Zonov.ai — Healthcare AI Platform
Zonov.ai ("Platform", "Service", "we", "our", "us") is committed to protecting healthcare information, personal data, and patient privacy.
This Privacy Policy explains how Zonov.ai collects, uses, processes, stores, protects, and discloses information in connection with the use of our healthcare workflow, documentation, automation, transcription, and operational support platform.
Zonov.ai is designed for healthcare organizations, hospitals, clinics, healthcare professionals, and authorized medical personnel. By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy.
Depending on the region of deployment and use, Zonov.ai is designed to support compliance efforts related to applicable privacy and healthcare regulations, including but not limited to:
Customers remain responsible for ensuring their own regulatory compliance obligations.
Depending on how the Platform is configured and used by healthcare organizations, Zonov.ai may collect, process, store, or transmit certain categories of personal, operational, and healthcare-related information. Such information may include patient names, demographic details, contact information, healthcare documentation, clinical notes, treatment-related records, operational workflow information, provider-generated documentation, scheduling information, and other healthcare-related records necessary for workflow assistance, documentation support, and operational platform functionality.
Where voice-enabled functionality or recording features are enabled by the healthcare organization or authorized user, Zonov.ai may process audio recordings, dictation data, doctor-patient conversations, ambient voice interactions, and workflow-related voice inputs for documentation and workflow assistance purposes.
Audio processing functionality operates only when enabled and is intended to be used in accordance with applicable consent, recording, privacy, and healthcare laws. Healthcare organizations and authorized users remain solely responsible for obtaining all legally required consents, notices, approvals, and permissions prior to recording or processing healthcare-related audio information.
Zonov.ai may automatically collect certain technical, operational, diagnostic, and security-related information associated with access to and use of the Platform. Such information may include device details, browser information, operating system information, authentication activity, IP addresses, usage logs, timestamps, analytics information, performance metrics, error reports, and security monitoring information.
Zonov.ai may use cookies and similar technologies for:
Customers may control certain browser cookie settings; however, disabling certain cookies may affect platform functionality.
Zonov.ai may use collected information for operational, administrative, security, documentation, workflow, and platform-related purposes. Information may be processed to support healthcare workflow functionality, generate clinical and operational documentation, enable transcription services, facilitate workflow automation, maintain platform security, authenticate authorized users, troubleshoot technical issues, monitor performance, maintain audit records, support integrations, improve operational reliability, and comply with legal or regulatory obligations.
Where applicable and legally permitted, Zonov.ai may also use aggregated, anonymized, de-identified, or non-identifiable operational information to support system improvement, reliability, analytics, security operations, and platform performance optimization.
Zonov.ai may use artificial intelligence, automation systems, machine learning models, speech recognition systems, and related technologies to support documentation and workflow assistance features.
Users acknowledge and agree that:
Where Protected Health Information (PHI) or healthcare-sensitive data is processed, Zonov.ai implements commercially reasonable administrative, technical, and organizational safeguards designed to help protect such information. Security measures may include:
For the purposes of applicable data protection and healthcare privacy laws, healthcare organizations generally act as the Data Controllers or Covered Entities, while Zonov.ai acts as a Data Processor, Service Provider, or Business Associate where applicable based on the nature of services provided.
Customers and healthcare organizations remain responsible for:
Zonov.ai does not sell or rent patient healthcare information or protected healthcare-related data.
Information may be disclosed only in limited circumstances necessary to support authorized healthcare operations, platform functionality, legal compliance, security operations, or service delivery. Such disclosures may include sharing information with authorized healthcare organizations, healthcare providers, infrastructure providers, cloud service providers, analytics or monitoring vendors, AI or workflow service providers, interoperability systems, and authorized subcontractors operating on behalf of Zonov.ai.
Information may also be disclosed where required to comply with applicable laws, legal obligations, lawful governmental requests, court orders, regulatory obligations, security investigations, or fraud prevention efforts.
Zonov.ai may integrate with Electronic Health Record (EHR) systems, AI providers, cloud infrastructure providers, healthcare software systems, APIs and interoperability platforms, and analytics and monitoring services. Third-party platforms and integrations may operate under separate privacy policies and terms.
Zonov.ai is not responsible for third-party outages, security failures, platform availability, external data inaccuracies, or external system interruptions. Customers are responsible for reviewing applicable third-party policies where required.
Depending on customer location, infrastructure configuration, support operations, or integrations, information may be processed, stored, or transferred across multiple jurisdictions. By using the Platform, customers acknowledge and agree that authorized data processing may occur in jurisdictions where Zonov.ai, its infrastructure providers, or authorized service providers operate.
Zonov.ai maintains commercially reasonable administrative, technical, organizational, and operational safeguards designed to support the protection of healthcare-related and sensitive information. Security controls may include industry-standard authentication systems, OAuth 2.0 authentication, TLS encryption, AES-256 encryption, Role-Based Access Control (RBAC), Multi-Factor Authentication (MFA), infrastructure monitoring, audit logging, access controls, vulnerability management practices, and secure cloud infrastructure practices.
Customers acknowledge that no internet-based or cloud-based system can guarantee absolute security. Customers remain responsible for maintaining appropriate internal security controls, workforce access management, credential management, network protections, device security, and lawful operational practices within their own organizations.
Information may be retained as required by customer agreements, based on healthcare operational requirements, according to applicable legal obligations, and for security, audit, compliance, or operational purposes. Upon lawful request and where operationally feasible, data may be deleted, anonymized, or de-identified.
Depending on applicable laws and jurisdiction, individuals may have rights relating to their personal information, including access rights, correction rights, deletion requests, objection or restriction rights, withdrawal of consent where applicable, and complaint rights under applicable laws. Requests may be subject to identity verification, legal limitations, healthcare obligations, and operational or regulatory requirements.
Healthcare organizations and authorized users are responsible for obtaining all legally required patient consents, recording permissions, notices, approvals, and authorizations before recording, processing, transmitting, or storing healthcare-related information through the Platform.
Where pediatric or minor-related healthcare information is processed, customers and healthcare providers remain responsible for obtaining legally required parental, guardian, or authorized representative consent where required by law.
In the event of a suspected or confirmed security incident, Zonov.ai may investigate the incident, implement containment measures, perform remediation activities, notify affected parties where legally required, and cooperate with applicable authorities where required. Notification timelines and obligations may vary depending on jurisdiction, contractual obligations, healthcare regulations, and severity of the incident.
Where applicable, Zonov.ai may enter into additional agreements such as Business Associate Agreements (BAAs), Data Processing Agreements (DPAs), enterprise security agreements, and healthcare compliance agreements.
Zonov.ai may update or modify this Privacy Policy periodically. Updated versions become effective upon publication on the Platform or official notification. Continued use of the Platform after updates constitutes acceptance of the revised Privacy Policy.
For privacy, compliance, legal, or security-related inquiries, contact:
By accessing or using Zonov.ai, users acknowledge that they have read this Privacy Policy, understand this Privacy Policy, agree to the practices described in this Privacy Policy, acknowledge responsibility for lawful and compliant usage of the Platform, and understand the assistive nature of the Platform.