Privacy Policy

1. Information We Collect

We collect information in the following categories:

Account Information

• Name, email address, and contact information
• Organization name, address, and practice details
• Payment and billing information
• Professional licensing and credential information

User Data

"User Data" means all data, information, and content that you or your authorized users input, upload, or transmit through the Service, including Protected Health Information (PHI). PHI is individually identifiable health information as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.

Usage Information

• Log data (IP address, browser type, pages visited, timestamps)
• Device information and operating system
• Feature usage patterns and interaction data

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Host, store, and process your User Data solely for the purpose of delivering the Service
• Process payments and manage subscriptions
• Send service-related communications and updates
• Comply with legal obligations and enforce our terms
• Create de-identified, aggregated data for analytics and service improvement (with all PHI removed in compliance with HIPAA standards)

You retain all ownership rights to your User Data. Patientevity LLC claims no ownership rights to your User Data.

3. Data Security

Patientevity LLC implements industry-standard security measures to protect your information, including:

• End-to-end encryption of data in transit and at rest using AES-256 encryption standards
• Multi-factor authentication for all system access
• Role-based access controls limiting data access to authorized personnel
• Regular security audits and penetration testing
• Automatic backup and disaster recovery procedures
• 24/7 security monitoring and incident response
• Network security including firewalls and intrusion detection systems

4. HIPAA and Protected Health Information

Patientevity LLC acknowledges that it may create, receive, maintain, or transmit Protected Health Information (PHI) on your behalf. We comply with the applicable provisions of HIPAA and the Health Information Technology for Economic and Clinical Health Act (HITECH Act).

Our Business Associate Agreement (BAA) establishes permitted uses and disclosures of PHI, safeguards to protect PHI, breach notification procedures, data security requirements, and subcontractor obligations. A copy of the BAA is available in your account settings and must be executed separately for covered entities subject to HIPAA.

For more details on our HIPAA practices, please visit our HIPAA Compliance page.

5. Data Retention and Deletion

You may export your User Data at any time through the Service's data export functionality in standard healthcare formats (HL7, FHIR, CSV, PDF).

Upon termination of your subscription:

• You will have 30 days to export your User Data
• After 30 days, your data may be permanently deleted
• Patientevity LLC may retain de-identified data and data necessary for legal compliance

Data Deletion Requests: You may request deletion of specific User Data at any time, subject to our legal retention obligations. Deletion requests are processed within 30 days.

6. Third-Party Services and Subcontractors

Patientevity LLC ensures that any subcontractors that create, receive, maintain, or transmit PHI on our behalf agree in writing to the same restrictions, conditions, and requirements that apply to us under our Business Associate Agreement.

We maintain a current list of subcontractors that have access to PHI and make such list available to covered entities upon request. Patientevity LLC remains responsible for the acts and omissions of its subcontractors.

7. Your Rights

You have the following rights regarding your data:

• Access: You may access your User Data at any time through the Service
• Export: You may export your data in standard healthcare formats at any time
• Deletion: You may request deletion of your data, subject to legal retention requirements
• Amendment: You may request amendments to your personal information to ensure accuracy
• Accounting of Disclosures: You may request an accounting of disclosures of your PHI

8. Cookies and Analytics

Our website and Service use cookies and similar technologies to enhance your experience, analyze usage patterns, and improve our services. These include:

• Essential Cookies: Required for the Service to function properly, including session management and authentication
• Analytics Cookies: Help us understand how visitors interact with our website to improve our services
• Preference Cookies: Remember your settings and preferences for future visits

You can control cookie settings through your browser preferences. Note that disabling certain cookies may affect the functionality of the Service.

9. Changes to This Policy

Patientevity LLC reserves the right to modify this Privacy Policy at any time. We will provide notice of material changes by:

• Email to your registered address
• Notice within the Service
• Posting on our website

Your continued use of the Service after the effective date of changes constitutes acceptance of the modified Privacy Policy. If you do not agree to the changes, you must stop using the Service.

10. Contact Information

For questions about this Privacy Policy or our data practices, please contact: