Back to Legal Hub
Usage Guidelines

Acceptable Use Policy

Updated:February 5, 2026
Version:2.0
Length:~2,800 words

Legal Document

This document constitutes part of your legal agreement with Scribeable. Please read it carefully.

Acceptable Use Policy

Scribeable Platform - Acceptable Use Guidelines

Last Updated: February 5, 2026

1. PURPOSE AND SCOPE

This Acceptable Use Policy ("AUP") defines acceptable and prohibited uses of the Scribeable medical documentation platform ("Platform"). This AUP is incorporated into and forms part of our Platform Terms of Use.

By using the Platform, you agree to comply with this AUP.

Violation of this AUP may result in:

  • Suspension or termination of your account
  • Legal action
  • Reporting to authorities
  • Liability for damages

2. ACCEPTABLE USES

2.1 Permitted Uses

The Platform may be used for:

(a) Clinical Documentation:

  • Creating clinical notes and summaries
  • Documenting patient encounters
  • Recording consultation details
  • Generating treatment plans
  • Managing patient records

(b) Practice Management:

  • Managing patient lists
  • Organizing clinical workflows
  • Tracking consultations and follow-ups
  • Practice analytics and reporting
  • Quality improvement activities

(c) Professional Communication:

  • Generating summaries for referring physicians
  • Creating patient handouts and letters
  • Documenting care transitions
  • Professional correspondence

(d) Training and Education:

  • Learning to use Platform features
  • Training staff and colleagues
  • Educational demonstrations
  • Clinical documentation training

(e) Research (with appropriate safeguards):

  • De-identified data analysis
  • Quality improvement studies
  • With IRB approval when required
  • In compliance with research regulations

3. PROHIBITED USES

3.1 Illegal Activities

You may NOT use the Platform to:

(a) Violate Laws:

  • Engage in illegal activity of any kind
  • Facilitate illegal drug distribution or abuse
  • Commit healthcare fraud or abuse
  • Violate privacy laws (HIPAA, GDPR, etc.)
  • Infringe intellectual property rights
  • Engage in identity theft or impersonation
  • Violate export control laws

(b) Fraudulent Billing:

  • Create false or misleading documentation
  • Upcoding or unbundling inappropriately
  • Documenting services not provided
  • Billing for services not rendered
  • Falsifying medical necessity
  • Submitting fraudulent claims

(c) Abuse Prescription Authority:

  • Prescribe without legitimate medical purpose
  • Facilitate "pill mills" or prescription abuse
  • Sell or distribute prescriptions illegally
  • Prescribe to yourself, family, or friends inappropriately
  • Violate controlled substance regulations

3.2 Security Violations

You may NOT:

(a) Compromise Security:

  • Attempt to gain unauthorized access to the Platform or other users' accounts
  • Circumvent security measures or access controls
  • Share your account credentials with others
  • Use another person's account without authorization
  • Exploit security vulnerabilities

(b) Introduce Malicious Code:

  • Upload viruses, malware, or harmful code
  • Introduce ransomware or spyware
  • Deploy trojans, worms, or backdoors
  • Attempt to corrupt or damage systems
  • Engage in any hacking activity

(c) Attack Infrastructure:

  • Launch denial-of-service (DoS) attacks
  • Attempt to disrupt Platform services
  • Overload systems with excessive requests
  • Engage in distributed attacks
  • Interfere with other users' access

3.3 Privacy Violations

You may NOT:

(a) Violate Patient Privacy:

  • Access records of patients not under your care (unless authorized)
  • Disclose PHI without authorization
  • Share patient information inappropriately
  • Use PHI for purposes other than treatment, payment, or operations
  • Fail to obtain required patient consents

(b) Misuse Data:

  • Sell or share patient data with third parties
  • Use patient data for marketing without consent
  • Create publicly available datasets containing PHI
  • Share de-identified data that could be re-identified
  • Violate data minimization principles

(c) Unauthorized Access:

  • Access another user's patients or data without authorization
  • Impersonate another healthcare provider
  • Use another provider's credentials
  • Circumvent access controls
  • Exceed your authorized access level

3.4 Abusive Conduct

You may NOT:

(a) Harass or Threaten:

  • Harass, threaten, or intimidate other users or Scribeable staff
  • Engage in discriminatory conduct
  • Make threats of violence
  • Engage in stalking or doxxing
  • Create a hostile environment

(b) Spread Misinformation:

