Data Processing Addendum
How Medrecords AI processes personal data inside Customer Content — the records, imaging, and claims files you upload — as your processor: on your instructions only, never for training, deleted on your schedule, with a certificate to prove it.
- We process the personal data inside your uploads only on your documented instructions — never for ourselves, never for advertising, never for model training (including "de-identified").
- You control retention with in-product lifecycle settings. Deletion covers backups and comes with a deletion certificate.
- Security incidents: notice without undue delay, within 72 hours of confirmation. Government demands for your data: notice within 24 hours unless legally barred.
- Subprocessor changes: 30 days' advance notice, a real objection right, and a pro-rata refund if we can't resolve it.
- Your PHI access logs are exportable in-product, any time — you don't have to ask us for your own audit trail.
01Applicability
This Data Processing Addendum ("DPA") is entered into between AI Health Studio LLC d/b/a Medrecords AI ("Medrecords AI") and the customer that is party to the Agreement ("Customer"), and forms part of the Agreement. "Agreement" means the Terms of Service — into which this DPA is automatically incorporated for all Self-Service and Test-a-File use — or, where executed, Customer's Order Form or master services agreement referencing this DPA.
This DPA applies wherever Medrecords AI Processes Customer Personal Data as a Processor (or subprocessor) on Customer's behalf in providing the Services. It is effective as of the Agreement's effective date and terminates automatically with the Agreement, except for obligations that by their nature survive (including Sections 4.5, 5, and 10). In case of conflict: the BAA controls as to PHI; then this DPA; then the Agreement. The SCCs, where they apply, prevail over everything as to the data they cover.
02Definitions
Capitalized terms not defined here have the meanings in the Agreement.
- "Customer Content" — everything Customer or its Users upload or generate in the Services: medical records, DICOM imaging studies, claims files, exhibits, annotations, templates, and the chronologies, summaries, answers, and reports produced from them.
- "Customer Personal Data" — Personal Data contained in Customer Content that Medrecords AI Processes on Customer's behalf. It excludes Customer's business-contact data (covered by the Privacy Notice) and Service Data.
- "Data Protection Law" — all laws applicable to the Processing of Customer Personal Data, including HIPAA/HITECH, 42 CFR Part 2, state medical-privacy and comprehensive privacy laws (including the CCPA/CPRA, Virginia CDPA, Colorado PA, Connecticut DPA, Utah UCPA, Texas DPSA, Washington My Health My Data Act), and where applicable the GDPR, UK GDPR, and Swiss FADP.
- "Controller," "Processor," "Data Subject," "Personal Data," "Process/Processing" — as defined in Data Protection Law, including "business," "service provider," and "personal information" under the CCPA.
- "Security Incident" — a breach of Medrecords AI's security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Customer Personal Data in Medrecords AI's possession or control. It excludes unsuccessful attempts that do not compromise the data (pings, port scans, failed logins, DDoS attempts on firewalls).
- "Service Data" — operational telemetry about use of the Services (feature usage, page counts, token metering, performance, error data) engineered to exclude Customer Content and not derived from the substance of any record.
- "SCCs" / "UK IDTA" — the EU Commission Standard Contractual Clauses (Decision (EU) 2021/914) and the UK International Data Transfer Addendum (version B1.0), each as amended or replaced.
03Roles
3.1 Customer is the Controller (or, where Customer processes records for its own clients — as law firms, TPAs, legal nurse consultants, and IME firms routinely do — a Processor for a third-party Controller, in which case Medrecords AI acts as Customer's subprocessor). Medrecords AI is Customer's Processor and, for PHI, its business associate (or subcontractor business associate) under the BAA. Customer warrants that it has the legal basis, authorizations, and — where acting for a client — the client permissions needed to engage Medrecords AI on these terms.
