Back to Home

Privacy Policy

Last updated: December 30, 2025

1. Introduction

HealthData-in-Motion ("HDIM", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare interoperability platform and related services.

2. HIPAA Compliance

As a healthcare technology platform, HDIM is designed to be fully compliant with the Health Insurance Portability and Accountability Act (HIPAA). We implement appropriate administrative, physical, and technical safeguards to protect Protected Health Information (PHI).

  • All PHI is encrypted at rest and in transit using AES-256 encryption
  • Access to PHI is strictly controlled through role-based access controls
  • All PHI access is logged and auditable
  • We execute Business Associate Agreements (BAAs) with all covered entities
  • PHI cache TTLs are limited to 5 minutes maximum

3. Information We Collect

3.1 Information You Provide

  • Contact information (name, email, phone number)
  • Organization details (company name, role, healthcare organization type)
  • Account credentials
  • Communication preferences

3.2 Protected Health Information

PHI processed through our platform is handled in accordance with HIPAA regulations and applicable Business Associate Agreements. We process PHI only as necessary to provide our services to covered entities.

4. How We Use Your Information

  • To provide and maintain our healthcare interoperability services
  • To process quality measure evaluations and care gap detection
  • To communicate with you about our services
  • To comply with legal obligations and healthcare regulations
  • To improve our platform and develop new features

5. Data Retention

We retain data in accordance with applicable healthcare regulations and contractual obligations. PHI retention periods are determined by applicable law and BAA terms. Non-PHI data is retained for the duration of your account plus 7 years for compliance purposes.

6. Data Security

We implement comprehensive security measures including:

  • SOC 2-aligned infrastructure
  • End-to-end encryption (TLS 1.3 in transit, AES-256 at rest)
  • Multi-factor authentication
  • Regular security assessments and penetration testing
  • 24/7 security monitoring
  • Disaster recovery and business continuity planning

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for platform functionality
  • Analytics Cookies: Help us understand platform usage (anonymized)
  • Preference Cookies: Remember your settings and preferences

You can control cookie preferences through your browser settings. Note that disabling essential cookies may impact platform functionality.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Object to processing
  • Data portability
  • Withdraw consent

9. Contact Us

For privacy-related inquiries or to exercise your rights, contact us at:

Privacy Officer
HealthData-in-Motion
Email: privacy@hdim.io
Phone: (555) 123-4567

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.