Your Data. Your Control.
Complete transparency on how we collect, use, and protect your information with enterprise-grade privacy standards.
Last Updated: October 21, 2025
Data Ownership
100% Customer Control
Third-Party Sharing
Zero Data Sharing
Audit Retention
7-Year Compliance
Encryption Standard
AES-256 + TLS 1.3
Account Information
Email address, name, role, and hospital affiliation for authentication and access control.
Protected Health Information (PHI)
Patient data entered into the system including medical records, diagnoses, treatment plans, and clinical notes.
Usage Data
Access logs, feature usage, and system interactions for security and audit purposes.
Technical Data
IP addresses, browser type, and device information for security monitoring.
Data Security
All PHI is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Access is controlled through role-based permissions, and all data access is logged for audit purposes. On-premise deployments ensure that patient data never leaves your facility's secure network.
Data Retention
Patient data is retained according to your facility's data retention policies and applicable healthcare regulations. System audit logs are retained for a minimum of 7 years to comply with HIPAA requirements.
Third-Party Sharing
We do not share, sell, or rent patient data to third parties. AI processing is performed locally on your infrastructure for on-premise deployments, or in HIPAA-compliant cloud environments for hosted deployments. No PHI is used for model training or shared with AI providers.
Your Rights
Questions About Privacy?
Contact our Privacy Officer for any privacy-related questions or to exercise your rights.