Legal Document

Privacy Policy

Your health data is a sacred trust. This policy outlines how HealthFlow protects, processes, and respects your privacy in the modern era of restorative care.

Last Updated: June 14, 2024 • Effective Date: January 1, 2024

1. Introduction

Welcome to HealthFlow. We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice, or our practices with regards to your personal information, please contact us.

When you use our services, you trust us with your personal health information. We take this responsibility seriously. This policy applies to all information collected through our website, mobile application, and any related services, sales, marketing, or events.

2. Information Collection

We collect personal information that you voluntarily provide to us when you register on the Services, express an interest in obtaining information about us or our products and Services.

Personal Data
  • Legal name and contact information
  • Biometric data (weight, age, gender)
  • Insurance provider details
  • Billing and payment information
Health Information
  • Medical history and diagnosis
  • Prescription records
  • Lab test results and imaging
  • Provider consultation notes

3. How We Use Data

We use personal information collected via our Services for a variety of business purposes described below. We process your personal information for these purposes in reliance on our legitimate business interests, in order to enter into or perform a contract with you, with your consent, and/or for compliance with our legal obligations.

Service Delivery

To provide the restorative care services you requested and facilitate medical consultations.

Service Improvement

Anonymized data is used to improve our clinical algorithms and patient outcomes.

Security & Protection

To protect our services and your data from fraudulent or malicious activities.

4. HIPAA Compliance

HealthFlow is a "covered entity" under the Health Insurance Portability and Accountability Act (HIPAA). This means we are legally required to maintain the privacy of your protected health information (PHI) and to provide you with notice of our legal duties and privacy practices.

Fully HIPAA Certified & Audited
HIPAA compliance badge

5. Information Sharing

We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations. We never sell your personal data to advertisers.

5. Data Security

We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process. However, please also remember that we cannot guarantee that the internet itself is 100% secure.

AES-256 Encryption

2FA Mandatory

Cold Storage Backups

6. Your Rights

Under certain jurisdictions (such as GDPR or CCPA), you have specific rights regarding your personal information. These may include the right to:

Access & Review

Request a copy of the data we hold about you at any time.

Rectification

Correct any inaccuracies in your personal or health records.

Erasure

Request that we delete your personal data from our active systems.