Legal
Privacy Policy
This policy describes how CareHQ handles information. This page is a working draft and will be replaced with a reviewed policy before general availability.
What we collect
Account information for the people you authorize, organization details for your workspace, and the operational data your team enters into the products you use.
Protected health information
PHI processed through CareHQ is encrypted at rest with per-record keys, is never placed in plaintext fields, filenames, or URLs, and is handled only by vendors under a signed business associate agreement. Access and changes are audited.
How we use information
To provide the platform: authentication, billing, access control, branding, and the product features your workspace uses. We do not sell personal information.
Access and retention
Access to data is gated by role at the application and the database. Retention follows your organization's needs and the agreements that govern your workspace.
Contact
Questions about this policy or your data can be sent to hello@usecarehq.com.