Privacy Policy
Last updated: June 4, 2026
Table of Contents
1. Introduction
BoostCliniq AI ("Company," "we," "us," or "our") operates the BoostCliniq AI platform ("Platform"). This Privacy Policy explains how we collect, use, disclose, and otherwise process personal information, including Protected Health Information (PHI) under the Health Insurance Portability and Accountability Act (HIPAA).
We are committed to protecting your privacy and ensuring you have a positive experience on our Platform. This policy applies to all users of our services, including clinic administrators, healthcare providers, and patients.
2. Information We Collect
Personal Information You Provide
- Name, email address, phone number
- Clinic/organization information
- Billing and payment information
- Professional credentials and licenses
- Account login credentials
Protected Health Information (PHI)
- Patient medical history and clinical records
- Appointment scheduling information
- Treatment notes and diagnoses
- Medication information
- Patient contact information (name, DOB, phone, email)
- Insurance information
Information Collected Automatically
- IP address and device information
- Browser type and operating system
- Pages visited and time spent on Platform
- Referring and exit pages
- Usage patterns and analytics data
3. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Platform and services
- Process and fulfill appointments and healthcare services
- Send transactional emails and communications
- Process payments and billing
- Authenticate users and prevent fraud
- Respond to inquiries and provide customer support
- Conduct analytics and improve user experience
- Comply with legal obligations
- Enforce our Terms of Service
- Send marketing communications (with opt-in consent)
We process PHI only as permitted under HIPAA and applicable state laws, and only for the purposes of providing healthcare services.
4. Information Sharing
We do not sell your personal information. We may share information only in the following circumstances:
- Service Providers: With vendors who assist in operating the Platform (hosting, payments, analytics) under strict confidentiality agreements
- Legal Requirements: When required by law, court order, or government request
- Business Transfers: In case of merger, acquisition, or sale of assets
- HIPAA Compliance: To Business Associates who assist with healthcare services under a valid HIPAA Business Associate Agreement (BAA)
- Patient Care: As necessary to provide appropriate healthcare services with patient consent
- Safety: To protect against fraud, security threats, or physical harm
All third parties handling PHI are required to maintain confidentiality and security measures equivalent to our own.
5. Data Security
We implement comprehensive technical, administrative, and physical security measures to protect your information from unauthorized access, alteration, disclosure, or destruction.
Security Measures Include:
- End-to-end encryption for data in transit and at rest
- HIPAA-compliant hosting infrastructure
- Regular security audits and penetration testing
- Multi-factor authentication
- Role-based access controls
- Secure password policies
- Regular backup and disaster recovery procedures
While we implement industry-leading security measures, no system is completely secure. We encourage users to report security vulnerabilities responsibly.
6. HIPAA Compliance
BoostCliniq AI is HIPAA compliant and operates as a HIPAA-covered entity and Business Associate. We comply with all HIPAA Privacy, Security, Breach Notification, and Omnibus Rule requirements.
Our HIPAA Commitments:
- Limited use and disclosure of PHI
- Patient privacy rights and access to medical records
- Comprehensive security standards
- Breach notification procedures
- Business Associate Agreements with all processors
- Regular HIPAA compliance audits
7. Your Privacy Rights
Depending on your location, you may have the following rights:
- Right to Access: Request copies of your personal and health information
- Right to Correction: Request corrections to inaccurate information
- Right to Deletion: Request deletion of your information (subject to legal obligations)
- Right to Data Portability: Request your information in a portable format
- Right to Opt-Out: Opt out of marketing communications
- Right to Restrict Processing: Request restrictions on how we use your information
To exercise these rights, contact us at privacy@boostcliniq.com
9. Third-Party Links
Our Platform may contain links to third-party websites. We are not responsible for the privacy practices of external sites. We encourage you to review their privacy policies before providing any information.
10. Children's Privacy
The Platform is not intended for users under 18 years of age. We do not knowingly collect information from children. If we become aware of such collection, we will delete the information and notify the appropriate parties.
11. Data Retention
We retain personal and health information for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce agreements.
Specific retention periods are determined by applicable laws (e.g., HIPAA requires PHI retention for 6 years) and business requirements. You may request deletion subject to legal and regulatory requirements.
12. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Phone
+91 9455 598 610Data Protection Officer
For HIPAA-related inquiries or to file a privacy complaint:
dpo@boostcliniq.comChanges to This Privacy Policy
We may update this Privacy Policy periodically. Material changes will be notified through the Platform or via email. Your continued use of the Platform constitutes acceptance of the updated Privacy Policy. Please review this page regularly for updates.