  • Intentionally create false medical documentation
  • Spread medical misinformation
  • Impersonate medical professionals
  • Make false claims about the Platform
  • Engage in defamation or libel

(c) Spam or Abuse:

  • Send unsolicited commercial messages
  • Engage in spam or bulk messaging
  • Abuse support channels
  • Create multiple fake accounts
  • Engage in fraudulent activity

3.5 Misuse of Platform Features

You may NOT:

(a) Improper AI Use:

  • Use AI to generate documentation without review
  • Rely on AI output without verification
  • Use Platform for auto-generation of fraudulent records
  • Delegate clinical judgment to AI
  • Use AI to replace professional assessment

(b) System Abuse:

  • Reverse engineer or decompile the Platform
  • Create derivative works without authorization
  • Remove proprietary notices or branding
  • Scrape or harvest data from the Platform
  • Use automated tools to access the Platform (except as authorized)

(c) Competitive Use:

  • Use the Platform to develop competing products
  • Benchmark without written permission
  • Copy features or functionality
  • Use Platform data to train competing AI models
  • Engage in competitive intelligence gathering

3.6 Inappropriate Professional Use

You may NOT:

(a) Practice Outside Scope:

  • Use the Platform to practice outside your scope of practice
  • Provide services without appropriate licensure
  • Practice medicine without a valid license
  • Use the Platform in jurisdictions where you're not licensed
  • Exceed your credentialing or privileging

(b) Unprofessional Conduct:

  • Create defamatory or libelous documentation
  • Include inappropriate personal information
  • Document under the influence of substances
  • Engage in unprofessional communication
  • Violate professional ethics standards

(c) Patient Harm:

  • Use the Platform in a manner that could harm patients
  • Ignore safety alerts or warnings
  • Bypass safety features
  • Create documentation that misrepresents patient condition
  • Delay urgent or emergency care to use the Platform

4. SPECIFIC PLATFORM FEATURES

4.1 AI-Powered Documentation

You agree to:

  • Review all AI-generated content before using it
  • Verify accuracy and appropriateness
  • Edit and correct as needed
  • Apply clinical judgment
  • Not rely solely on AI output
  • Maintain professional standards

You may NOT:

  • Use AI output without review
  • Copy AI content verbatim into medical records without verification
  • Use AI to create fraudulent documentation
  • Rely on AI for critical clinical decisions
  • Blame the AI for your professional decisions

4.2 Voice Transcription

You agree to:

  • Use voice recording in compliant environments
  • Obtain patient consent for recording when required
  • Review and edit all transcriptions
  • Ensure privacy during recordings
  • Comply with institutional policies
  • Delete recordings when no longer needed

You may NOT:

  • Record in prohibited locations
  • Record without patient knowledge (where consent required)
  • Record conversations with colleagues without consent
  • Use recordings for non-clinical purposes
  • Share recordings publicly
  • Rely on transcriptions without review

4.3 EHR Integration and Browser Extension

You agree to:

  • Use only on EHR systems you're authorized to access
  • Verify patient matching before insertion
  • Review content before inserting into EHR
  • Comply with EHR vendor policies
  • Follow institutional EHR guidelines
  • Ensure accurate field mapping

You may NOT:

  • Access EHR systems without authorization
  • Insert documentation for wrong patients
  • Insert content without review
  • Circumvent EHR access controls
  • Violate EHR vendor terms of service
  • Use the Extension on prohibited systems

Browser Extension Data Access. The Scribeable Browser Extension accesses the Document Object Model (DOM) of EHR web applications to facilitate clinical data transfer. This access is limited to: (a) reading clinical note fields for import into Scribeable; (b) inserting completed notes into EHR text fields; and (c) detecting EHR system type for compatibility. The extension does not access, read, or transmit any data from non-EHR websites. All data accessed through the extension is subject to the same encryption and privacy protections as data entered directly into the Scribeable platform.

