Privacy

Privacy & Data Security Statement

Effective Date: March 16, 2026

Purity Transcription is fully committed to maintaining the highest standards of data integrity, confidentiality, and patient privacy. As a specialized provider of human medical transcription for oncology, pharmaceuticals, and clinical research across North America, our operations strictly adhere to the regulatory requirements of HIPAA (United States), PIPEDA (Canada), and PHIPA (Ontario).

1. Data Sovereignty & Infrastructure Safeguards

To guarantee absolute information security, Purity Transcription manages data using a robust technical framework designed to keep Protected Health Information (PHI) and proprietary research completely contained:

Secured Canadian Architecture: All audio files, video records, and text transcripts are processed and stored on secure servers located physically within Canada to maintain strict data residency and sovereignty standards.
Military-Grade Encryption: Data is heavily protected using 256-bit AES encryption at rest and secure TLS 1.2+ protocols during transit.
Zero-Knowledge Architecture: File management and sharing are handled entirely via Sync.com—a fully HIPAA-compliant, zero-knowledge storage provider. No unauthorized third party can access or read your files.

2. The 100% Human “No-AI” Guarantee

In an industry increasingly reliant on automated software, Purity Transcription implements a strict Zero AI Involvement mandate.

Many commercial AI tools log audio data to train public or proprietary language models, resulting in critical security leaks of patient data and confidential clinical trials.
Every single transcript we deliver is prepared manually by a certified medical transcriptionist with over a decade of domain-specific expertise. Your data will never touch an AI model, machine-learning pipeline, or automated drafting tool.

3. Comprehensive Regulatory Compliance

Purity Transcription operates under the precise legal definitions of a Business Associate (under HIPAA) and a Health Information Network Provider / Third-Party Vendor (under PHIPA/PIPEDA). We strictly enforce:

Mandatory Multi-Factor Authentication (MFA): Enforced across all internal operational nodes, email networks, and storage servers.
Encrypted Workstations: All local processing drives are secured with full-disk encryption (BitLocker/AES) behind active firewall barriers.
A Conspicuous Audit Trail: Tracking and logging access to files to ensure that only the assigned expert working on your project interacts with your audio records.

4. Secure 30-Day Data Lifecycle & Permanent Purging

We minimize data vulnerability through a clear, rigorous data retention policy:

The 30-Day Window: All uploaded raw media files, draft documents, and final completed transcripts are retained securely on our platform for exactly 30 days post-delivery. This allows time for client review and formatting adjustments.
Permanent Destruction: Upon the conclusion of the 30-day window, all files are permanently wiped and purged from our local secure machines and our cloud server’s trash bins. This data destruction is irreversible. Longer or shorter custom retention windows are available upon request for institutional clients.

5. Corporate Inquiries & Compliance Contact

Purity Transcription routinely signs custom Business Associate Agreements (BAAs) and non-disclosure agreements (NDAs) for corporate medical communications agencies, pharmaceutical brands, and legal bodies.

For security audits, copy requests of our annual Security Risk Assessment (SRA), or specific institutional compliance inquiries, please contact our designated Privacy and Security Officer:

Brian Castro, President & CEO Purity Transcription

6 Belvidere Avenue, Toronto, ON M6C 1P3

Email: info@puritytranscription.ca

Tel: 416-877-1553