EnWella Health Platform Effective Date: [INSERT DATE] Last Updated: [INSERT DATE]
[COMPANY LEGAL NAME] ("EnWella," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use the EnWella electronic health record (EHR) platform (the "Service").
EnWella operates as both a controller (for information about its business customers and their employees) and a processor/Business Associate (for Protected Health Information handled on behalf of healthcare providers). This Privacy Policy addresses all of these contexts.
This Privacy Policy does not apply to de-identified or aggregated data that cannot reasonably be used to identify any individual.
This Privacy Policy applies to: - Healthcare Providers and Practice Administrators — licensed clinicians and staff who use EnWella to manage their practice - Patients — individuals whose health information is managed within the Service (primarily governed by the HIPAA Notice of Privacy Practices provided by the patient's healthcare provider) - Website Visitors — individuals who visit our website at [WEBSITE_URL]
Note for Patients: Your healthcare provider is primarily responsible for your Protected Health Information under HIPAA. Refer to your provider's Notice of Privacy Practices for information about how your PHI is handled. This Privacy Policy addresses information EnWella collects independently of your PHI.
Account and Registration Information: - Name, email address, professional credentials (NPI number, state license number, specialty) - Organization name, address, tax identification number (for billing) - Job title and role within a practice - Contact preferences and communication settings
Authentication Information: - Username and password (hashed; never stored in plaintext) - Google OAuth tokens (when you use Google Sign-In)
Billing and Payment Information: - Subscription billing contact information - Payment method details (processed by our PCI-DSS compliant payment processor — we do not store raw card numbers) - Billing address and tax information
Communications: - Messages you send to EnWella support - Feedback, survey responses, and product reviews you provide
Clinical and Practice Data (PHI — governed by BAA): When you use the Service to manage patient care, you and your team enter Protected Health Information. That PHI is governed by our Business Associate Agreement and HIPAA, not this general Privacy Policy.
When you use the Service, we automatically collect:
Usage Data: - Log data: IP address, browser type and version, operating system, referring URLs, pages visited, time and date of access, clicks, and session duration - Feature usage patterns (which modules are used, how often, workflow patterns) - Error and crash reports
Device Information: - Device type, screen resolution, and hardware configuration - Browser language and timezone
Cookies and Tracking Technologies: See our Cookie Policy for full details. We use: - Session cookies — required for authentication and security (expire when you close the browser) - Preference cookies — store your theme (light/dark) and display preferences - Analytics cookies — aggregate usage analytics to improve the Service (can be opted out) - We do not use advertising or cross-site tracking cookies
Audit Logs: We maintain detailed audit logs of all access to and modifications of data within the Service for HIPAA compliance, security monitoring, and dispute resolution. These logs include user ID, timestamp, action taken, and record accessed.
Google Services: - If you authenticate via Google OAuth, we receive your Google account email, name, and profile picture (as authorized) - If you enable Gmail integration, we receive access to read and send emails from your connected Gmail account. We use this access only to enable patient communication features you explicitly activate. We do not read, index, or use Gmail content for any other purpose. - Google Cloud Storage: Patient documents you upload are stored in Google Cloud Storage under our HIPAA-compliant configuration
Third-Party Payment Processors: We receive payment confirmation tokens and transaction status from our payment processor. We do not receive or store raw payment card data.
For individuals in the European Economic Area, United Kingdom, or other jurisdictions with similar laws, we process personal data under the following legal bases: - Contract performance: Processing necessary to deliver the Service you contracted for - Legal obligation: Processing required by applicable law (e.g., HIPAA, tax law) - Legitimate interests: Security monitoring, fraud prevention, product improvement (where not overridden by your rights) - Consent: For marketing communications and optional analytics (you may withdraw at any time)
We do not sell your personal information. We share information only as described below.
If you access the Service as a staff member, your practice administrator may have access to your account settings, usage logs, and audit trails within the Service.
We share information with carefully vetted third-party service providers who process data on our behalf under data processing agreements requiring equivalent privacy protections:
| Category | Purpose | Examples |
|---|---|---|
| Cloud infrastructure | Hosting, storage, compute | Google Cloud Platform |
| Payment processing | Subscription billing | [PAYMENT_PROCESSOR] |
| Email delivery | Transactional emails | [EMAIL_PROVIDER] |
| Error monitoring | Application reliability | [ERROR_MONITORING] |
| Analytics | Aggregate product analytics | [ANALYTICS_PROVIDER] |
A current list of sub-processors is available upon request at [PRIVACY_EMAIL].
We may share information with third parties when you expressly authorize us to do so (e.g., enabling a specific integration).
If EnWella is involved in a merger, acquisition, financing, asset sale, or bankruptcy proceeding, your information may be transferred to the successor entity. We will notify you before PHI is transferred and provide an opportunity to request deletion where permitted.
We may disclose information if required by law, regulation, legal process, or government request, including: - In response to a valid subpoena, court order, or government inquiry - To comply with mandatory reporting obligations - To protect the rights and safety of individuals
We will endeavor to notify you of such disclosures where legally permissible.
We may disclose information to enforce our Terms of Service, protect the security of the Service, or prevent fraud, abuse, or harm.
We retain different categories of data for different periods:
| Data Type | Retention Period |
|---|---|
| Account and profile information | Duration of Subscription + 90 days |
| Audit and access logs | 7 years (HIPAA requirement) |
| PHI (patient records) | As directed by the Covered Entity per applicable medical records law |
| Payment records | 7 years (tax and legal requirements) |
| Support communications | 3 years |
| Marketing consent records | 5 years after consent withdrawal |
| De-identified analytics | Indefinitely (cannot be linked to individuals) |
After the applicable retention period, data is securely deleted or rendered unrecoverable. For PHI, destruction is performed in accordance with HIPAA-compliant media sanitization standards.
