Privacy Policy

RatifiedRx ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you use our prior authorization automation platform and related services.

We collect information you provide directly, including name, work email, organization name, and role when you contact us or request a demo. When your organization uses our platform under a Business Associate Agreement, we process Protected Health Information (PHI) solely as directed by your organization to complete prior authorization requests.

We use contact information to respond to inquiries, provide the services you request, and send service-related communications. We process PHI exclusively to perform prior authorization automation on behalf of covered entities. We do not sell, rent, or share your information with third parties for their marketing purposes.

RatifiedRx operates as a HIPAA Business Associate. We process PHI only under signed Business Associate Agreements with covered entities. PHI is accessed, used, and disclosed solely as necessary to fulfill prior authorization requests and as required by applicable law. For more information on our HIPAA compliance practices, see our HIPAA Compliance statement.

PHI processed through our platform is retained only for the duration necessary to complete the prior authorization process and is deleted upon completion in accordance with your Business Associate Agreement. Contact information and account data are retained for as long as your account is active or as needed to provide services.

We may engage trusted third-party service providers to help operate our platform (such as cloud infrastructure providers). Any third party with access to PHI is required to execute a Business Associate Agreement with equivalent protections. We do not share PHI with third parties for purposes other than providing our services.

We implement administrative, physical, and technical safeguards to protect your information, including encryption of data at rest and in transit, access controls, and regular security assessments. While we take reasonable measures to protect your information, no security system is impenetrable.

Depending on your location, you may have rights regarding your personal information, including the right to access, correct, or delete it. Residents of California and certain other states may have additional rights under applicable state privacy laws (including the CCPA and CMIA). To exercise your rights, contact us at team@ratifiedrx.com. Note: requests regarding PHI should be directed to the covered entity (your healthcare provider or plan) who controls that data.

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the "Last updated" date at the top of this page. Your continued use of our services after any changes constitutes your acceptance of the updated policy.

If you have questions about this Privacy Policy or our privacy practices, please contact us at team@ratifiedrx.com or by mail at RatifiedRx, 12 Main St. Brewster NY 10509.