Back to Home

Privacy Policy

Last updated: March 24, 2026

1. Introduction

Hope Consultation ("we," "us," or "our") operates Hope RCM. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our Service. We are committed to protecting your privacy and complying with applicable data protection laws, including HIPAA.

2. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, password (hashed), organization name, and contact details.
  • Protected Health Information (PHI): Patient data, claim information, and medical records submitted through the Service, governed by HIPAA.
  • Usage Data: Log files, IP addresses, browser type, pages visited, and actions taken within the Service.
  • Payment Information: Billing details processed by Stripe. We do not store full card numbers.

3. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve the Service
  • Process payments and manage subscriptions
  • Send transactional emails (account verification, password reset, invoices)
  • Provide customer support
  • Comply with legal obligations, including HIPAA
  • Detect and prevent fraud or security incidents

4. Protected Health Information (PHI)

We handle PHI as a Business Associate under HIPAA. PHI is used solely to provide the Service and is not disclosed to third parties except as required by law or as permitted under a signed Business Associate Agreement. We implement administrative, physical, and technical safeguards to protect PHI as required by the HIPAA Security Rule.

5. Data Sharing and Disclosure

We do not sell your personal data. We may share information with:

  • Service Providers: Stripe (payments), SendGrid (email), AWS (cloud hosting) — each bound by data processing agreements.
  • Legal Requirements: When required by law, court order, or government authority.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with advance notice to users.

6. Data Retention

We retain account data for as long as your account is active. PHI is retained in accordance with applicable law and your BAA. Upon account termination, you may request data export within 30 days. After that period, data is securely deleted.

7. Security

We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, role-based access controls, audit logging, and regular security assessments. However, no system is completely secure, and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate data
  • Request deletion of your data ("right to be forgotten")
  • Object to or restrict processing
  • Data portability

To exercise these rights, contact us at [email protected].

9. Cookies

We use session cookies for authentication and functional cookies to remember your preferences. We do not use third-party advertising cookies. You can disable cookies in your browser settings, but this may affect Service functionality.

10. Children's Privacy

The Service is not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or in-app notification at least 30 days before the changes take effect.

12. Contact Us

For privacy-related questions or to exercise your rights, contact our Privacy Officer at: [email protected]

© 2026 Hope Consultation. All rights reserved.Terms of Service