3.2 CCPA service-provider certification. Medrecords AI will not: (a) sell or share Customer Personal Data; (b) retain, use, or disclose it for any purpose (including a commercial purpose) other than providing the Services under the Agreement, or outside the direct business relationship with Customer; or (c) combine it with Personal Data received from or on behalf of any other person, except as Data Protection Law permits for security, deduplication within Customer's own cases, or as Customer instructs. Medrecords AI certifies that it understands and will comply with these restrictions.
04Processing obligations
4.1 Instructions. Medrecords AI Processes Customer Personal Data only: (a) to provide the Services as described in Annex 1; (b) per the Agreement, this DPA, and configurations Customer makes in-product (retention settings, access assignments, template routing, API calls — all documented instructions); (c) per additional written instructions the parties agree to (including litigation-hold and protective-order constraints Customer communicates); and (d) as required by law, in which case Medrecords AI informs Customer of the legal requirement before Processing unless the law prohibits it. Medrecords AI will inform Customer if, in its opinion, an instruction violates Data Protection Law, and may suspend that instruction until resolved.
4.2 Confidentiality of personnel. Access to Customer Personal Data is limited to personnel who need it to deliver or support the Services, all of whom are bound by written confidentiality obligations, complete privacy and security training (including HIPAA training) before access, and pass background screening as permitted by law. Support access to case content requires Customer approval and is captured in the same PHI audit log Customer can export.
4.3 Security. Medrecords AI implements and maintains the technical and organizational measures in Annex 2, including multi-factor authentication enforced across all administrative and production access at all times — disabling MFA is a material breach of this DPA. Measures may be updated from time to time, but never in a way that materially reduces protection during the term. Customer has reviewed Annex 2 and agrees that the Services and these measures provide a level of security appropriate to the risk of the Customer Personal Data it processes and satisfy Customer's vendor-diligence obligations under Data Protection Law.
Medrecords AI will not use Customer Content or Customer Personal Data — nor any de-identified, anonymized, or aggregated derivative of either — to train, fine-tune, evaluate against for improvement, or otherwise develop any AI or machine-learning model, whether Medrecords AI's or a third party's. Every AI subprocessor is bound in writing to zero-retention inference and the same no-training restriction. Unlike DPAs that reserve a "de-identified data" improvement right, this DPA grants none.
4.5 Service Data. Medrecords AI may Process Service Data as an independent business for legitimate operational purposes: billing and metering (including the per-case usage analytics shown to Customer), capacity planning, security monitoring, and improving the Services. Service Data is engineered to exclude record content; to the extent any Service Data is Personal Data, Medrecords AI processes it per the Privacy Notice. Section 4.4 applies to Service Data too: no record-derived content is used for model training.
05Retention, deletion & certificates
5.1 Customer-controlled retention. Litigation and claims timelines differ, so retention is a Customer setting, not our default: in-product data-lifecycle controls let Customer set retention periods per case or organization-wide, place legal holds, and delete individual documents, cases, or the whole workspace at any time. Absent a Customer setting, Customer Content is retained while the case remains active in the workspace.
5.2 Deletion. When Customer deletes content, closes a case past its retention setting, or the Agreement terminates (after the 30-day export window in the Agreement), Medrecords AI deletes the affected Customer Content from production systems within thirty (30) days and from encrypted backups within the same period on the standard backup-rotation cycle. Deletion follows NIST SP 800-88 media-sanitization principles.
5.3 Deletion certificate. On completion of a termination-driven purge — and on request for any case-level purge — Medrecords AI issues a deletion certificate within forty-eight (48) hours identifying the scope deleted and confirming removal from primary systems, backups, and logs (other than audit-log entries that record that deletion occurred).
5.4 Exceptions. Deletion obligations yield only to (a) a legal hold or retention obligation binding Medrecords AI, or (b) Customer's own written instruction — in either case the retained data stays protected under this DPA until deletion completes.
06Assistance, demands & incidents
6.1 Data subject requests. Customer is responsible for responding to Data Subjects. If a request reaches Medrecords AI directly, Medrecords AI notifies Customer without undue delay, refers the individual to Customer (per Section 12 of the Privacy Notice), and does not respond on the merits unless instructed or legally required. The Services themselves are the first line of assistance — search, export, audit logs, and de-identified export let Customer answer most requests without our involvement; where they don't suffice, Medrecords AI provides commercially reasonable help.
