Privacy Policy

Effective Date: May 7, 2026 (Updated)

DenialIQ is operated by [Your Legal Name], operating as DenialIQ. This Privacy Policy describes how we collect, use, disclose, and protect information about users of the DenialIQ platform ("Service"). Because the Service processes protected health information ("PHI") on behalf of healthcare providers, this document also serves as our HIPAA Notice of Privacy Practices.

DenialIQ operates as a HIPAA Business Associate. We do not act as a Covered Entity. We process PHI only on behalf of and at the direction of the Covered Entity (you) under the terms of our Business Associate Agreement.


1. Information We Collect

We collect the following categories of information:

Account and practice information:

  • Name, email address, and password (hashed; never stored in plain text)
  • Practice name, NPI number, credentials, address, and phone number
  • Billing information processed through Stripe (we do not store card numbers)

Protected Health Information (PHI) contained in ERA/835 files:

  • Patient names and member ID numbers as they appear in ERA/835 remittance files
  • Dates of service, CPT procedure codes, and ICD diagnosis codes
  • Payer names, claim IDs, and CARC/RARC denial reason codes
  • Billed amounts, paid amounts, and denied amounts

Usage and technical data:

  • Log data including IP addresses, browser type, and pages visited
  • HIPAA-required audit trail data (file uploads, claim views, appeal status changes)
  • Session tokens and authentication metadata

2. How We Use Your Information

We use the information we collect only to:

  • Provide, operate, and improve the DenialIQ Service
  • Parse ERA files and generate AI-assisted denial analysis and draft appeal letters
  • Authenticate users and maintain account security
  • Process payments and manage subscriptions
  • Maintain HIPAA-required audit logs of PHI access and activity
  • Send transactional communications (account creation, subscription receipts, trial reminders)
  • Investigate and respond to security incidents

We do not sell your information. We do not use PHI for marketing. We do not use PHI to train AI models beyond what is minimally necessary to provide the Service to you.

3. How PHI Is Stored and Protected

  • All PHI is stored in Amazon RDS (PostgreSQL) and Amazon S3, with AES-256 encryption at rest.
  • All data is transmitted exclusively over TLS 1.2 or higher (in transit encryption).
  • Database access is governed by row-level security (RLS) policies that enforce practice-level data isolation — no practice can access another practice's data.
  • ERA files uploaded to Amazon S3 are stored in private buckets with public access fully blocked, accessible only to the uploading practice through least-privilege IAM credentials.
  • Amazon Web Services is HIPAA-eligible and operates under a signed Business Associate Agreement. Data is stored in the United States (us-east-1 region).

4. Subprocessors

We share data only with the following service providers as necessary to operate the Service. Each subprocessor that may receive or process PHI has executed a Business Associate Agreement or equivalent data processing agreement with us.

Amazon Web Services (aws.amazon.com)

Application hosting, PostgreSQL database (RDS), file storage (S3), and audit logging (CloudTrail). Processes and stores PHI.

BAA in effect via AWS Artifact. U.S. data residency (us-east-1).

Anthropic (anthropic.com)

AI analysis via Claude API. PHI is transmitted for analysis.

BAA in effect. No Zero Data Retention agreement is in place.

Supabase (supabase.com)

Authentication services only.

Does not process PHI. Stores email addresses and session tokens only.

Stripe (stripe.com)

Payment processing. Processes billing information only.

Does not access PHI. PCI-DSS compliant.

Resend (resend.com)

Transactional email for non-PHI notifications.

Does not process PHI.

Zoho (zoho.com)

Business email communications.

Used for non-PHI correspondence only.

Cloudflare (cloudflare.com)

DNS resolution only.

Configured in DNS-only mode; does not proxy or inspect traffic.

We do not share your information with any other third parties except as required by law or as described in our BAA.

5. Data Retention

  • ERA files and claim data (PHI): Retained for 2 years from the date of upload, then permanently and irreversibly deleted. This supports the typical 180-day to 1-year appeals window while remaining proportional to operational need.
  • Audit logs: Retained for 6 years from date of creation as required by the HIPAA Security Rule (45 CFR § 164.312(b)).
  • Account information: Retained while your account is active and for 90 days following account closure or cancellation.
  • Payment records: Retained as required by applicable financial and tax regulations.

6. Breach Notification

In the event of a breach of unsecured PHI, we will:

  • Notify you without unreasonable delay and in no case later than 60 calendar days after discovery of the breach, as required by 45 CFR § 164.410.
  • Provide a breach notification that includes: the nature of the breach, the types of PHI involved, the individuals affected (to the extent known), steps taken to investigate and mitigate the breach, and contact information for follow-up questions.
  • Cooperate with your obligations to notify affected individuals and HHS as required under 45 CFR §§ 164.400–414.
  • Maintain documentation of all breaches and our response actions for a minimum of 6 years.

To report a suspected breach or security concern, contact us immediately at privacy@denialiq.com.

7. Patient Rights Under HIPAA

As a Business Associate, DenialIQ supports your obligations to patients whose PHI you process through the Service. Patients may exercise their rights under HIPAA — including rights of access, amendment, accounting of disclosures, and restriction — by contacting you as the Covered Entity. You should direct applicable requests to us and we will cooperate as required by our BAA.

Specifically, upon your written request, we will: (a) make PHI available to you for access and amendment; (b) provide an accounting of disclosures of PHI we have made; and (c) take other actions necessary to support your compliance with individual rights requests.

8. Your Rights as an Account Holder

  • Access and correction: You can view and update your practice information at any time in your Settings page.
  • Data deletion: You may request deletion of your account and associated data at any time. PHI will be deleted within 30 days of a confirmed deletion request submitted through your account settings or via email.
  • Data portability: You may export your claim data from the dashboard at any time in your account.
  • Marketing opt-out: We do not send marketing emails. You will only receive transactional communications related to your account and subscription.

9. Cookies and Tracking

We use only essential session cookies required for authentication and secure operation of the Service. We do not use advertising cookies, tracking pixels, or third-party analytics that access PHI. You cannot opt out of essential session cookies without losing access to the authenticated Service.

10. Children

The Service is directed to healthcare professionals and is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from minors.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting notice in your dashboard at least 15 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

12. Contact

For privacy questions, data deletion requests, breach reports, or to exercise your rights under HIPAA or applicable law, contact us at: privacy@denialiq.com

13. Founding Member Pricing

The first 5 customers who subscribe to DenialIQ are eligible for Founding Member Pricing at $79/month for life. This rate is locked for as long as the subscription remains active and is subject to the following terms:

  • Locked rate: The $79/month founding rate will not increase regardless of future changes to standard subscription pricing.
  • Non-transferable: Founding Member Pricing applies only to the original subscribing account and may not be transferred, assigned, or applied to any other account.
  • Forfeited on cancellation: Founding Member Pricing is permanently forfeited if the subscription is cancelled for any reason, including voluntary cancellation, non-payment, or account termination. Re-subscribing after cancellation will be billed at the then-current standard rate.
  • Available to the first 5 subscribing customers only. Not combinable with other promotional offers.