Medora Privacy Policy

Effective Date: September 03 2025

1. Information We Collect

a. Provider Information

• Full name, email address, contact details
• Clinic affiliation and user profile

b. Usage Data

• Login history, device information, usage patterns
• Interactions with Medora features (e.g., SmartLearn, AllergenIQ, SOAP notes)

c. Patient-Related Data (Protected Health Information)

• Visit transcripts and audio recordings
• SOAP notes, assessment and plans
• Clinical insights and documentation

Note: All PHI is handled in accordance with HIPAA regulations.

2. How We Use the Information

• Provide and improve the Medora platform
• Generate SOAP notes and AI-based clinical assistance
• Support SmartLearn, AllergenIQ, Recommendations, References
• Conduct internal analysis and optimization
• Comply with legal obligations

De-identified data may be used to improve AI model performance.

3. Sharing and Disclosure

• We do not sell your information
• Shared with: AWS, Stripe, infrastructure providers
• BAAs signed with applicable service providers

4. Data Security

• Encryption at rest and in transit
• Role-based access control (RBAC)
• Backups and monitoring

5. HIPAA Compliance

Medora complies with HIPAA and signs Business Associate Agreements with covered entities.

6. User Rights and Choices

You can:

• Access, update, or delete account data
• Request patient data deletion
• Contact: support@medoramd.ai

7. Data Retention

We retain necessary data for clinical, legal, and operational use under HIPAA and SaaS terms.

8. Changes to this Policy

We may update this policy periodically and will revise the "Effective Date" accordingly.

9. Contact Us

Medora Labs
5231 4th Ave Cir E, Bradenton FL 34208
support@medoramd.ai