Privacy Policy

Last updated: November 19, 2025

1. Introduction

MDHex Inc. ("MDHex," "we," "our," or "us") is committed to protecting your privacy and the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our physician productivity applications.

2. Information We Collect

2.1 Personal Information

  • Name, email address, and contact information
  • Professional credentials and organization affiliation
  • Account credentials and authentication data
  • Usage data and application preferences

2.2 Protected Health Information (PHI)

When you use our applications for patient care, we may process PHI including patient demographics, medical records, diagnoses, and treatment information. All PHI is handled in accordance with HIPAA regulations.

3. How We Use Your Information

  • Provide and maintain our services
  • Process transactions and send related information
  • Improve and personalize user experience
  • Communicate with you about updates and support
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption in transit (TLS 1.2+) and at rest
  • Two-factor authentication (TOTP) required for all users
  • Automatic session timeout after 30 minutes of inactivity
  • Comprehensive audit logging of all PHI access
  • Regular security assessments and vulnerability scanning
  • Google Cloud Platform infrastructure with signed BAA

5. Data Retention

We retain your personal information for as long as necessary to provide services and comply with legal obligations. PHI is retained according to applicable healthcare regulations, and audit logs are retained indefinitely for compliance purposes.

6. Your Rights

You have the right to:

  • Access your personal information
  • Correct inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Receive a copy of your data in a portable format
  • Opt out of marketing communications

7. Third-Party Services

We use third-party services that have signed Business Associate Agreements (BAAs) and comply with HIPAA requirements, including Google Cloud Platform for hosting and AI services.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

9. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at:

Email: admin@mdhex.com
Address: MDHex Inc.
Orange County, California

← Back to Home