At Accurx, privacy and security are at the heart of everything that we do! We have a robust framework that underpins the privacy and security of all our product capabilities, including Scribe, ensuring that we meet all the requirements of data protection laws (including the UK GDPR) and adhere to information security and governance best practices.
Want to know more about how we achieve this for Accurx Scribe?
Here you can find the answer to frequently asked privacy and security questions about our Scribe feature:
How secure is Accurx Scribe?
How secure is Accurx Scribe?
At Accurx, we have a robust framework that follows information security and governance best practices and underpins the security of all our product capabilities. Accurx Scribe is fully assured to ISO 27001:2022 standards, UK Cyber Essentials, and the NHS DSP Toolkit. We rigorously align with guidance from NHS England and the UK’s National Cyber Security Centre, to give NHS organisations complete confidence that the data relating to their patients is secure with us.
Does Accurx Scribe comply with the UK GDPR and the NHS IG Standards?
Does Accurx Scribe comply with the UK GDPR and the NHS IG Standards?
Yes. At Accurx, we take information governance and data protection extremely seriously. Our approach is built around a comprehensive, risk-based framework that is specifically designed to meet and exceed the requirements set out by the NHS and the UK GDPR. We’ve embedded risk management into every stage of our product lifecycle, ensuring that potential threats to privacy and security are proactively identified, assessed, and mitigated. In line with the UK GDPR’s principle of data protection by design and by default, we incorporate privacy and security safeguards into our systems and processes from the outset, rather than treating them as afterthoughts.
To ensure that the same level of privacy and security is ensured when we partner with other service providers to offer a feature, which is the case for Accurx Scribe, Accurx has a structured, comprehensive and robust due diligence framework to assess these partners at corporate and product levels. This way we ensure that we only work with partners who can demonstrate a shared commitment to protecting privacy, ensuring clinical safety, and delivering safe, secure and compliant technology within the NHS.
What changes have been made to the Data Processing Agreement (DPA) for the purposes of Accurx Scribe?
What changes have been made to the Data Processing Agreement (DPA) for the purposes of Accurx Scribe?
Under data protection law, Accurx acts as a data processor when delivering communication services to NHS organisations. This means we process personal data solely on behalf of these organisations, and only in accordance with their documented instructions. These instructions are formalised through our standard Data Processing Agreement (DPA), unless otherwise governed by a separate contractual framework (e.g., G-Cloud 14).
To enable Accurx to process personal data specifically for the provision of Accurx Scribe, NHS organisations choosing to use this service will be required to review and accept the material updates made to our DPA. These updates include specific wording added to the DPA’s Schedule, more specifically to the section titled ‘Purposes and nature of the processing’, and comprise the following:
“● Automated solutions for recording, transcribing and summarising consultations, and generating content based on transcriptions to aid communication with and about patients
● Reviewing and validating content generated by automated solutions and the inputs to those solutions to ensure clinical safety throughout the development, monitoring and improvement of these solutions on the platform”
What patient data is processed as part of the Accurx Scribe service?
What patient data is processed as part of the Accurx Scribe service?
Our Scribe solution processes the following patient information on behalf of the NHS organisations that use this service:
Patient’s demographic details (name, date of birth, gender)
Patient’s NHS number
Healthcare professional’s email address
Audio stream from consultations (processed in real-time during conversations and automatically deleted as soon as the audio is transcribed)
Transcription of consultation
Outputs generated (letters, clinical notes)
The patient’s NHS number and demographic details, which are required to ensure clinical notes are saved to the correct patient’s record, are fetched directly from the electronic medical record (EMR) and/or the Personal Demographic Service (PDS). All other information is obtained directly from the patient and healthcare professionals participating in the consultations.
How accurate are the transcriptions produced by Accurx Scribe?
How accurate are the transcriptions produced by Accurx Scribe?
Accurx Scribe leverages a range of controls to maximise transcription quality and minimise inaccuracy. These controls help ensure clinical oversight and maintain compliance with relevant data protection laws as well as information governance and clinical safety standards.
Key Safeguards
Ensuring that all input data is obtained from reliable sources: Accurx receives data directly from the patients and healthcare professionals during consultations, as well as from the Electronic Medical Record and/or the Personal Demographics Services (PDS).
Using AI models that have been appropriately tested for accuracy: while no AI solution can guarantee 100% accuracy, Accurx Scribe uses AI models that have been proven to perform at or above the level of human transcribers.
Implementing robust safeguards against ‘hallucinations’: Accurx Scribe leverages advanced voice activity detection to identify and disregard background noise and audio that is too quiet or unintelligible, which have been identified as the main causes of hallucination, instances where an AI may insert words or phrases not present in the original audio.
Adopting a ‘human-in-the-loop’ approach: once an output is generated using Accurx Scribe, the product displays enhanced in-product messages, prompting healthcare professionals to review the content of the outputs to ensure that clinical oversight is maintained. This helps to ensure that every transcription, and any document derived from it (such as letters, clinical notes etc.), is reviewed, validated, and, if necessary, amended by a healthcare professional before being saved to the patient record or copied and pasted elsewhere.
Continuously improving the safety, accuracy and reliability of Accurx Scribe: as an integral part of Accurx Scribe, there is a manual clinical review process of effectively anonymised outputs generated by Accurx Scribe. The process includes a clinical investigation into why clinicians made edits to the documents and the application of expert clinical judgment to determine whether the issue could have had any clinical safety implications.
Should I rely on consent as the legal basis under the UK GDPR to process patient data using Accurx Scribe?
Should I rely on consent as the legal basis under the UK GDPR to process patient data using Accurx Scribe?
Because of the nature of our role, we can’t advise on whether consent is needed under the UK GDPR or what legal basis should be used instead. As a data processor under the law, Accurx doesn’t (and can’t) make any key decisions about the processing of patient data – instead, we process data only on behalf of the NHS organisations using our services and in line with their instructions.
As the data controller, the NHS organisation is responsible, among other things, for ensuring that patient data is processed lawfully. And this includes determining, in each case, what legal basis to rely on when processing patient data, taking into account your legal responsibilities and internal policies.
Should I update my Privacy Notice before using Accurx Scribe?
Should I update my Privacy Notice before using Accurx Scribe?
Because of the nature of our role, as a data processor, we are not in a position to advise on whether you need to update your privacy notice or provide additional transparency/fair processing materials to patients before using Accurx Scribe. It would be for your organisation, as the data controller, to decide what information should be communicated to patients and how this should take place.
Is patient data used to train the AI model that powers the Accurx Scribe solution?
Is patient data used to train the AI model that powers the Accurx Scribe solution?
No, while some AI systems are built to continuously learn from new data, Accurx Scribe is not. The AI model that powers Accurx Scribe does not absorb, reflect or “learn” from any aspect of the conversation between patients and healthcare professionals during a consultation. This means that information about healthcare professionals and patients that processed through Accurx Scribe is:
never used to update, retrain or fine-tune the AI model, remaining completely separate from the development of the underlying AI technology, and
always kept private and confidential, with no influence on how the model behaves for others, now or in the future.
That said, we are firmly committed to continuously improving the safety, accuracy and reliability of our Scribe solution. That is why, as an integral part of Accurx Scribe, there is a manual clinical review process of effectively anonymised outputs generated by Accurx Scribe. The process includes a clinical investigation into why those edits were made and the application of expert clinical judgment to determine whether the issue could have had any clinical safety implications.
Crucially, even when this clinical review process highlights a need for improvement, patient data is never used to train or fine-tune the AI model. Instead, the insights from this review are used to refine the prompt – which is the specific set of instructions used to guide how the model operates – and/or adjust other controls. As a result, the quality and accuracy of outputs are improved without any use of patient information to update the model itself. These changes are then validated through regression testing, which ensures that any refinements maintain or enhance overall performance and accuracy, without introducing new errors.
This approach allows for the continuous improvement of the safety and clinical relevance of Accurx Scribe without ever compromising patients’ privacy. It’s a deliberate design choice to uphold the highest standards of data protection and trust.
Does Accurx use any sub-processors to offer Accurx Scribe?
Does Accurx use any sub-processors to offer Accurx Scribe?
Yes, Accurx Scribe is provided by Accurx as a data processor and powered by the technology from Tandem Health AB, which acts as a sub-processor under data protection laws. Tandem’s technology is securely hosted on Microsoft Azure servers and databases, in the same way as Accurx’s other product features.
We’ve added Tandem to our list of sub-processors, where you will find them, as well as all other companies with whom we’ve partnered to deliver our services.
Has Accurx appropriately vetted Tandem Health AB before partnering with them?
Has Accurx appropriately vetted Tandem Health AB before partnering with them?
Yes, at Accurx, protecting patient data is non-negotiable. We only work with partners who can demonstrate a shared commitment to protecting privacy, ensuring clinical safety, and delivering safe, secure and compliant technology within the NHS.
Accurx completed a very thorough due diligence process before partnering with Tandem Health AB to ensure it meets our high standards for privacy, security, compliance and clinical safety. Our structured, comprehensive and robust due diligence framework enabled us to assess Tandem at corporate and product levels, including their:
Information security posture, including their security certifications (ISO 27001 and Cyber Essentials), internal policies, and technical controls.
Data protection practices, such as how personal data is handled, stored, accessed, and retained.
Compliance with UK data protection laws, NHS DSPT (Data Security and Protection Toolkit), and other relevant regulatory standards.
