Open-source AI medical scribe for recording encounters and generating structured clinical notes.
OpenScribe is a free MIT license open source AI Medical Scribe that helps clinicians record patient encounters, transcribe audio, and generate structured draft clinical notes using LLMs. The default web deployment path is mixed mode: local Whisper transcription + Anthropic Claude note generation. A fully local desktop path is also available forked from StenoAI.
This software is currently in early development (v0.x) and is NOT suitable for clinical practice yet. It is intended for evaluation, testing, and development purposes only.
- HIPAA Compliant version is currently in the works. Join the Discord for more information when the version is launched.
node --version # Check you have Node.js 18+
# If not installed: brew install node if version < 18: brew upgrade node (macOS) or download latest from nodejs.org
npm install -g pnpmgit clone https://github.com/sammargolis/OpenScribe.git
cd OpenScribe
pnpm installCreate env defaults:
pnpm run setup # Auto-generates .env.local with secure storage keyEdit apps/web/.env.local and add:
TRANSCRIPTION_PROVIDER=whisper_local
WHISPER_LOCAL_MODEL=tiny.en
ANTHROPIC_API_KEY=sk-ant-YOUR_KEY_HERE
# NEXT_PUBLIC_SECURE_STORAGE_KEY is auto-generated, don't modifyOPENAI_API_KEY is optional unless you switch to TRANSCRIPTION_PROVIDER=whisper_openai.
pnpm dev:local # One command: Whisper local server + web appOptional desktop app path:
pnpm dev:desktopOpenScribe supports three workflows. Mixed web mode is the default path.
- Transcription: local Whisper server (
pnpm whisper:server) with default modeltiny.en - Notes: larger model (default Claude in web path)
- Start everything with one command:
pnpm dev:local - Configure with
TRANSCRIPTION_PROVIDER=whisper_localinapps/web/.env.local - Setup guide:
docs/WHISPER-LOCAL-SETUP.md
- Transcription: local Whisper backend in
local-only/openscribe-backend - Notes: local Ollama models (
llama3.2:*,gemma3:4b) - No cloud inference in this path
- Setup guide:
/Users/sammargolis/OpenScribe/local-only/README.md
- Transcription: OpenAI Whisper API
- Notes: Anthropic Claude (or other hosted LLM)
- Requires API keys in
apps/web/.env.local
OpenAI (transcription): platform.openai.com/api-keys - Sign up → API Keys → Create new secret key
Anthropic (note generation): console.anthropic.com/settings/keys - Sign up → API Keys → Create Key
Both services offer $5 free credits for new accounts
git pull origin main # Pull latest changes
pnpm install # Update dependencies
# If you encounter issues after updating:
rm -rf node_modules pnpm-lock.yaml && pnpm installOpenScribe exists to provide a simple, open-source alternative to cloud dependent clinical documentation tools. The project is built on core principles:
- Local-first storage: Encounter data is stored locally in the browser by default
- Privacy-conscious: No analytics or telemetry in the web app; external model calls are explicit and configurable
- Modular: Components can be swapped or extended (e.g., different LLM providers, transcription services)
This repo now includes a fully local, text-only MedGemma scribe workflow in
packages/pipeline/medgemma-scribe. It requires pre-transcribed text and
does not perform speech-to-text. See
packages/pipeline/medgemma-scribe/README.md for setup and usage.
- GitHub: sammargolis/OpenScribe
- Maintainer: @sammargolis
- Architecture: architecture.md
- Tests: packages/llm, packages/pipeline
- Core recording, transcription, and note generation
- AES-GCM encrypted local storage
- Browser-based audio capture
- Error handling improvements
- Comprehensive test coverage
- Basic audit logging
Physical Controls:
- User responsibility (device security, physical access)
- Package app to be able to run 100% locally with transciption model and small 7b model for note generation
- Multiple LLM providers (Anthropic, local models)
- Custom note templates
- Optional cloud sync (user-controlled)
- Multi-language support
- Mobile app
- EHR integration
- RCM integration
See architecture.md for complete details.
┌─────────────────────────────────────────────────────────┐
│ UI Layer (Next.js) │
│ ┌──────────────┐ ┌─────────────────────┐ │
│ │ Encounter │ │ Workflow States │ │
│ │ Sidebar │◄────────────►│ - Idle │ │
│ │ │ │ - Recording │ │
│ │ │ │ - Processing │ │
│ │ │ │ - Note Editor │ │
│ └──────────────┘ └─────────────────────┘ │
└─────────────────────────────────────────────────────────┘
│
▼
┌─────────────────────────────────────────────────────────┐
│ Processing Pipeline │
│ ┌──────────┐ ┌──────────┐ ┌──────────┐ ┌─────┐ │
│ │ Audio │──►│Transcribe│──►│ LLM │──►│Note │ │
│ │ Ingest │ │ (Whisper)│ │ │ │Core │ │
│ └──────────┘ └──────────┘ └──────────┘ └─────┘ │
│ │ │ │
│ └───────────────┐ ┌─────────────────┘ │
└───────────────────────┼─────────┼───────────────────────┘
▼ ▼
┌─────────────────────────────────────────────────────────┐
│ Storage Layer │
│ ┌──────────────────────────────────────────────────┐ │
│ │ Encrypted LocalStorage (AES-GCM) │ │
│ │ - Encounters (patient data, transcripts, notes) │ │
│ │ - Metadata (timestamps, status) │ │
│ │ - Audio (in-memory only, not persisted) │ │
│ └──────────────────────────────────────────────────┘ │
└─────────────────────────────────────────────────────────┘
Key Components:
- UI Layer: React components in
apps/web/using Next.js App Router - Audio Ingest: Browser MediaRecorder API → WebM/MP4 blob
- Transcription (default web path): local Whisper server (
whisper.cppviapywhispercpp, modeltiny.en) - LLM (default web path): Anthropic Claude via
packages/llm - Fully local desktop path: Whisper + Ollama via
local-only/openscribe-backend - Cloud fallback path: OpenAI Whisper API + hosted provider via
packages/llm - Note Core: Structured clinical note generation and validation
- Storage: AES-GCM encrypted browser localStorage
Monorepo Structure:
apps/web/– Next.js frontend + Electron rendererpackages/pipeline/– Audio ingest, transcription, assembly, evaluationpackages/ui/– Shared React componentspackages/storage/– Encrypted storage + encounter managementpackages/llm/– Provider-agnostic LLM clientpackages/shell/– Electron main processconfig/– Shared configuration filesbuild/– Build artifacts
Storage: AES-GCM encrypted localStorage. Audio processed in-memory, not persisted.
Transmission: In the default mixed mode, audio stays local for transcription and transcript text is sent to Anthropic Claude over HTTPS/TLS for note generation. If TRANSCRIPTION_PROVIDER=whisper_openai, audio is sent to OpenAI Whisper over HTTPS/TLS. The application enforces HTTPS-only connections and displays a security warning if accessed over HTTP in production builds.
No Tracking: Zero analytics, telemetry, or cloud sync
Use Responsibility
- All AI notes are drafts requiring review
- Ensure regulatory compliance for your use case
- For production deployments serving PHI, ensure the application is accessed via HTTPS or served from localhost only
HIPAA Compliance: OpenScribe includes foundational privacy/security features, but this alone does not make the application HIPAA-compliant. Below is what is already built, followed by a checklist a health system must complete to operate compliantly.
Built (foundational rails)
- AES-GCM encrypted localStorage for PHI at rest in the browser
- Audio processed in-memory and not persisted
- TLS/HTTPS for external API calls (Whisper, Claude)
- No analytics/telemetry or cloud sync by default (local-first)
- HTTPS-only enforcement in production with HTTP warning
Health System Checklist (required to run compliantly)
- Execute BAAs with all PHI-touching vendors (e.g., OpenAI, Anthropic, hosting providers)
- Perform and document HIPAA Security Rule risk analysis and remediation plan
- Implement access controls (SSO/MFA, least-privilege, session timeouts)
- Establish audit logging, log review processes, and retention policies
- Define data retention, backup, and secure deletion procedures for PHI
- Configure device, endpoint, and physical safeguards (disk encryption, MDM, secure workstations)
- Document policies and procedures (incident response, breach notification, sanctions)
- Train workforce on HIPAA/privacy/security requirements
- Establish key management and secret rotation procedures
- Validate network/security posture (secure deployment, vulnerability management)
No EHR Integration: Standalone tool
Browser Storage Limits: ~5-10MB typical
No Warranty: Provided as-is under MIT License
Contributions welcome! See CONTRIBUTING.md for detailed guidelines.
Quick Start:
- Fork the repository
- Create a feature branch
- Make changes with tests
- Submit a PR
Portions of this project include or were derived from code in:
StenoAI – https://github.com/ruzin/stenoai
Copyright (c) 2025 Skrape Limited
Licensed under the MIT License.
All third-party code remains subject to its original license terms.
MIT
MIT License
Copyright (c) 2026 Sam Margolis
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
OpenScribe
GitHub: https://github.com/sammargolis/OpenScribe
Maintainer: Sam Margolis (@sammargolis)