PRIVACY
Privacy Policy
Last Updated: January 29, 2025
Introduction and Scope
Syntra OS ("we," "us," or "our") is committed to protecting the privacy and security of personal information, including Protected Health Information (PHI), of all individuals who interact with our cloud-based operating system for private practice doctors. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information and PHI in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws. This policy applies to all users of Syntra OS, including healthcare providers, their staff, patients, and website visitors. As a Business Associate to healthcare providers who are Covered Entities under HIPAA, we maintain strict compliance with all HIPAA requirements and implement comprehensive security measures to protect sensitive health information.
Definitions
Personal Information (PI)
Personal Information includes any information that can identify an individual, such as name, address, email address, telephone number, date of birth, and government-issued identification numbers.
Protected Health Information (PHI)
Protected Health Information encompasses health information created, received, maintained, or transmitted by Syntra OS, including demographic information, medical histories, test results, insurance information, and other data that can identify a patient and relates to their:
- Past, present, or future physical or mental health condition
- Healthcare services provided
- Past, present, or future payment for healthcare services
Business Associate Status
Syntra OS operates as a Business Associate to healthcare providers (Covered Entities) under HIPAA. This relationship is formalized through Business Associate Agreements (BAAs) that establish our obligations and responsibilities in handling PHI.
SMS Communication and Consent
All the above categories exclude text messaging originator optin data and consent; this information will not be shared with any third parties. We will not share your opt-in to an SMS campaign with any third party for purposes unrelated to providing you with the services of that campaign. We may share your Personal Data, including your SMS opt-in or consent status, with third parties that help us provide our messaging services, including but not limited to platform providers, phone companies, and any other vendors who assist us in the delivery of text messages.
Information We Collect
Personal Information Collection
We collect personal information through:
- Account creation and registration processes
- Website forms and communication features
- Customer support interactions
- Service usage and system interactions
Health Information Collection
In providing our services, we collect and process PHI including:
- Electronic health records
- Patient intake information
- Clinical documentation and notes
- Billing and payment information
- Prescription and medication records
- Appointment scheduling data
Automatic Data Collection
Our system automatically collects certain technical information:
- IP addresses and device identifiers
- Browser type and operating system
- Usage patterns and interactions with our platform
- System logs and performance data
We use essential cookies and similar technologies to maintain system functionality and security. Analytics tools help us improve our services while maintaining HIPAA compliance.
Contact Information
For all privacy inquiries, security concerns, or to exercise your rights:
Email: support@syntra.com
We maintain a strict non-retaliation policy for all privacy-related concerns.
Legal Disclaimers
This Privacy Policy is governed by United States law. Additional privacy requirements may apply based on:
- State-specific privacy laws
- International data protection regulations
- Industry-specific requirements
- Contractual obligations
Nothing in this policy restricts or supersedes any rights or obligations under HIPAA or other applicable laws.