6.2 DPIAs. Taking into account the nature of Processing and available information, Medrecords AI will reasonably assist Customer with data-protection impact assessments, security-risk analyses (including HIPAA §164.308 risk analysis inputs), and regulator consultations, starting from the pre-built documentation in the security package.
6.3 Government & legal demands. If Medrecords AI receives a subpoena, warrant, court order, or other demand for Customer Personal Data, it will (a) notify Customer within twenty-four (24) hours by secure channel unless legally prohibited — and if prohibited, notify as soon as permitted with a copy of the demand; (b) redirect the requester to Customer where possible, since records in litigation are properly sought from parties, not vendors; (c) challenge overbroad or improper demands where reasonable grounds exist; and (d) disclose only the minimum legally required.
Medrecords AI notifies Customer of a Security Incident without undue delay, and in no event later than 72 hours after confirming it. Notice includes, as known: the nature of the incident, categories and approximate volume of records and Data Subjects affected, cases implicated, measures taken, and a named contact. Medrecords AI will mitigate, cooperate with Customer's investigation and any notification obligations (including HIPAA §164.410 timelines under the BAA), and keep Customer updated. Notification is not an admission of fault, and a Security Incident is not, by itself, a breach of this DPA — Medrecords AI is in breach only where the incident resulted from its material failure to maintain the Annex 2 measures, and is not responsible for incidents arising from Customer's credentials, users, configurations, connected systems, or infrastructure Customer controls. Each party bears the costs of its own legal obligations arising from an incident; any monetary liability is subject to the Agreement's aggregate cap and exclusions. If Customer's public notice will name Medrecords AI, Customer will consult Medrecords AI in advance where lawful.
6.5 Access logs. The Platform's PHI audit logging records every access to case content (user, timestamp, action). Customer administrators can export their organization's access logs in-product at any time, and may request a quarterly access summary covering any Medrecords AI personnel access at no charge.
07Subprocessors
7.1 Authorization. Customer authorizes the subprocessors identified on the Subprocessor List, which states each entity's role, processing location, and safeguards — including, for every AI vendor, a BAA, zero-retention inference, and the Section 4.4 no-training flow-down.
7.2 Changes & objection. Medrecords AI gives at least thirty (30) days' advance notice of any new subprocessor of Customer Personal Data (email to Customer's contacts and the subscription list on the Subprocessor List page). Customer may object on reasonable data-protection grounds within fourteen (14) days to [email protected]. The parties will work in good faith to resolve the objection (including by configuration that avoids the new subprocessor); failing resolution, Customer may terminate the affected Services and receive a pro-rata refund of prepaid, unused fees. Continued use after the notice period without objection constitutes approval.
7.3 Flow-down & liability. Every subprocessor is bound by written terms no less protective than this DPA (and, for PHI, a subcontractor BAA). Medrecords AI remains fully liable to Customer for its subprocessors' performance as for its own.
08Audits
8.1 Documentation first. Medrecords AI maintains SOC 2 audit-ready controls documentation and evidence packages (we say "certified" only when a certificate exists), plus penetration-test summaries and this DPA's Annex 2 — available under NDA via the Trust Center. These satisfy most audit needs.
8.2 Audit right. Where documentation is insufficient to demonstrate compliance, Customer (or an independent auditor reasonably acceptable to Medrecords AI) may conduct a documentary audit of Medrecords AI's policies and procedures for Customer Personal Data — no more than once per twelve (12) months, on thirty (30) days' notice, during business hours, under an agreed audit plan, without access to other customers' data, and at Customer's cost. Regulator-mandated audits are accommodated on the regulator's timeline. Findings are Confidential Information; Customer will share them with Medrecords AI.
