Privacy Policy

1. Information We Collect

We collect only the information necessary to provide the Service:

Account Information

When you or your organization registers, we collect your name, email address, and organization name. This information is used to create and manage your account, authenticate users, and send service notifications.

Request Metadata

When a record request is submitted, we collect and store metadata necessary to route and fulfill the request: study type, requested date range, delivery preference (fax, email, or secure transfer), and department identifier.

2. PHI Handling

HealthXfer is designed to be a plumbing layer, not a data warehouse. Our PHI handling reflects this:

• MRN and date of birth submitted with a record request are encrypted using AES-256-GCM and stored in a secure, isolated Redis vault.
• These identifiers have a 72-hour time-to-live (TTL). They are automatically and permanently deleted when the TTL expires or when the transfer is fulfilled and confirmed complete, whichever comes first.
• These identifiers are never written to our database. They exist only in the encrypted Redis vault for the duration of request processing.
• Actual medical records and imaging data flow directly between the requesting and fulfilling systems. HealthXfer does not intercept, copy, or retain the transferred content.

3. How We Use Information

We use the information we collect to:

• Provide, operate, and maintain the HealthXfer platform and its features.
• Route record requests to the appropriate fulfilling department and track request status.
• Send transactional notifications — such as request confirmations, status updates, and delivery confirmations — to relevant parties.
• Write audit events to the Covered Entity's EHR system (e.g., Epic) as part of the record disclosure workflow.
• Analyze aggregate, de-identified usage patterns to improve the platform and detect issues.
• Respond to support inquiries and communicate service-related updates.

We do not sell your data, use it for advertising, or share it with third parties except as described in this policy or required by law.

4. Data Retention

To request deletion of your account and associated data, contact privacy@healthxfer.com. Note that audit log retention may be required for legal compliance regardless of account deletion requests.

5. Your Rights

Depending on your location, you may have the following rights with respect to your personal information:

• Access — Request a copy of the personal information we hold about you.
• Correction — Request correction of inaccurate or incomplete information.
• Deletion — Request deletion of your personal information, subject to retention obligations.
• Portability — Request that we provide your data in a structured, machine-readable format.
• Objection — Object to certain types of processing where permitted by law.

To exercise any of these rights, contact privacy@healthxfer.com. We will respond within 30 days.

6. Security

We take security seriously. Our practices include:

• Encryption at rest: PHI identifiers are encrypted using AES-256-GCM before being written to the Redis vault. Database records are encrypted at rest by default.
• Encryption in transit: All data transmitted between clients and HealthXfer servers uses TLS 1.2 or higher.
• Access controls: Role-based access controls ensure that users can only access data relevant to their department and organization.
• SOC 2 compliance: We are actively working toward SOC 2 Type II certification. Details available upon request for enterprise customers.

No method of transmission or storage is 100% secure. If you believe a security incident has occurred, please notify us immediately at privacy@healthxfer.com.

7. Contact

For privacy questions, data requests, or concerns about this policy, contact our privacy team:

Email: privacy@healthxfer.com

For BAA or legal inquiries, contact legal@healthxfer.com.