4.4 Web Export Feature

You agree to:

  • Use web export only on secure, authorized computers
  • Not share export tokens with unauthorized persons
  • Access exported content only on compliant systems
  • Delete exported content when no longer needed
  • Use tokens before expiration
  • Maintain confidentiality of PHI

You may NOT:

  • Share tokens publicly or with unauthorized persons
  • Access exported content on public computers
  • Leave exported content accessible to others
  • Circumvent encryption or security measures
  • Use export feature to exfiltrate data inappropriately

5. USAGE LIMITS AND QUOTAS

5.1 Subscription Limits

You agree to:

  • Stay within your subscription plan limits
  • Pay for overages as applicable
  • Not circumvent usage tracking
  • Use the Platform for your own use only (not service bureau)
  • Maintain a valid payment method

You may NOT:

  • Share accounts to circumvent limits
  • Use automated tools to generate excessive API calls
  • Abuse free trial terms
  • Resell or sublicense access
  • Use the Platform for service bureau purposes

5.2 Rate Limits

We may impose rate limits to ensure fair use and system stability. You may NOT:

  • Attempt to circumvent rate limits
  • Use multiple accounts to avoid limits
  • Overwhelm the system with requests
  • Interfere with other users' access

6. CONTENT STANDARDS

6.1 Professional Documentation

All documentation created must:

  • Be professional and appropriate
  • Comply with medical documentation standards
  • Be accurate and truthful
  • Support medical necessity
  • Meet regulatory requirements
  • Be timely and complete

6.2 Prohibited Content

You may NOT create documentation that:

  • Is false, misleading, or fraudulent
  • Contains discriminatory language
  • Includes inappropriate personal information
  • Violates patient dignity or privacy
  • Contains defamatory statements
  • Includes offensive or unprofessional content
  • Violates copyright or other IP rights

7. THIRD-PARTY SERVICES

7.1 Integration Guidelines

When integrating with third-party services (EHRs, etc.):

  • Comply with third-party terms of service
  • Obtain necessary authorizations
  • Maintain appropriate security
  • Follow third-party usage guidelines
  • Respect third-party intellectual property

7.2 Third-Party Links

If you share content containing third-party links:

  • Ensure links are appropriate and professional
  • Verify links are safe and legitimate
  • Do not link to malicious content
  • Respect copyright and licensing

8. MONITORING AND ENFORCEMENT

8.1 Our Right to Monitor

We monitor platform usage patterns, access logs, and system performance metrics to ensure compliance with this policy and to maintain security. We do not monitor, review, or analyze the clinical content of your notes, transcriptions, or patient data. Monitoring is limited to metadata such as access times, feature usage frequency, data volumes, and authentication events.

We reserve the right to:

  • Investigate suspected violations
  • Access your account to verify compliance
  • Audit usage for billing purposes
  • Analyze aggregated, de-identified usage data

8.2 Enforcement Actions

If you violate this AUP, we may:

  • Issue a warning
  • Temporarily suspend your account
  • Permanently terminate your account
  • Delete or remove content
  • Report violations to authorities
  • Take legal action
  • Seek damages

Violation Severity Classification. Violations are classified as: (a) Low: Minor technical violations or first-time infractions with no data impact (e.g., sharing credentials). Consequence: Written warning. (b) Medium: Repeated violations or actions that could compromise data integrity (e.g., unauthorized bulk exports). Consequence: Temporary suspension pending review. (c) High: Actions that result in or risk unauthorized PHI disclosure, system compromise, or harm to patients. Consequence: Immediate suspension and potential termination.

Appeal Process. Users may appeal enforcement actions by emailing [email protected] within 14 days of notification. Appeals will be reviewed within 10 business days by a compliance officer not involved in the original decision.

8.3 Reporting Violations

To report AUP violations:

  • Email: [email protected]
  • Subject: "AUP Violation Report"
  • Include: Details of violation, account information, evidence

We will investigate reports promptly and take appropriate action.

9. COMPLIANCE OBLIGATIONS

9.1 Legal Compliance

You must comply with:

  • Federal, state, and local laws
  • Healthcare regulations (HIPAA, HITECH, etc.)
  • Privacy laws (GDPR, CCPA, etc.)
  • Medical practice acts
  • Licensing board requirements
  • Professional standards
  • Billing and coding regulations
  • Controlled substance laws
  • Anti-kickback and Stark laws

9.2 Institutional Compliance

If using in an institutional setting:

  • Obtain necessary approvals
  • Follow institutional policies
  • Comply with IT security requirements
  • Meet documentation standards
  • Follow medical staff bylaws
  • Obtain credentialing/privileging as required

9.3 Professional Compliance

You must:

  • Maintain active, valid licensure
  • Stay within your scope of practice
  • Meet continuing education requirements
  • Comply with professional ethics codes
  • Maintain appropriate insurance
  • Report adverse events as required

10. CONSEQUENCES OF VIOLATIONS

10.1 Account Actions

Warnings:

