Privacy Policy

Last updated: August 12, 2025

Cognixa is committed to protecting the privacy and security of our users’ information in compliance with applicable regulations, including the Health Insurance Portability and Accountability Act (HIPAA) where applicable. This policy describes how we collect, use, and protect information.

1. Information We Collect

Depending on your use of Cognixa, we may collect:

• Clinician account details (name, email, organization)
• Patient health information entered into forms (protected health information or “PHI”)
• Usage logs and device/browser metadata

2. How We Use Information

• Provide and improve the Cognixa service
• Facilitate secure sharing and collaboration between authorized users
• Maintain audit trails for compliance purposes

3. HIPAA Safeguards

• Data encryption in transit (TLS 1.2+) and at rest (AES‑256)
• Role‑based access controls and least‑privilege principles
• Audit logging and anomaly monitoring
• Business Associate Agreements (BAAs) where required

4. Data Retention & Deletion

We retain PHI only as long as necessary for the purposes outlined above or as required by law. Authorized account owners may request deletion of PHI at any time, subject to regulatory requirements.

5. Your Rights

Clinicians and patients may have rights under HIPAA and other laws, including the right to access, amend, and receive an accounting of disclosures of their PHI.

6. Contact Us

For privacy questions or compliance requests, contact: privacy@cognixa.org