Privacy Policy

1. Information We Collect

We collect information that you provide directly to us, including:

• Account Information: Name, email address, phone number, and organization details when you create an account or contact us.
• Usage Data: Information about how you interact with our platform, including log data, device information, and IP addresses.
• Health Information: Protected Health Information (PHI) as defined under HIPAA, collected in the course of providing telehealth services.
• Payment Information: Billing details processed securely through our payment partners.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our telehealth platform services
• Process transactions and send related information
• Respond to your comments, questions, and customer service requests
• Send technical notices, updates, security alerts, and administrative messages
• Monitor and analyze trends, usage, and activities in connection with our services
• Comply with legal obligations and enforce our terms of service

3. HIPAA Compliance

BlueprintMD is committed to maintaining HIPAA compliance. We act as a Business Associate for healthcare providers using our platform and have implemented appropriate administrative, physical, and technical safeguards to protect Protected Health Information (PHI).

All Business Associate Agreements (BAAs) are established with partners before any PHI is shared or processed.

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

• With Your Consent: When you explicitly authorize us to share information
• Service Providers: With third-party vendors who perform services on our behalf under strict confidentiality agreements
• Legal Requirements: When required by law, subpoena, or other legal process
• Business Transfers: In connection with a merger, acquisition, or sale of assets

5. Data Security

We implement industry-standard security measures to protect your information, including:

• Encryption of data in transit and at rest using TLS 1.3 and AES-256
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• Employee training on data privacy and security practices
• Incident response and breach notification procedures

6. Data Retention

We retain your information for as long as necessary to provide our services, comply with legal obligations, resolve disputes, and enforce our agreements. PHI is retained in accordance with applicable healthcare regulations and partner agreements.

7. Your Rights and Choices

You have the right to:

• Access, correct, or delete your personal information
• Object to or restrict certain processing of your information
• Request a copy of your data in a portable format
• Withdraw consent where we rely on consent to process your information
• Lodge a complaint with a supervisory authority

To exercise these rights, please contact us at privacy@blueprintmd.com.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activities. You can control cookies through your browser settings. Note that disabling cookies may limit your ability to use certain features of our platform.

9. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us: