Indoma

Privacy Policy

Last updated: February 10, 2025

1. Introduction

Indoma ("we," "our," or "us") is a clinical care platform designed to help healthcare providers manage patient care. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our web application and mobile applications.

2. Information We Collect

We may collect the following types of information:

  • Account Information: Name, email address, professional credentials, and contact details provided during registration.
  • Patient Health Information (PHI): Clinical data entered by authorized healthcare providers, including session notes, treatment plans, and patient records.
  • Usage Data: Information about how you interact with our platform, including log data, device information, and feature usage.
  • Audio Recordings: Session recordings created by clinicians with appropriate patient consent.

3. How We Use Your Information

  • To provide and maintain our clinical care platform services.
  • To authenticate users and ensure secure access to patient data.
  • To process and transcribe clinical audio recordings.
  • To generate clinical documentation and summaries.
  • To improve our platform's functionality and user experience.
  • To comply with legal and regulatory requirements.

4. HIPAA Compliance

We are committed to complying with the Health Insurance Portability and Accountability Act (HIPAA). We implement appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of Protected Health Information (PHI). We enter into Business Associate Agreements (BAAs) with covered entities as required by law.

5. Data Security

We employ industry-standard security measures to protect your data, including:

  • Encryption of data in transit and at rest.
  • Multi-factor authentication for platform access.
  • Regular security audits and vulnerability assessments.
  • Role-based access controls to limit data access to authorized personnel.
  • Audit logging of all data access and modifications.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share information only in the following circumstances:

  • With authorized healthcare providers within your organization for treatment purposes.
  • With service providers who assist in operating our platform, under appropriate data protection agreements.
  • When required by law, regulation, or legal process.
  • To protect the rights, safety, or property of our users or the public.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide services, comply with legal obligations, resolve disputes, and enforce our agreements. Clinical data is retained in accordance with applicable healthcare regulations and your organization's retention policies.

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access, correct, or delete your personal information.
  • Request a copy of your data in a portable format.
  • Opt out of certain data processing activities.
  • File a complaint with a data protection authority.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: privacy@indoma.care

← Back to Sign In