Privacy Policy

Effective Date: January 1, 2025

Currently Health ("Currently Health", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you access and use our healthcare data platform and services.

1. Information We Collect

Information You Provide

• Account Information: Your name, email address, organization name, and role at the time of account creation.
• Organization Data: Healthcare facility details, configuration preferences, and integration settings specific to your organization.
• Communications: Any messages, requests, or feedback you submit to our team.

Information Collected Automatically

• Usage Data: Pages visited, features accessed, and in-platform interactions.
• Device Information: Browser type, operating system, and device identifiers.
• Log Data: IP addresses, access timestamps, and referring URLs.

Protected Health Information (PHI)

Currently Health processes healthcare data strictly on behalf of covered entities. All PHI is handled in full accordance with HIPAA regulations and executed Business Associate Agreements (BAAs).

2. How We Use Information

We use the information we collect to:

• Deliver, maintain, and continuously improve our platform and services
• Process and facilitate healthcare data integration workflows
• Send technical notices, product updates, and security alerts
• Respond to support requests and user communications
• Analyze usage patterns to enhance platform performance and experience
• Fulfill legal and regulatory obligations

3. Data Security

Currently Health employs industry-standard security practices, including:

• End-to-end encryption for data in transit and at rest
• Role-based access controls and multi-factor authentication
• Regular security audits and penetration testing
• SOC 2 Type II compliance
• HIPAA-compliant infrastructure throughout

4. Data Sharing

We do not sell your personal information. We may share data only in the following circumstances:

• Service Providers: Trusted third-party vendors supporting platform operations (e.g., cloud infrastructure, analytics)
• Legal Requirements: When disclosure is required by law, regulation, court order, or legal process
• Business Transfers: In connection with a merger, acquisition, or transfer of company assets

5. Data Retention

We retain your information for as long as your account remains active or as necessary to deliver our services. Healthcare data retention timelines are governed by applicable regulatory requirements and your organization's data retention policies.

6. Your Rights

Depending on your jurisdiction, you may have the right to:

• Access your personal information
• Correct inaccurate or incomplete data
• Request deletion of your data
• Object to or restrict certain processing activities
• Receive a portable copy of your data

7. Contact Us

For privacy-related questions or requests, please reach out to us:

• Email: privacy@currently.health
• Mail: Currently Health, Privacy Team

8. Changes to This Policy

We may revise this Privacy Policy periodically. Material changes will be communicated by posting the updated policy on our platform and updating the effective date above.