Last updated: Jan 3, 2023

We take data privacy very seriously. We care about your organization's privacy, your connections' privacy, and patient privacy (whose data resides within Redox). So, we don't and won't sell user or patient data. We facilitate the exchange of data between healthcare entities, but we only share your data with the specific connections you request your data to be shared with.

We comply with all applicable regulations at the state and federal level, including Health Insurance Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), and the California Consumer Protection Act (CCPA). Check out our trust and compliance standards for more details.

For all the particulars about how we collect and store user data, check out our privacy policy (or our CCPA disclosure for residents of California).

Also, you can learn about our data retention standards, which explains how we store data on your behalf as part of the services we provide.