Data retention

Last updated: Sep 9, 2024
SUPPORT
HEALTH TECH VENDOR
DEVELOPER

We're required to store data to provide services and support you and all our other customers. Below, we specify what customer-generated data we store, how long we store it for product functionality, and why we use it. We also distinguish the data retention policies for protected health information (PHI) versus other types of data.

What we store
Description
How long
Why
PHI in payloads
Full request payloads containing PHI sent through Redox.
60 days.
For (a) troubleshooting and support; (b) recent transaction data in the dashboard; and c) historical data replays.
PHI in searches
Search index that contains salted and hashed identifiers from request payloads—including patient names and identifiers, provider IDs, and other record IDs.
60 days.
For (a) troubleshooting and support; and (b) logs in the dashboard.
PHI in data operations
Field paths containing patient identifiers, provider IDs, or other record IDs to filter or translate during log processing.
Contract duration (Redox purges data within 30 days of customer account closure).
For supporting customer-configured data operations (i.e., filters, translation sets)
PHI in data on demand
Data on demand stores (a) patient identifiers, basic demographics; (b) provider data; (c) reference URLs to files sent to integrated systems; (d) encoded base64 strings for files sent to integrated systems; and (e) scheduling, orders, and results data. Learn more about data on demand.
Contract duration (Redox purges data within 30 days of customer account closure).
For (a) providing a database to query when your connection's system doesn't support query requests; and (b) accessing stored event-based messages via query requests.
PHI in backfill searches
Search index for backfill data that contains salted and hashed identifiers from request payloads—including patient names and identifiers, provider IDs, and other record IDs. Learn more about backfilling.
14 days.
For (a) troubleshooting and support; and (b) logs in the dashboard.
Metadata (no PHI)
Any metadata about requests sent through Redox.
Available for a minimum of 60 days (via the Redox dashboard and Platform API), but may be stored indefinitely.
For (a) troubleshooting and support; (b) audit logging; and (c) informed product enhancements.
Metadata for backfill requests (no PHI)
Any metadata about queries to backfill data. Learn about backfilling.
Available for a minimum of 14 days (via the Redox dashboard and Platform API) but may be stored indefinitely.
For (a) troubleshooting and support; (b) audit logging; and (c) informed product enhancements.
System backups
Backups of stored data.
Minimum of 5 days and up to 30 days.
Backups may retain data 30 days beyond the date that's stored in any other method.
For data restoration purposes and resiliency.
System and security logs
Logs generated by our cloud-based security tools.
90 days active; 1 year archived.
For risk and incident management.
Antivirus scan logs
Logs generated by our antivirus/malware solution.
Minimum of 1 year archived.
For risk and incident management.
Redox organization user information
Names, email addresses, or profile information of any users that are part of a Redox organization.
Contract duration (Redox purges data within 30 days of customer account closure).
For product delivery.
Usage statistics
Any metadata about the number of successful API requests made for a specified date range. Learn about managing transaction usage.
Available for a minimum of 1 year (via the Redox dashboard and Platform API) but stored for 13 months.
For monitoring transaction usage.

Other data

We also store data for compliance and regulatory purposes. This data isn't related to product functionality. Contact us if you have questions or would like a copy of our full data retention policy.