Privacy Policy

Last updated: February 1, 2026

Praxamed ("Company," "we," "us," or "our") operates the Praxamed medical practice management platform ("Service"). This Privacy Policy explains how we collect, use, disclose, and protect information about users of our Service, including healthcare practices, their staff, and patients who interact with the Service.

Important: If you are a patient of a medical practice that uses Praxamed, the practice (not Praxamed) is the primary custodian of your health information. Please contact your healthcare provider with questions about your health records.

1. Information We Collect

Information You Provide

  • Account information: Name, email address, phone number, and practice details when you register
  • Practice information: Clinic name, address, NPI numbers, provider information, and staff accounts
  • Patient information: Patient records entered by practice staff, including demographics, medical history, and insurance information (stored as Protected Health Information under HIPAA)
  • Payment information: Billing details for your Praxamed subscription (processed by Stripe; we do not store full card numbers)
  • Communications: Messages you send to Praxamed support

Information Collected Automatically

  • Usage data: Pages visited, features used, timestamps, and interactions with the platform
  • Device information: Browser type, operating system, IP address
  • Cookies and similar technologies: Session cookies for authentication; analytics cookies (described below)

2. How We Use Your Information

We use collected information to:

  • Provide, operate, and improve the Praxamed Service
  • Process transactions and send related information
  • Send administrative messages, security alerts, and support communications
  • Respond to comments and questions
  • Monitor and analyze usage patterns to improve user experience
  • Comply with legal obligations
  • Enforce our Terms of Service

We do not sell your personal information or Protected Health Information to third parties.

3. Protected Health Information (PHI) and HIPAA

Praxamed is designed to assist healthcare practices in managing patient health information. In this role, Praxamed acts as a Business Associate under HIPAA when handling Protected Health Information (PHI) on behalf of covered healthcare entities.

We handle PHI in accordance with HIPAA requirements and will sign a Business Associate Agreement (BAA) with covered entities. Contact us at privacy@praxamed.com to request a BAA.

PHI is used only to provide the contracted services to your practice. We do not use PHI for marketing, research (without explicit authorization), or any purpose beyond service delivery.

4. Information Sharing and Disclosure

We may share your information with:

  • Service providers: Cloud hosting, payment processing (Stripe), email delivery, and analytics partners who process data on our behalf under data processing agreements
  • Clearinghouses: For electronic insurance claim submission as directed by your practice
  • Legal requirements: When required by law, court order, or governmental authority
  • Business transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)

5. Data Security

We implement industry-standard security measures including:

  • Encryption of data at rest (AES-256) and in transit (TLS 1.2+)
  • Role-based access controls limiting staff access to what their role requires
  • Comprehensive audit logging of all PHI access
  • Regular security assessments
  • Breach notification procedures in compliance with HIPAA and applicable state laws

No method of electronic transmission or storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain account information for the duration of your subscription and for a reasonable period afterward to comply with legal obligations. Patient health records are retained as required by applicable medical records retention laws. You may request deletion of non-PHI account data by contacting us.

7. Your Rights

Depending on your location, you may have rights to:

  • Access the personal information we hold about you
  • Correct inaccurate personal information
  • Request deletion of your personal information (subject to legal retention requirements)
  • Opt out of marketing communications
  • Data portability (export of your practice data)

To exercise these rights, contact us at privacy@praxamed.com.

Patient rights: Patients seeking to exercise HIPAA rights (access, amendment, accounting of disclosures) should contact their healthcare provider directly.

8. Cookies

We use essential cookies for authentication and session management. We may use analytics cookies to understand how users interact with our Service. You can control non-essential cookies through your browser settings.

9. Children's Privacy

The Praxamed Service is not directed to children under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us personal information, contact us and we will take steps to delete that information.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact Us

For privacy questions, data requests, or BAA inquiries, contact us at:
Email: privacy@praxamed.com
Address: Praxamed, Inc. — [Address on file]