Copient Health is committed to protecting the privacy and security of our users. This Privacy Policy explains how we collect, use, and safeguard information through our software platform (“the Software”), which interfaces with Electronic Medical Record (EMR) systems. Our platform is designed not to collect, store, or transmit any Protected Health Information (PHI) or Personally Identifiable Information (PII).
We maintain administrative, technical, and physical safeguards in accordance with SOC 2 compliance standards, ensuring secure operations and data handling.
This policy applies to all users of the Software and outlines how we handle access, data use, and system security in compliance with applicable data privacy principles and industry best practices.
We do not collect, store, access, or transmit any PHI or PII as defined by HIPAA or other applicable data protection laws. The Software is designed to interface with EMR systems in a read-only, aggregated, and de-identified capacity to generate operational insights and facility-level reports.
Access to the Software and its features is strictly limited to authorized users designated by the healthcare facility or organization. All users must be verified through secure facility-based credentials and assigned appropriate access rights based on their role. Users will be informed of their responsibilities under this Privacy Policy and any applicable confidentiality agreements. The facility is responsible for informing the company of any changes to user access including the removal of access from a user no longer affiliated with the facility, or changes to access for a given user.
Users are responsible for maintaining the confidentiality of their login credentials and using the software in accordance with facility policies and procedures. Users will not be able to access PHI/PII through the platform as all cases are de-identified for our reporting purposes.
Even though PHI/PII is not collected or stored, we implement robust security measures to protect all data processed by our platform, including end-to-end encryption of all communications, role-based access control, secure authentication protocols, and regular security audits and compliance checks.
Our Software may interact with EMR systems or third-party analytics platforms for performance monitoring or system interoperability. All integrations are configured to avoid exposure to PHI/PII and subject to technical and contractual safeguards. Any interaction with a third-party platform will be governed by applicable Business Associate Agreements (BAAs, even in the absence of PHI.
We may update this Privacy Policy from time to time to reflect legal, regulatory, or operational changes. Users will be notified of significant changes through our platform or via email.
If you have questions or concerns about this Privacy Policy, please contact:
Copient Health
1201 W Peachtree St NW Ste 2625
Atlanta, Georgia 30309
security@copienthealth.com