Privacy Policy

Last Updated: June 21, 2026

S4Medical ("we," "us," or "our") is committed to protecting the privacy and security of your personal and health-related data. This Privacy Policy describes how we collect, use, disclose, and secure your information when you use our mobile application, S4Mobile (the "App"), and our associated services (collectively, the "Services").

1. Information We Collect

When you use the App as a healthcare provider, clinical staff, or authorized representative, we collect information necessary to facilitate clinical operations, documentation, and medical coding. This includes:

• User Credentials & Account Info: Name, professional email address, phone number, practice/facility affiliation, and authentication tokens.
• Patient Identifiers (EMR Data): Patient names, Dates of Birth, gender, medical record/patient IDs (PID), and contact details required to identify patient encounters.
• Clinical Documentation: Clinical notes, SOAP notes, Progress notes, and Operative Reports which you generate, save, or retrieve using the App.
• Medical Codes: ICD-10 diagnosis codes and CPT procedure codes associated with patient encounters.
• Camera & Photos: Captured patient clinical photos for direct upload to the patient record/EMR. These images are uploaded securely to our HIPAA-compliant database and are not saved to the device's personal photo library.
• Audio Recordings & Transcriptions: Audio dictation segments captured through the device microphone for translation and medical text transcription.
• Authentication and Biometrics (Face ID/Touch ID): If enabled, Face ID or Touch ID is used locally on your device to verify your identity. Biometric data is processed exclusively on-device and is never transmitted to S4Medical servers.

2. How We Use Your Information

We process collected data to deliver the core functionalities of our platform, specifically to:

• Identify patient encounters and populate appropriate EMR contexts.
• Generate AI-assisted ICD-10 diagnosis and CPT procedure suggestions derived from encounter logs and clinical reports.
• Translate audio recordings into typed clinical summaries.
• Maintain audit logs of accesses and changes to patient data as required by law.
• Validate codes against official medical coding indices (e.g., NLM Clinical Tables).

3. Data Protection and HIPAA Compliance

As a provider of support services to healthcare organizations, S4Medical operates as a "Business Associate" under the Health Insurance Portability and Accountability Act (HIPAA). We implement strict administrative, physical, and technical safeguards to secure Protected Health Information (PHI):

• Encryption: All clinical data, audio files, and patient records are encrypted in transit using industry-standard protocols (HTTPS/TLS) and at rest within our database.
• Device Storage: No patient health records, clinical documentation, or patient media files are stored permanently on the local mobile device. All data is written directly to our secure central database.
• Access Control: Access to patient data is strictly limited to authorized practice staff utilizing role-based access configurations.

4. Data Sharing and Disclosure

We do not sell, rent, or monetize any user or patient data. We only share information with third parties in the following limited circumstances:

• Artificial Intelligence Partners (OpenAI): We transmit text segments (de-identified of direct personal identifiers where possible) to secure APIs for note translation and code analysis. These processors are contractually bound to keep data confidential and are prohibited from training models on your submitted data.
• Legal Requirements: If required by law, subpoena, or regulation to protect the security and integrity of our services.

5. Your Rights and Access Control

Practices and clinical users retain full ownership and control of the data they submit. To request access to, correction of, or deletion of clinical information, please contact your practice administrator or reach out to us at the contact details below.

6. Contact Us

If you have any questions or concerns about this Privacy Policy or our data handling practices, please contact us at:

S4Medical Privacy Officer
84 NE I-410 Loop, Suite 320
San Antonio, TX 78216
Email: privacy@s4medical.co
Phone: (210) 569-1140