Data Collection
Medical Profiles: We collect health information (allergies, medications, date of birth, emergency contact information) only when provided by the user or facility.
NFC/QR Interactions: No data or information is collected at this time. Data is shown in the display page as entered by the user or facility.
Account Info: Standard names, emails, and billing data for the person or facility managing the cards.
Data Usage
The “Emergency Intent”: The primary purpose of data storage is to provide immediate information to first responders and medical professionals.
No Third-Party Selling: We do not sell, rent, or trade your medical data to insurance companies, pharmaceutical firms, or marketers.
Data Security & HIPAA
Encryption: The data is encrypted both “in transit” (when it’s being sent) and “at rest” (when it’s sitting on the server).
HIPAA Standards: Our data handling processes align with the administrative and technical safeguards required by the Health Insurance Portability and Accountability Act.
User Control & The “Right to be Forgotten”
Immediate Deactivation: A user or facility administrator can wipe a profile or deactivate an NFC card instantly.
Third-Party Services
Cloud Hosting: We use secure cloud providers (like AWS or Google Cloud) to store data, but they have no access to the unencrypted medical records.
Payment Processors: We use Square to handle credit card info — we don’t store the actual card numbers on our site.