InsightHealth
Sign In

Privacy Policy

Last updated: December 2024

InsightHealth ("we," "our," or "us") is committed to protecting your privacy and the security of your Protected Health Information (PHI). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our personal health record application.

1. HIPAA Compliance

InsightHealth is designed to comply with the Health Insurance Portability and Accountability Act (HIPAA). We implement administrative, physical, and technical safeguards to protect your health information.

2. Information We Collect

Personal Health Information

  • Medical conditions and diagnoses
  • Medications and prescriptions
  • Allergies and adverse reactions
  • Vital signs and measurements
  • Laboratory test results
  • Immunization records
  • Medical procedures
  • Family medical history
  • Health-related documents

Account Information

  • Name and contact information
  • Email address
  • Date of birth
  • Authentication credentials

3. How We Use Your Information

We use your information to:

  • Provide and maintain the InsightHealth service
  • Store and organize your health records
  • Generate health insights and reminders
  • Enable secure sharing with healthcare providers
  • Improve our services and user experience
  • Comply with legal obligations

4. Information Sharing

We do not sell your personal health information. We may share your information only:

  • When you explicitly authorize sharing via share links
  • With service providers who help operate our platform (under strict agreements)
  • When required by law or legal process
  • To protect the rights, safety, or property of InsightHealth or others

5. Data Security

We implement comprehensive security measures including:

  • End-to-end encryption for data in transit
  • Encryption at rest for stored data
  • Multi-factor authentication (MFA)
  • Regular security audits and assessments
  • Access controls and audit logging
  • SOC 2 Type II compliance

6. Data Storage

Your health information is stored using FHIR-compliant healthcare infrastructure operated by our partners. All data is stored in secure, HIPAA-compliant data centers located in the United States.

7. Your Rights

You have the right to:

  • Access your health information at any time
  • Export all your data in standard FHIR format
  • Correct inaccurate information
  • Delete your account and all associated data
  • Revoke sharing permissions at any time
  • Request an audit log of access to your records

8. Data Retention

We retain your health information for as long as your account is active. When you delete your account, all your data is permanently removed from our systems within 30 days, except as required by law.

9. Children's Privacy

InsightHealth is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children under 18.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us at:

  • Email: privacy@insighthealth.app
  • Address: [Company Address]

12. California Privacy Rights

California residents have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information is collected, the right to delete personal information, and the right to opt-out of the sale of personal information. We do not sell personal information.