put appropriate data-protection terms, including Business Associate Agreements where applicable, in place with providers that process health information on our behalf.
| Provider | Role | What it processes |
|---|---|---|
| OpenAI | AI model provider used to transcribe audio and generate draft notes and coding suggestions | The transcript / text the clinician submits for a given generation request |
| Render | Cloud hosting for the MLS backend | Data stored and processed by the MLS application |
| Stripe | Payment processing for subscriptions | Billing and payment information (not health content) |
| Resend | Transactional email delivery | Email address and message content for service emails |
| Twilio | Optional voice / phone dictation | Audio you choose to dictate by phone |
OpenAI processes the transcript or text submitted for a generation request in order to return the drafted output. The OpenAI API key is held only on the MLS backend and is never exposed to the browser or the extension. We are finalizing our data-processing and Business Associate arrangements with OpenAI; see the compliance note below.
7. HIPAA & Business Associate context
When MLS processes protected health information on behalf of a clinician or practice (a HIPAA "covered entity"), MLS acts as a Business Associate. In that role, MLS enters into a Business Associate Agreement (BAA) with the practice that governs how MLS may use and safeguard that information.
8. Data retention
We retain information for as long as needed to provide the service to your practice and for legitimate business, legal, and security purposes. Clinical records that your practice creates in MLS are retained while your account is active and are subject to your practice's instructions. Encrypted backups are retained on a rolling basis so the service can be restored. When information is no longer needed, or upon a valid deletion request from the responsible practice, we delete or de-identify it in accordance with our obligations and applicable law. We do not retain data for longer than necessary for the single purpose described above.
9. Security
We take reasonable and appropriate technical and organizational measures to protect the information MLS processes, including:
- Encryption in transit using HTTPS/TLS for connections between the web app, the extension, and the MLS backend.
- Encryption at rest of stored application data using AES-256-GCM.
- Encrypted backups protected with AES-256 encryption.
- Authentication controls including hashed passwords, signed session tokens, and optional two-factor authentication (2FA).
- Server-held secrets: third-party API keys (including the AI provider key) reside only on the MLS backend and are never exposed to the browser or extension.
- Administrative safeguards such as access controls and the ability to generate auditable records of administrative actions.
No method of transmission or storage is perfectly secure, and we cannot guarantee absolute security. We encourage practices to keep their own credentials confidential and to use available security features.
10. The MLS Assist browser extension
MLS Assist is a companion browser extension that helps a clinician move a drafted note into their EMR. A few points specific to the extension:
- Consent-first. The extension stays dormant as a small badge until the clinician opens its panel. It acts only on features the clinician invokes.
- What it reads. When invoked, it may read the content and structure of the current page (and, for supervised autopilot, a screenshot) to capture a visit, structure chart information, or place a note in the correct field.
- Where data goes. The extension's only authenticated network calls go to the MLS backend. It does not send your data to your EMR vendor's servers; its interaction with the EMR happens within your own already-signed-in EMR browser session, under your direction.
- You stay in control of the record. The extension is designed not to finalize the medical record on its own — it pauses before steps such as Save or Sign and hands those decisions back to the clinician unless the clinician explicitly chooses to supervise such a step.
- Permissions. The extension requests browser permissions (such as access to page content and tabs) solely to perform the documentation features described above, consistent with its single purpose.
11. Your rights & choices
Because MLS processes most personal and health information on behalf of a practice, patients who wish to access, correct, or delete their health information should contact the clinician or practice that maintains their record; that practice directs how the information in MLS is handled. Clinicians and practices can access, update, export, or request deletion of information in their MLS account, and can contact us for assistance. Depending on where you live, you may have additional rights under applicable privacy laws; we will honor valid requests as required by law. You can stop the extension's processing at any time by closing its panel, signing out, or removing the extension.
12. Children's privacy
MLS is a professional tool for clinicians and is not directed to children, and we do not knowingly allow children to create accounts. To the extent a clinician documents care for a minor patient, that information is handled the same way as other patient health information described in this policy and remains under the responsible practice's control.
13. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date above and, where appropriate, provide additional notice. Continued use of MLS after an update means you accept the revised policy.
14. Contact us
If you have questions about this policy or about how MLS handles information, contact:
MLS Scribe LLC
Email: michael@mlsscribe.com
Web: mlsscribe.com