remyStart pilot

Data handling

HIPAA-adjacent data handling.

Veterinary records aren’t protected by HIPAA. We handle them as if they were.

Draft — counsel review pendingThis page is a starting draft in Remy’s voice, not a final agreement. It will be replaced with lawyer-reviewed copy before the site goes live.

The standard

Veterinary clinical records aren’t covered by HIPAA in the United States — HIPAA protects human patient information under 45 CFR Parts 160 and 164. We nonetheless handle clinic records at the same operational bar HIPAA defines for Protected Health Information: least-privilege access, logged activity, encryption at rest and in transit, vendor oversight, and breach notification.

What we process

  • SOAP notes, diagnoses, CPT and diagnosis codes, and invoice line items.
  • Owner information required by the claim form — name, address, policy details.
  • Insurer submission receipts, denial letters, appeals, and payout notices.
  • Account and billing records for the clinic using Remy.

How it’s protected

  • Encryption in transit via TLS 1.2+ on every network hop.
  • Encryption at rest for databases, object storage, and backups.
  • Least-privilege access. Only operators with a specific need can view clinic data. Every view is logged.
  • MFA required for every internal tool. SSO where available.
  • Segregation. Clinic data is isolated per tenant. Operator tooling cannot mix records across clinics.
  • Backups are encrypted, versioned, and tested on a regular cadence.

Subprocessors

We use a small set of SOC 2-audited subprocessors for cloud hosting, transactional email, and error monitoring. We maintain and publish a current subprocessor list to any clinic that asks, and we commit not to add a new subprocessor without notice.

Model use

Remy uses machine-learning services to parse records and map them to insurer forms. Every ML provider we use is contractually prohibited from training models on the content we send. We don’t build or train general-purpose models on your clinic’s records.

Retention and deletion

Patient records and invoices are retained only as long as needed to handle appeals — typically 18 months per insurer, longer only if a specific claim is still in appeal. On termination of service, we purge your data within 30 days and send you written confirmation, including a certificate listing the systems purged and the date each purge completed.

Incident response

If we learn of a security incident affecting your clinic, we’ll notify you within 72 hours with what we know, what we’re doing, and what (if anything) you need to do. We follow a documented incident-response runbook and perform a post-incident review shared with affected clinics.

Audit and transparency

We will provide, on request, our subprocessor list, a security-controls summary, and a standard operational attestation. Clinics operating under contractual data-handling obligations can request a signed addendum; we’ll tell you honestly whether the ask is within what we can commit to.

Contact

For questions or to request our current subprocessor list or controls summary: rainer@positivecheck.com.