Your responsibility: Healthcare providers are responsible for compliance with applicable medical records retention laws, which vary by state (typically 7–10 years for adult patients, longer for minors). Ensure you export records before your account retention period expires.
Access: You may request a copy of personal information we hold about you.
Correction: You may request correction of inaccurate personal information.
Deletion: You may request deletion of your personal information. Note that we may retain certain information as required by law (e.g., audit logs, payment records) and that deletion of your account does not automatically delete PHI, which is subject to the BAA and medical records retention law.
Portability: You may request your personal information in a portable, machine-readable format.
Objection/Restriction: You may object to certain uses of your data or request that we restrict processing in some circumstances.
To exercise these rights, contact [PRIVACY_EMAIL]. We will respond within 30 days (or as required by applicable law). We may verify your identity before fulfilling requests.
You may unsubscribe from marketing emails at any time by clicking "Unsubscribe" in any marketing email or by contacting [PRIVACY_EMAIL]. This does not affect transactional or service-related communications.
You may adjust cookie preferences through the cookie banner on our website. See our Cookie Policy for details.
You may revoke EnWella's access to your Google account at any time from your Google Account settings at myaccount.google.com. Revoking access will disable Google Sign-In and Gmail integration features.
If you are a California resident, you have the following rights under the California Consumer Privacy Act (as amended by the California Privacy Rights Act):
To submit a CCPA request, contact [PRIVACY_EMAIL] or call [TOLL_FREE_NUMBER]. We will respond within 45 days (extendable to 90 days with notice). We may ask you to verify your identity.
Note for California patients: HIPAA provides additional protections for your health information that are separate from CCPA rights. Contact your healthcare provider for PHI-specific rights.
Nevada residents may opt out of the sale of personal information. We do not sell personal information, but you may submit a request to [PRIVACY_EMAIL].
If you are in the European Economic Area or United Kingdom, you have the right to: - Access your personal data - Rectify inaccurate data - Erase your data ("right to be forgotten") subject to legal retention requirements - Restrict processing in certain circumstances - Data portability - Object to processing based on legitimate interests - Withdraw consent at any time where processing is based on consent
You also have the right to lodge a complaint with your local supervisory authority. Our lead supervisory authority is [EU_SUPERVISORY_AUTHORITY].
For GDPR inquiries, contact our Data Protection Officer (if appointed) at [DPO_EMAIL].
The Service is not directed to individuals under the age of 18 and we do not knowingly collect personal information from children under 18 through our website or account registration process.
Healthcare providers may create patient records for minor patients as part of their clinical practice. Such records constitute PHI and are governed by the BAA, HIPAA, and applicable state minor consent laws (which govern what health information parents/guardians may access). Providers are responsible for compliance with minor consent laws in their jurisdiction.
If we learn that we have inadvertently collected personal information from a child under 13 outside of a clinical context, we will delete that information. Contact [PRIVACY_EMAIL] if you believe we have such information.
We implement industry-standard security measures to protect your information:
Technical Safeguards: - All data in transit is encrypted using TLS 1.2 or higher - All data at rest is encrypted using AES-256 - Database access is restricted to authorized services through private networking - PHI is stored in GCP regions with HIPAA BAA coverage
Access Controls: - Multi-factor authentication (MFA) is available and strongly recommended for all accounts - Role-based access controls limit data access to the minimum necessary - All data access is logged and retained for audit purposes - Administrative access to production systems is subject to privileged access management
Organizational Safeguards: - Background checks for employees with access to production systems - Security awareness training for all staff - Annual risk assessments and penetration testing - Incident response plan maintained and tested regularly
Despite these measures, no system is completely secure. If you believe your account has been compromised, contact [SECURITY_EMAIL] immediately.
EnWella primarily processes data in the United States. If you access the Service from outside the United States, your information may be transferred to and processed in the United States, where privacy laws may differ from those in your country.
For transfers from the EEA or UK, we rely on: - Standard Contractual Clauses (SCCs) approved by the European Commission - Any other lawful transfer mechanism recognized by applicable law
By using the Service, you consent to this transfer where such consent is required.
The Service may contain links to third-party websites or services. This Privacy Policy does not apply to third-party sites. We encourage you to review the privacy policies of any third-party services you access.
We may update this Privacy Policy from time to time. We will notify you of material changes by: - Email to the address on your account - A prominent notice on the Service - An updated "Last Updated" date at the top of this policy
Material changes will take effect 30 days after notice. Your continued use of the Service after that date constitutes acceptance of the updated policy. If you do not accept the changes, you may terminate your Subscription.
For privacy questions, access requests, or complaints:
Privacy Team [COMPANY LEGAL NAME] [COMPANY ADDRESS] Email: [PRIVACY_EMAIL] Phone: [PHONE_NUMBER]
For HIPAA-specific concerns: [HIPAA_OFFICER_EMAIL] For security incidents: [SECURITY_EMAIL]
We aim to respond to all privacy inquiries within 5 business days and to fulfill rights requests within 30 days (or as required by applicable law).
EnWella — Your health, elevated. © [YEAR] [COMPANY LEGAL NAME]. All rights reserved.
ATTORNEY REVIEW NOTICE: This document is a template and must be reviewed by a licensed attorney with privacy law expertise before publication. State-specific requirements (particularly for California, New York, Texas, and Virginia) and international requirements (GDPR, PIPEDA) may require additional provisions.