Mozu logoMozu

Privacy Policy

Last updated: December 5, 2025

Introduction

Mozu ("we," "our," or "us") is committed to protecting your privacy and the privacy of your clients. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our clinical AI scribe platform.

We are fully compliant with HIPAA (Health Insurance Portability and Accountability Act), PHIPA (Personal Health Information Protection Act), and PIPEDA (Personal Information Protection and Electronic Documents Act).

Information We Collect

Account Information

  • Name and professional credentials
  • Email address
  • Practice information
  • Billing information

Session Data

  • Audio recordings of therapy sessions (with client consent)
  • Generated transcripts and SOAP notes
  • Client information you choose to input
  • Session metadata (date, time, duration)

Usage Data

  • Log data and analytics
  • Device and browser information
  • Feature usage patterns

Data Minimization Policy

We adhere to a strict Data Minimization Policy to reduce risk and protect your clients' sensitive information.

Raw Audio

Audio files are retained only as long as necessary for processing and quality verification and deleted promptly.

Transcripts & SOAP Notes

Generated text is stored securely in our database until you delete it. You have full control to manually delete sessions at any time.

Permanent Deletion

When a session is deleted by you, we execute a hard delete. The data is removed from the database and all associated files are wiped from storage immediately.

How We Use Your Information

  • To provide and maintain our clinical documentation services
  • To generate transcripts, SOAP notes, and clinical insights
  • To track client history across sessions for continuity of care
  • To improve our AI models and service quality (using de-identified data only)
  • To communicate with you about your account and service updates
  • To comply with legal obligations

Data Security

We implement industry-leading security measures to protect your data:

  • End-to-end encryption for all data in transit and at rest
  • SOC 2 Type II compliant infrastructure
  • Regular security audits and penetration testing
  • Role-based access controls
  • Secure data centers with physical security measures

Business Associate Agreement (BAA)

We offer a Business Associate Agreement (BAA) to all healthcare providers using our platform. The BAA outlines our responsibilities for protecting Protected Health Information (PHI) in accordance with HIPAA requirements. Contact us at support@mozuhealth.com to request a BAA.

Your Rights

You have the following rights regarding your personal information:

  • Access and download your data at any time
  • Request correction of inaccurate information
  • Delete your account and all associated data
  • Opt out of non-essential communications
  • Request information about how your data is processed

Third-Party Services

We use carefully selected third-party services that meet our strict security and compliance requirements. All third-party providers are bound by appropriate data processing agreements and are required to maintain HIPAA compliance where applicable.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Mozu

Email: support@mozuhealth.com