Omi Health — Legal

Last updated: 11 May 2026

Provider: Omi Health B.V., Eindhoven, Netherlands

Australian entity: Omi Health Pty Ltd, Perth, Australia

Contacts: [email protected] · [email protected] · [email protected]

Website (omi.health, omiscribe.com)

• Website Privacy Policy

Omi Scribe Cloud (Managed)

Available in three regional clouds: EU (Sweden Central) — live; ANZ (Australia East) — rolling out; US (Central US) — rolling out. UK customers are served from the EU region today (UK-resident option on the roadmap).

• Terms of Service
• Privacy Notice
• Sub-processors

Region-specific addenda

• UK Privacy Addendum — ICO, IDTA, UK GDPR, NHS DSPT support
• AU / NZ Privacy Addendum — APPs, OAIC, My Health Record, NDB scheme; NZ IPPs and Office of the Privacy Commissioner
• US Privacy Addendum — CCPA/CPRA and other state laws; HIPAA framing
• Dutch Healthcare Addendum — voor zorginstellingen (NEN 7510, AVG-zorg). Contact [email protected].

HIPAA (US)

A Business Associate Agreement (BAA) is required for HIPAA-regulated workflows. Contact [email protected] to request the BAA template.

Dutch healthcare

A Dutch Healthcare Addendum and BoZ Verwerkersovereenkomst are available for Dutch healthcare organisations (zorginstellingen). Contact [email protected].

Omi Scribe for Mac (Offline)

• Privacy Policy
• End User Licence Agreement (EULA)

The Mac app processes data on-device only and does not require a DPA, BAA, or region-specific addendum in most jurisdictions.

Security and compliance

• Report security issues: [email protected]
• Privacy inquiries: [email protected]

Enterprise security pack (available under NDA): DPA, DPIA, Records of Processing (ROPA), Incident Response Plan, and internal security policies (Information Security, Access Control, Data Classification, Azure compliance inheritance, technical reality summary).

Production readiness evidence (May 2026): Azure Monitor alert rules, Postgres PITR drills with in-VNet smoke (RTO 7-12 min observed), secret rotation drills from regional Dev VMs, and 8-domain compliance evidence pack (Identity, Network, Data Protection, Audit, Application Security, Resilience, Supply Chain, Operational Controls). Available under NDA.