ReferFlow
Download PDF

Privacy Policy

Effective Date: January 31, 2026

Introduction

ReferFlow is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Information We Collect

Personal Information

We may collect personal information that you provide directly to us, including:

  • Name and contact information
  • Professional credentials and license information
  • Medical practice information
  • Email address and phone number

Health Information

As a healthcare coordination platform, we collect and process Protected Health Information (PHI) in accordance with HIPAA regulations, including:

  • Patient referral information
  • Medical images and diagnostic data
  • Clinical notes and assessments
  • Treatment recommendations

Usage Information

We automatically collect certain information about your device and how you interact with our platform:

  • Log data and usage patterns
  • Device information and IP addresses
  • Browser type and operating system
  • Access times and referring websites

How We Use Your Information

We use the information we collect to:

  • Facilitate secure referral coordination between optometrists and specialists
  • Provide, maintain, and improve our services
  • Communicate with you about your account and our services
  • Ensure compliance with healthcare regulations
  • Detect and prevent fraud or security issues
  • Analyze usage patterns to enhance user experience

Information Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • With Healthcare Providers: To facilitate patient referrals and care coordination
  • Service Providers: With third-party vendors who assist in operating our platform
  • Legal Requirements: When required by law or to protect rights and safety
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share information

Data Security

We implement industry-standard security measures to protect your information:

  • End-to-end encryption for all patient data and images
  • Secure, HIPAA-compliant cloud infrastructure
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Employee training on data protection and privacy

HIPAA Compliance

ReferFlow is designed to comply with the Health Insurance Portability and Accountability Act (HIPAA). We:

  • Execute Business Associate Agreements (BAAs) with covered entities
  • Implement required administrative, physical, and technical safeguards
  • Maintain audit trails for all PHI access and modifications
  • Provide breach notification procedures
  • Train all personnel on HIPAA requirements

Data Retention

We retain your information for as long as necessary to:

  • Provide our services to you
  • Comply with legal and regulatory requirements
  • Resolve disputes and enforce our agreements
  • Maintain business records

Healthcare data is retained in accordance with applicable medical record retention laws.

Your Rights

You have the right to:

  • Access your personal information
  • Request correction of inaccurate data
  • Request deletion of your information (subject to legal obligations)
  • Opt-out of certain data uses
  • Request a copy of your data in a portable format
  • Withdraw consent where processing is based on consent

To exercise these rights, please contact us at privacy@referflow.com

Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your session and preferences
  • Analyze platform usage and performance
  • Improve user experience
  • Provide secure authentication

You can control cookies through your browser settings.

Children's Privacy

ReferFlow is not intended for use by individuals under 18 years of age. We do not knowingly collect information from children.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place for such transfers.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending email notification to registered users
  • Displaying a notice on the platform

Contact Us

If you have questions about this Privacy Policy or our privacy practices, please contact us:

ReferFlow
Email: privacy@referflow.com
Phone: Contact Number
Address: Company Address

Pilot Phase Notice

During our pilot phase, we are continuously improving our platform and practices. We welcome feedback on our privacy practices and data handling procedures.