09International transfers
Customer Personal Data is processed in the United States (see Annex 3 for plan-specific locations). Where Customer Personal Data of EEA, UK, or Swiss residents is transferred to a country without an adequacy decision, the parties incorporate the SCCs by reference — Module 2 (Customer as Controller) or Module 3 (Customer as Processor), with Customer as data exporter and Medrecords AI as data importer; Clause 7 docking omitted; Clause 9 Option 2 with the notice periods in Section 7.2; Clause 11 optional language omitted; Clauses 17–18: Ireland. Annexes are completed by this DPA (Annexes 1–2) and the Subprocessor List.
UK transfers additionally incorporate the UK IDTA (tables completed by this DPA); Swiss transfers apply the SCCs adapted for the FADP (FDPIC as supervisory authority; Swiss residents may sue in Switzerland). If a required transfer mechanism is replaced or invalidated, the parties will adopt the successor mechanism, and Customer will reasonably cooperate to document it.
10Liability, term & changes
10.1 Liability. Each party's liability arising out of or related to this DPA and the BAA — however arising — is subject to, and counts toward, the single aggregate cap and the exclusions in Terms Section 17. Nothing in this DPA or the BAA creates a separate or additional cap, expands either party's liability, or makes remedies additive to the Agreement's.
10.2 Changes. Medrecords AI may update this DPA on notice only to the extent reasonably necessary to reflect changes in Data Protection Law or the SCCs, and never in a way that materially reduces protections during a paid term. Otherwise, amendments require both parties' written agreement. The remainder of the Agreement is unchanged.
Scope of processing
Technical & organizational security measures
TLS 1.2+ for all data in transit; AES-256 at rest for every file, database, and backup, in every environment.
Case-level, HIPAA-minimal authorization — users and staff see only assigned cases. Role-based permissions; least privilege; access reviews.
MFA enforced for all administrative and production access; SSO support; short-lived JWT/PASETO session tokens with strict expiry; scoped Case Access Tokens for CRM integration.
Every PHI access event logged (user, timestamp, action); logs tamper-evident, retained 6 years, exportable by Customer in-product.
HIPAA-eligible AWS services in isolated VPCs; hardened configurations; CloudWatch monitoring and alerting; segregation between environments and between customers.
Dependency and image scanning, patch management SLAs, annual third-party penetration testing with remediation tracking.
Background screening as permitted by law; written confidentiality; HIPAA, privacy, and secure-development training before access and annually.
Encrypted backups with tested restores; documented incident-response plan with the Section 6.4 clock; business-continuity and disaster-recovery procedures.
Controls are documented SOC 2 audit-ready; evidence packages are available under NDA via the Trust Center. "Audit-ready" means documented for audit — we claim "certified" only when a certificate exists.
Plan-specific data paths
The three plans differ in where Customer Content lives and who operates the AI inference path. This Annex states the processing consequences of each.
Customer Content is processed and stored in Medrecords AI's HIPAA-eligible AWS environment in the United States (primary: us-east-1; disaster recovery: us-west-2). AI inference uses the authorized AI subprocessors on the Subprocessor List — each under a BAA, zero-retention inference, and the no-training flow-down. The click-through BAA and this DPA apply automatically. Test-a-File evaluations follow this path with the 30-day deletion in the Agreement.
Customer Content and AI inference run inside Customer's own AWS or Azure tenancy under Customer's keys and Customer's agreements with its cloud provider (including that provider's BAA for HIPAA-eligible model services). Medrecords AI Processes Customer Personal Data only through the orchestration and application layer and through support access Customer grants — logged, time-boxed, and approval-gated. The model-inference subprocessors in the Subprocessor List do not apply to this plan; Customer's cloud tenancy takes their place.
The platform is deployed in infrastructure Customer controls. Medrecords AI has no standing access to Customer Content; any support access is session-based, Customer-initiated, logged, and revocable. Retention, deletion, and backup execution are operated by Customer with the platform's lifecycle tooling; Medrecords AI's Processing is limited to what Customer explicitly enables, and Sections 4.4 (never-train) and 6.4 (incidents, as to any data we actually touch) still apply in full.