Privacy Policy

AWS cloud hosting: All data is hosted on secure AWS cloud servers located in the United States, leveraging AWS's advanced security features.

Data storage location: All patient data is stored exclusively within US borders, complying with national data protection regulations.

Private VPC network: Our services operate within a private VPC network, offering enhanced security against external threats.

Firewalls & intrusion detection: Robust firewalls and state-of-the-art intrusion detection systems safeguard our network 24/7.

Data collection: We collect necessary patient chart data exclusively for billing purposes, adhering to privacy best practices.

Data sharing & third parties: Data is never shared with any third party. Internally, only concerned members have access to data.

HIPAA compliance: Currently holding a provisional HIPAA certificate, with full certification expected shortly. We are also SOC 2 and ISO certified.

Access controls: Strict role-based access controls ensure that only authorized personnel access sensitive data.

Endpoint security: All employees have endpoint protection software installed that safeguards against misuse.

Incident response plan: A comprehensive incident response plan is in place for prompt and effective handling of any data breaches.

Data download & usage: Clients downloading data for offline use must adhere to prescribed security guidelines. No PHI data enters our models — it goes strictly against HIPAA policy.

Data handling on the portal: Once data is uploaded to the portal it cannot be downloaded. Only chart IDs and their ICD and CPT codes are available for download.

Endpoint security: All employees have endpoint protection software installed that safeguards against misuse.