Beacon
Beacon Health Logo

Privacy Policy

Last updated: April 1, 2026

1. Introduction

Beacon Health ("we," "our," or "us") is committed to protecting the privacy and security of the information we collect and process. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our platform and services ("Services").

2. Information We Collect

We may collect the following categories of information:

  • Account Information: Name, email address, organization affiliation, role, and login credentials.
  • Protected Health Information (PHI): Patient demographics, clinical data, care gap records, and other healthcare information processed on behalf of your organization under a Business Associate Agreement.
  • Usage Data: Log data, device information, browser type, pages visited, feature usage patterns, and interaction timestamps.
  • Communication Data: Information you provide when contacting us for support or inquiries.

3. How We Use Your Information

We use collected information to:

  • Provide, maintain, and improve the Services
  • Process and manage patient data on behalf of covered entities
  • Operate AI-powered workflow automation and analytics features
  • Send service-related notices and updates
  • Respond to support requests and communications
  • Ensure the security and integrity of the platform
  • Comply with legal obligations

4. HIPAA Compliance

When we process PHI on behalf of healthcare organizations, we do so as a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA). We maintain administrative, physical, and technical safeguards to protect PHI in accordance with the HIPAA Security Rule. Our obligations regarding PHI are detailed in the Business Associate Agreement (BAA) executed with each covered entity.

5. Information Sharing

We do not sell your personal information. We may share information in the following circumstances:

  • With your organization: We share platform usage and operational data with the subscribing healthcare organization as needed to deliver the Services.
  • Service providers: We engage trusted third-party vendors who assist in operating our Services, subject to confidentiality obligations and, where PHI is involved, Business Associate Agreements.
  • Legal requirements: We may disclose information when required by law, regulation, or legal process.
  • Safety and security: We may share information to protect the rights, property, or safety of Beacon Health, our users, or the public.

6. Data Security

We implement industry-standard security measures to protect your information, including encryption in transit and at rest, access controls, audit logging, and regular security assessments. While we strive to protect your information, no electronic transmission or storage method is completely secure. We encourage you to use strong passwords and report any suspected security issues promptly.

7. Data Retention

We retain information for as long as necessary to provide the Services and fulfill the purposes described in this Privacy Policy, unless a longer retention period is required by law or by the terms of a BAA. When data is no longer needed, we securely delete or de-identify it.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Object to or restrict certain processing activities
  • Receive a copy of your data in a portable format

For PHI-related requests, please contact your healthcare organization directly, as they are the covered entity responsible for responding to individual rights requests under HIPAA.

9. Cookies and Tracking

We use essential cookies to operate the Services and may use analytics tools to understand how the platform is used. We do not use advertising cookies or trackers. You can manage cookie preferences through your browser settings.

10. Children's Privacy

The Services are not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy regularly.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at privacy@beaconhealth.ai.

← Back to home