Privacy Policy | Hero EMR

1. Introduction

Hero EMR ("we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at heroemr.com (the "Site") and use our electronic medical records platform (the "Service").

By accessing or using our Site or Service, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Site or Service.

2. Information We Collect

Information You Provide

Account & Contact Information: Name, email address, phone number, practice name, and professional credentials when you register, request a demo, or contact us.
Billing Information: Payment details processed through our third-party payment processor. We do not store full credit card numbers on our servers.
Communications: Any messages, feedback, or support requests you send to us.

Information Collected Automatically

Usage Data: Pages visited, features used, clickstream data, and interaction patterns within the Service.
Device & Browser Information: IP address, browser type and version, operating system, device type, and screen resolution.
Cookies & Similar Technologies: We use cookies, web beacons, and similar tracking technologies to enhance your experience and analyze site traffic. See Section 5 for details.
Referral Data: If you arrive via a referral link, we may record the referral source for analytics purposes.

3. How We Use Your Information

We use the information we collect for the following purposes:

To provide, operate, and maintain the Service
To process demo requests and communicate with you about our products
To improve, personalize, and optimize the Site and Service
To analyze usage trends and measure the effectiveness of our marketing
To send you product updates, newsletters, or marketing communications (you may opt out at any time)
To detect, prevent, and address technical issues or security threats
To comply with legal obligations

4. Protected Health Information (PHI) & HIPAA

Hero EMR is designed to be used by healthcare providers as an electronic medical records system. When our Service is used to store, process, or transmit Protected Health Information (PHI), we do so in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act.

We enter into Business Associate Agreements (BAAs) with our covered entity customers as required by HIPAA.
PHI is encrypted in transit and at rest using industry-standard encryption protocols.
Access to PHI is restricted to authorized personnel and governed by role-based access controls.
We maintain administrative, physical, and technical safeguards as required by the HIPAA Security Rule.

This Privacy Policy governs the information collected through our marketing Site. The handling of PHI within the Service is governed by our BAA and applicable HIPAA regulations.

5. Cookies & Tracking Technologies

We use the following types of cookies:

Essential Cookies: Required for the Site to function properly (e.g., session management, cookie consent preferences).
Analytics Cookies: Help us understand how visitors interact with the Site by collecting usage data in aggregate form.
Functional Cookies: Remember your preferences and settings to provide a more personalized experience.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of the Site.

6. Third-Party Services

We may share information with third-party service providers who assist us in operating the Site and Service, including:

Hosting & Infrastructure: Cloud hosting providers that store and process data on our behalf.
Analytics: Services that help us analyze site usage and performance.
Payment Processing: Third-party processors that handle billing transactions securely.
Communication Tools: Email and messaging platforms used to communicate with users.

These providers are contractually obligated to protect your information and may only use it for the purposes we specify.

7. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. We may also retain information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements. When information is no longer needed, we securely delete or anonymize it.

8. Data Security

We implement industry-standard security measures to protect your information, including:

TLS/SSL encryption for all data in transit
AES-256 encryption for data at rest
Regular security audits and vulnerability assessments
Access controls and authentication requirements for all personnel

While we strive to protect your information, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Access, correct, or delete your personal information
Object to or restrict processing of your information
Request portability of your data
Withdraw consent for marketing communications

To exercise any of these rights, please contact us using the information in Section 12.

10. Children's Privacy

The Site and Service are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected information from a child, we will take steps to delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make changes, we will revise the "Effective date" at the top of this page. We encourage you to review this policy periodically. Your continued use of the Site or Service after changes are posted constitutes your acceptance of the updated policy.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at:

Hero EMR
Email: privacy@heroemr.com
Website: heroemr.com