Privacy Policy

Last Updated: January 2026

NovaMedSuite (“NovaMedSuite”, “we”, “our”, or “us”) is committed to protecting the privacy, confidentiality, and security of personal and healthcare-related information. This Privacy Policy explains how we collect, use, disclose, store, and protect information when you use our website, applications, software, and services.

By accessing or using NovaMedSuite, you agree to the practices described in this Privacy Policy.

1. Information We Collect

We collect information only as necessary to provide secure, reliable, and HIPAA-compliant healthcare technology services.

1.1 Information You Provide

  • Name, email address, phone number
  • Organization or clinic information
  • Login credentials
  • Support communications
  • Billing and subscription information

1.2 Health & Clinical Data

Depending on your use of the Services, we may process:

  • Patient records (EMR / EHR data)
  • Appointments, prescriptions, lab results
  • Medical notes and schedules

Important: NovaMedSuite acts as a data processor for healthcare providers and does not claim ownership of patient data.

1.3 Automatically Collected Data

  • IP address
  • Device and browser type
  • Usage logs and audit trails
  • Date, time, and activity records

2. How We Use Information

We use collected data to:

  • Provide, operate, and maintain our Services
  • Ensure system security and HIPAA-compliant access control
  • Enable scheduling, EMR/EHR, and healthcare workflows
  • Improve system performance and reliability
  • Respond to inquiries and provide technical support
  • Comply with legal, regulatory, and contractual obligations

We do not sell or rent personal or health data.

3. HIPAA-Compliant Security & Encryption

NovaMedSuite is designed to meet HIPAA security standards and protect all sensitive healthcare information.

  • Data Encryption: All information, files, and patient records are encrypted in transit and at rest using industry-standard encryption protocols.
  • Access Controls: Role-based access control (RBAC) ensures that only authorized personnel can access sensitive data.
  • Audit Trails: All access and modifications of data are logged to maintain accountability and support compliance audits.
  • Secure Infrastructure: Systems and servers are maintained with up-to-date security patches, firewalls, and intrusion detection measures.
  • Business Associate Agreements (BAA): NovaMedSuite is prepared to sign BAAs with healthcare providers as required under HIPAA regulations.
  • Data Minimization & Confidentiality: Only the minimum necessary information is processed, ensuring patient privacy and compliance.

These measures ensure that NovaMedSuite maintains confidentiality, integrity, and availability of all healthcare data in accordance with HIPAA standards.

4. Data Sharing & Disclosure

We only share data:

  • With authorized users within your organization
  • With trusted service providers under strict confidentiality agreements
  • When required by law, court order, or regulatory authority
  • To protect rights, safety, and security of users or the public

We never share patient data for marketing or advertising.

5. Data Retention

We retain information:

  • For as long as necessary to provide the Services
  • As required by healthcare regulations and contractual obligations
  • Until a customer requests deletion, subject to legal requirements

Upon service termination, data can be securely exported or deleted upon request.

6. User Rights

Depending on your jurisdiction, you may have the right to:

  • Access your personal data
  • Request correction of inaccurate data
  • Request deletion of data
  • Restrict or object to processing
  • Receive a copy of your data

Requests can be submitted using the contact details below.

7. Cookies & Tracking

We use minimal cookies for:

  • Authentication
  • Security
  • Session management
  • Performance analytics

You can control cookie preferences through your browser settings.

8. Third-Party Services

Our Services may integrate with third-party tools (e.g., hosting, payment processors). These providers are contractually bound to protect your data and may have their own privacy policies. NovaMedSuite is not responsible for third-party practices outside our control.

9. International Data Transfers

Your data processed or stored in secure data centers located in different jurisdictions. We ensure appropriate safeguards are in place to protect your information during such transfers.

10. Children’s Privacy

NovaMedSuite is not intended for use by individuals under the age of 18 unless accessed through authorized healthcare providers. We do not knowingly collect data directly from minors.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised “Last Updated” date. Continued use of the Services constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or privacy requests, contact us at:

NovaMedSuite
Email: company@novamedsuite.com
Website: https://novamedsuite.com

Scroll to Top