Privacy Policy

Last updated: August 2025

1. Information We Collect

Medical Information

  • We process medical notes and clinical text you submit for code extraction
  • All medical content is automatically anonymized using HIPAA Safe Harbor methods
  • No personally identifiable information (PII) or protected health information (PHI) is stored
  • Processed content is cached temporarily for performance optimization only

Usage Information

  • IP addresses (for geographic access control and security)
  • Browser and device information
  • Usage patterns and performance metrics
  • Session identifiers for functionality

Contact Information

  • Email addresses for newsletter subscriptions and enterprise inquiries
  • Organization information for enterprise leads
  • Feedback and review submissions

2. How We Use Your Information

  • Medical Code Extraction: Process clinical text to extract ICD-10, CPT, and NDC codes
  • Service Improvement: Analyze usage patterns to enhance accuracy and performance
  • Communication: Send updates, newsletters, and respond to inquiries
  • Security: Protect against unauthorized access and ensure US-only compliance
  • Analytics: Generate anonymized metrics for service optimization

3. HIPAA Compliance

Important: Our system automatically anonymizes all medical content before processing.
  • Automatic removal of names, addresses, phone numbers, and other identifiers
  • Safe Harbor de-identification methods applied to all submissions
  • No storage of original, non-anonymized medical content
  • Encrypted data transmission and storage
  • Access controls and audit logging

4. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share information in these limited circumstances:

  • Service Providers: Third-party services that help us operate our platform (OpenAI API, hosting providers)
  • Legal Requirements: When required by law or to protect our rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Consent: With your explicit permission for specific purposes

5. Data Security

  • Industry-standard encryption for data in transit and at rest
  • Geographic access restrictions (US-only)
  • Regular security assessments and updates
  • Secure coding practices and vulnerability management
  • Employee access controls and training

6. Data Retention

  • Medical Content: Anonymized and cached temporarily (30 days maximum)
  • Usage Analytics: Aggregated metrics retained for service improvement
  • Account Information: Until you request deletion or close your account
  • Legal Compliance: As required by applicable laws and regulations

7. Your Rights

You have the right to:

  • Access information we have about you
  • Correct inaccurate or incomplete information
  • Delete your personal information
  • Restrict or object to certain processing
  • Data portability where applicable
  • Withdraw consent where processing is based on consent

8. Geographic Restrictions

Our service is currently available only to users located in the United States. We use IP geolocation to enforce this restriction for compliance purposes.

9. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

10. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes by posting the new policy on our website and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

  • Email: privacy@medicalcodeextraction.com
  • Address: [Company Address]
Return to Application