Privacy Policy

Effective March 19, 2026|Updated March 19, 2026|CHARGE Healthcare LLC

CHARGE Healthcare LLC("we", "us", "our") operates the CHARGE platform. This policy describes how we collect, use, store, and protect information when you use CHARGE. Your organization has separately agreed to our data processing terms.

1. Information We Collect

When you use CHARGE, we may collect:

  • Account information — name, email, mobile phone number, department, and role. Collected during onboarding and updatable via your profile.
  • Authentication data — phone number or email used for OTP verification, and session tokens. We do not store passwords.
  • Usage data — pages viewed, searches performed, articles accessed, votes cast, issues submitted, and comments posted.
  • Device and network information — IP address, browser type, OS, and whether access originates from your organization's campus network.
  • Uploaded content — images attached to issue reports or knowledge base articles.

2. How We Use Your Information

  • Authenticate your identity and manage platform access
  • Deliver knowledge base articles, issue reports, and role-relevant content
  • Enable AI-powered semantic search
  • Process inbound emails and generate knowledge base update proposals
  • Send transactional communications (OTPs, status updates, digests)
  • Generate aggregate analytics for department dashboards
  • Maintain platform security and enforce rate limits

3. SMS Messaging and Consent

CHARGE uses SMS as a primary authentication method. By providing your mobile phone number, you consent to receive SMS messages for OTP delivery.

Frequency: One (1) SMS per sign-in request. No marketing messages.

Rates: Standard messaging and data rates may apply. CHARGE is not responsible for carrier charges.

Opt out: Reply STOP to any message, or contact administration to switch to email OTP or SSO.

Help: Reply HELP or contact daniel.seitz@eskenazihealth.edu.

Carriers: Delivered via Twilio to all major U.S. carriers (AT&T, T-Mobile, Verizon, MVNOs).

Your phone number is used exclusively for authentication and is not shared for marketing purposes. Phone numbers are transmitted to Twilio solely for OTP delivery. SMS consent is not a condition of employment — alternative methods (email OTP, SSO/CAS) are available.

4. AI and Automated Processing

  • OpenAI embeddings — generate vector representations of article content for semantic search. No PHI is processed.
  • Anthropic Claude — analyzes forwarded emails and generates knowledge base update proposals. All proposals require human editor review.

No patient data, medical records, or PHI is stored in or processed by CHARGE.

5. Data Storage and Security

  • Cloud-hosted PostgreSQL (Supabase) with encryption at rest and in transit (TLS 1.2+)
  • Row-Level Security (RLS) policies enforce role-appropriate access
  • Secure HTTP-only cookies for session management; OTPs expire after a short window
  • Access-controlled storage buckets for uploaded images
  • Rate limiting on all API endpoints
  • Security headers including Content Security Policy (CSP), clickjacking/MIME protections, and Strict-Transport-Security on secure production traffic

6. Data Sharing

We do not sell, rent, or trade personal information. Data may be shared only with:

  • Service providers (Supabase, OpenAI, Anthropic, Twilio, Resend, Postmark) — processing data only as necessary, bound by their privacy policies
  • Institutional compliance — if required by organizational policies, law, or legal process
  • Aggregate analytics — de-identified usage statistics for department leads

7. Your Rights

  • View and update your profile via the Profile page
  • Request deletion of your account by contacting administration (some contributed content may be retained anonymized)
  • Opt out of SMS by replying STOP or switching authentication method
  • Opt out of emails via notification preferences

8. Data Retention

Accounts are retained for the duration of your affiliation with your organization. Upon departure, accounts may be deactivated and data retained per institutional retention policies. Search logs are anonymized after 12 months.

9. HIPAA Notice

CHARGE is an operational and educational tool, not designed for PHI as defined by HIPAA (45 CFR §160.103). Never enter patient-identifying information into any field.

Automated PHI detection scans free-text fields for patterns consistent with MRNs, SSNs, phone numbers, and dates of birth. Uploaded images are scanned for printed text that may contain PHI. These safeguards follow HIPAA Safe Harbor methodology (45 CFR §164.514(b)).

If patient information is accidentally submitted, contact your administrator immediately.

10. Changes

We may update this policy to reflect platform changes or regulatory requirements. Material changes will be communicated through the platform.

11. Contact

Questions about this policy should be directed to daniel.seitz@eskenazihealth.edu.