Company governance and accountability, including their registration with regulatory bodies (ICO), contractual obligations, subprocessor arrangements, and audit readiness.
Product-specific risks, including a close review of how the AI system interacts with patient information — for example, how audio recordings are transcribed, how those transcriptions are summarised, where data is stored and processed, who has access at each stage, and how long it is retained.
As part of the due diligence process, we have also entered into a formal Data Processing Agreement (DPA) with Tandem, as required under data protection laws. This legally binding agreement defines Tandem’s responsibilities as a sub-processor and ensures that it may only act on our documented instructions. The DPA sets out strict terms around confidentiality, data access, subprocessing, international transfers, security measures, and breach reporting. It also provides us with rights to audit and monitor Tandem’s compliance on an ongoing basis. This agreement is a critical safeguard to ensure that any personal data handled on behalf of NHS organisations is processed lawfully and securely.
Does the use of Accurx Scribe constitute automated decision-making?
Does the use of Accurx Scribe constitute automated decision-making?
No, Accurx Scribe does not make any automated decisions that affect patients or their care.
While the system uses AI to assist with transcribing and summarising clinical conversations, it is not designed to function independently or replace clinical judgment. A core feature of our solution is the "human in the loop" approach, which means that all outputs generated by the AI, such as transcriptions, summaries, or letters, must be reviewed and approved by a healthcare professional before being saved to record or acted upon.
This ensures that healthcare professionals remain fully in control of the information recorded in a patient’s health record and that no decisions are made without appropriate human oversight. As such, the system does not engage in solely automated decision-making under the UK GDPR definition.
Who can access the transcriptions and other outputs generated by Accurx Scribe?
Who can access the transcriptions and other outputs generated by Accurx Scribe?
Access to transcriptions and other outputs generated by our Scribe solution is strictly controlled within our product. By default, only the healthcare professional who conducted the consultation (that is, the user whose account was used to generate the transcription) can access the associated data within the product.
In exceptional circumstances, such as when investigating a technical issue or ensuring the safe operation of the service, a technical engineer may need to access stored data. However, this access will always be:
tightly restricted to authorised personnel only,
audited and monitored.
These safeguards are in place to ensure that any access beyond the user level is both rare and rigorously controlled, maintaining the privacy, security, and trust expected in a clinical setting.
How long does Accurx retain personal data as part of the Accurx Scribe service?
How long does Accurx retain personal data as part of the Accurx Scribe service?
The audio stream is processed in real-time during conversations and automatically deleted as soon as the audio is transcribed by Accurx Scribe. This ensures that the audio, which is highly sensitive, is not retained any longer than necessary to fulfil their purpose.
All other outputs generated by Accurx Scribe, such as transcriptions, clinical notes, and summaries, are retained as personal data for a period of 30 days. During this time, healthcare professionals can review these documents within the product and, where appropriate, save them to the patient’s electronic medical record (EMR) for permanent clinical use.
After the 30-day retention period has passed, these outputs are effectively anonymised (therefore no longer considered personal data) and used exclusively for clinical safety purposes — never for AI model training or any commercial use.
How does Accurx support data deletion requests as part of the Accurx Scribe service?
How does Accurx support data deletion requests as part of the Accurx Scribe service?
Within the 30-day retention period, there are two different ways through which Accurx, as a processor, can support the NHS organisations using its Scribe service with deletion requests involving transcriptions, clinical notes or other documents generated as part of its Scribe service:
Throughout the duration of the service contract, Accurx, as a data processor, will comply with any data deletion instructions reasonably given by the NHS organisations using the service. To be sure that we're taking our instructions from someone with authority to act on behalf of the data controller, we follow the NHS Information Governance Standards, which requires these requests to follow a specific form. We have a specific support article where you can find detailed information about how we approach the deletion of patient data.
In the event of termination of the service contract, Accurx will delete or return all the existing data within 90 days of the contract end, in accordance with our Data Processing Agreement (DPA).
In which country is personal data stored and further processed in the context of Accurx Scribe?
In which country is personal data stored and further processed in the context of Accurx Scribe?
All personal data processed through Accurx Scribe is stored and handled exclusively within the European Union (EU). This includes all servers, databases, systems, and processes that we rely on to provide Accurx Scribe. No personal data is transferred outside of the EU.
This approach is intentional and carefully designed to ensure full compliance with the UK GDPR. Because the UK has a formal adequacy decision in place with the EU, personal data can lawfully flow from the UK to the EU without the need for additional safeguards such as international data transfer agreements. The adequacy decision confirms that the EU’s data protection regime offers a level of protection that is “essentially equivalent” to that of the UK.
As always, if you have any other questions, please get in touch using our live chat in the bottom right or send us an email to support@accurx.com😊