  • First-time or minor violations may result in a warning
  • We will explain the violation and required corrective action
  • You must correct the issue promptly

Suspension:

  • Serious or repeated violations may result in temporary suspension
  • Suspension may be immediate without prior notice
  • You must address violations before reinstatement

Termination:

  • Severe violations will result in permanent account termination
  • Termination may be immediate without refund
  • You will be prohibited from creating new accounts

10.2 Legal Consequences

Violations may result in:

  • Civil liability and damages
  • Criminal prosecution (for illegal activity)
  • Reporting to law enforcement
  • Reporting to regulatory authorities
  • Reporting to licensing boards
  • Professional discipline

10.3 Data Handling After Violation

Upon termination for cause:

  • We may retain data as required by law
  • We may provide data to authorities
  • You may not be entitled to data return
  • Audit logs will be retained
  • We may preserve evidence

11. REPORTING REQUIREMENTS

11.1 Security Incidents

You must promptly report:

  • Suspected security breaches
  • Unauthorized access to your account
  • Lost or stolen devices with Platform access
  • Compromised credentials
  • Suspicious activity

Report to: [email protected]

11.2 Safety Concerns

You must report:

  • Patient safety events involving the Platform
  • Serious adverse events
  • System malfunctions affecting patient care
  • Wrong-patient events

Report to: [email protected]

11.3 AUP Violations

You should report suspected AUP violations by others to: [email protected]

12. MODIFICATIONS TO AUP

We may update this AUP at any time to:

  • Reflect new Platform features
  • Address emerging abuse patterns
  • Comply with legal requirements
  • Improve security and safety
  • Clarify expectations

Notice of Changes:

  • We will post the updated AUP on our website
  • We will send email notification for material changes
  • Continued use constitutes acceptance of changes

Effective Date:

  • Changes take effect upon posting (unless stated otherwise)
  • You should review this AUP regularly

13. QUESTIONS AND CLARIFICATIONS

13.1 Interpretation

  • This AUP should be interpreted broadly to protect patient safety, data security, and Platform integrity
  • Examples provided are illustrative, not exhaustive
  • If unsure whether conduct is permitted, contact us before proceeding

13.2 Contact Us

For questions about this AUP: Email: [email protected]

For permission requests: Email: [email protected]

For compliance guidance: Email: [email protected]

14. ADDITIONAL GUIDELINES

14.1 Good Faith Use

We expect you to:

  • Use the Platform in good faith
  • Act professionally and ethically
  • Respect other users and staff
  • Provide accurate information
  • Report issues and concerns
  • Cooperate with investigations

14.2 Community Standards

As a member of the Scribeable community:

  • Treat others with respect
  • Contribute to a positive environment
  • Share feedback constructively
  • Help maintain security and safety
  • Support high-quality patient care

SUMMARY OF KEY PROHIBITIONS

DO NOT:

  • ✗ Engage in illegal activity
  • ✗ Commit healthcare fraud
  • ✗ Violate patient privacy
  • ✗ Share your account credentials
  • ✗ Access records without authorization
  • ✗ Use AI output without review
  • ✗ Compromise security
  • ✗ Introduce malicious code
  • ✗ Abuse prescription authority
  • ✗ Practice outside your scope
  • ✗ Create false documentation
  • ✗ Harass or threaten others
  • ✗ Reverse engineer the Platform
  • ✗ Use for competitive purposes
  • ✗ Insert unverified content into EHRs
  • ✗ Use in ways that could harm patients

DO:

  • ✓ Use professionally and ethically
  • ✓ Protect patient privacy
  • ✓ Review all AI output
  • ✓ Maintain security
  • ✓ Comply with all laws
  • ✓ Report violations and concerns
  • ✓ Stay within your scope of practice
  • ✓ Exercise clinical judgment
  • ✓ Verify accuracy
  • ✓ Treat others with respect

ACKNOWLEDGMENT

By using the Scribeable Platform, you acknowledge that:

  • You have read and understood this Acceptable Use Policy
  • You agree to comply with all terms
  • You understand the consequences of violations
  • You will use the Platform appropriately and professionally
  • You will report violations and concerns
  • Failure to comply may result in account termination and legal action

If you cannot agree to these terms, please do not use the Platform.

Last Updated: February 5, 2026 Version: 2.0

© 2026 Scribeable, Inc. All rights reserved.

Questions?

Our legal team is available to help clarify any terms.