HIPAA Notice of Privacy Practices

Effective Date: March 31, 2025

This HIPAA Notice for Privacy Practices (“HIPAA Notice”) describes how Krisp Technologies, Inc. (“Krisp”) may in its capacity as a Business Associate use and disclose your Protected Health Information (PHI) and how you can access this information in accordance with the Health Insurance Portability and Accountability Act (“HIPAA”). Please read this HIPAA Notice carefully. All terms not defined herein shall have the same meaning as set forth in HIPAA.

1. Your Rights. 

When it comes to your PHI, you have the right to:

– Get a copy of your content that contains PHI.

– Request correction of PHI you believe is incorrect or incomplete.

– Request confidential communications.

– Ask us to limit what we use or share.

– Get a list of those with whom we’ve shared your PHI.

– Get a copy of this HIPAA Notice.

– Choose someone to act for you.

– File a complaint if you believe your privacy rights have been violated.

2. Your Choices. 

You can direct us in how we share your information:

– With family, friends, or others involved in your care or payment.

– In disaster relief situations.

– For marketing purposes or sale of information — but only with your explicit written consent.

3. Our Uses and Disclosures. 

We may use and share your PHI to:

– Provide and manage our services.

– Improve and maintain our services.

– Comply with legal obligations.

– Conduct research in a secure and privacy-preserving manner.

– Respond to legal and government requests (e.g., subpoenas, law enforcement, regulatory compliance).

We will not use or disclose your PHI for purposes not described in this HIPAA Notice without your written authorization.

Krisp does not create or manage psychotherapy notes directly. However, if our customers, such as licensed psychotherapists, upload psychotherapy notes to our services, we act as a Business Associate under HIPAA. In such cases, we rely on our customers to obtain the necessary authorizations for any use or disclosure of those notes. Should Krisp ever independently handle psychotherapy notes, we will obtain explicit authorization before using or disclosing such information, in accordance with HIPAA regulations.

4. Our Responsibilities

– We are required by law to maintain the privacy and security of your PHI.

– We will notify you promptly if a breach occurs that may have compromised your PHI.

– We must follow the duties and privacy practices described in this HIPAA Notice.

– We will not use or share your PHI other than as described here unless you authorize us in writing.

4. How Krisp Protects Your PHI

Please refer to our Security for AI Meeting Assistant webpage to learn how Krisp protects your PHI.

5. How to Contact Us or File a Complaint

If you have questions about this HIPAA Notice or believe your privacy rights have been violated, contact our Privacy Officer at [email protected]

You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.

7. Changes to This HIPAA Notice

We reserve the right to update this HIPAA Notice at any time. When we do, the revised HIPAA Notice will be posted here, and the updated date will be indicated above.