Privacy Policy

Last Updated: January 27, 2026

EasyDocForms ("we", "our", or "us") is committed to protecting your privacy and the privacy of your patients. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our patient intake form service.

1. Information We Collect

We collect information you provide directly to us, including:

• Account Information: Name, email address, practice name, and billing information when you create an account.
• Patient Data: Information submitted through intake forms, including Protected Health Information (PHI) as defined by HIPAA.
• Usage Data: Technical information about how you interact with our service (e.g., logs, timestamps) to ensure security and performance.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services.
• Process secure transactions and send related receipts.
• Send technical notices, security alerts, and support messages.
• Respond to your comments and questions.

3. Sharing of Information

We do not sell, trade, or otherwise transfer your personally identifiable information to outside parties. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential and HIPAA-compliant.

No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

4. Cookies and Tracking Technologies

We do not use cookies for marketing, advertising, or third-party tracking purposes.

We only use "strictly necessary" cookies and local storage that are essential for the operation of our Service, such as:

• Authentication: To keep you logged in to your secure session.
• Security: To prevent Cross-Site Request Forgery (CSRF) and protect patient data.

Because we do not use non-essential tracking technologies, we do not require a cookie consent banner.

5. Artificial Intelligence & Data Processing

We utilize Google Cloud's enterprise AI services (Vertex AI) to assist with secure data processing and documentation.

• No External APIs: We do not transmit your data to third-party AI vendors (e.g., OpenAI, Anthropic). All AI processing occurs securely within our private Google Cloud infrastructure, covered under our HIPAA Business Associate Agreement (BAA).
• No Training on Data: Your patient data is never used to train Google's AI models. It is processed in an isolated environment strictly for the purpose of delivering our service to you.

6. HIPAA Compliance

We are a Business Associate under HIPAA. We maintain appropriate administrative, technical, and physical safeguards to protect PHI. We will enter into a Business Associate Agreement (BAA) with covered entities as required by law.

7. Data Security

We take the security of your data seriously. Our infrastructure is hosted exclusively on Google Cloud Platform (GCP), utilizing industry-leading security standards. Our security measures include:

• Encryption in Transit: All data is transmitted via secure HTTPS (TLS 1.2+).
• Encryption at Rest: All data stored in our databases is encrypted using AES-256 standards.
• Access Control: Strict role-based access controls to prevent unauthorized access.

8. Data Retention

We retain patient data for as long as your account is active or as needed to provide services. You may request deletion of your data at any time by contacting us.

9. Contact Us

If you have questions about this Privacy Policy, please contact us at: [email protected]

10. SMS/Text Messaging

When you or your patients opt in to receive SMS messages from EasyDocForms (such as intake form links), we collect mobile phone numbers and consent records.

Message Frequency: Message frequency varies based on appointment activity. Typically, patients receive one message per appointment containing their intake form link.

Opt-Out: Recipients can opt out at any time by replying STOP to any message. Opt-out requests are processed immediately.

Carrier Costs: Message and data rates may apply depending on your mobile carrier plan.

Data Sharing: We will not share mobile phone numbers or text messaging opt-in data with third parties or affiliates for marketing or promotional purposes. This data is used solely to deliver intake form links on behalf of healthcare practices using our platform.

For help with SMS messages, reply HELP to any message or contact [email protected].