Privacy Policy

Effective Date: 5-12-2025
Last Updated: 6-20-2025

Welcome to SOAPsync.com (“we”, “our”, “us”). We take your privacy seriously and are committed to protecting the personal and health-related information that clinicians and their clients entrust to us.

This Privacy Policy explains how we collect, use, and safeguard your information when you use our HIPAA-compliant documentation and practice management platform.

1. Information We Collect

A. Clinician Information

  • Name, email address, phone number
  • Professional credentials and license information
  • Payment and billing information

B. Patient Information (ePHI)

  • We do not retain patient information
  • Information entered by clinicians, such as names, date of birth, mental health status, diagnostic records, and treatment plans
  • This data is protected under HIPAA and is never shared without authorization

C. Usage Data

  • Browser type, device information, IP address
  • Log files, interaction with features, and session time

2. How We Use Your Information

  • To provide and maintain the SOAPsync.com platform
  • To support clinicians in organizing patient documentation and SOAP notes
  • To improve user experience and platform security
  • To comply with legal and regulatory requirements

3. HIPAA Compliance & Security

We are a HIPAA-compliant Business Associate and implement the following safeguards:

  • Data encryption in transit (TLS 1.2+) and at rest (AES-256)
  • Role-based access controls and user authentication
  • Business Associate Agreements (BAAs) with all Covered Entities
  • Routine backups and breach response protocols
  • Regular third-party security audits

4. Sharing of Information

We do not sell, rent, or trade personal information or PHI.

We may share limited information only with:

  • Subprocessors (e.g., cloud service providers) under signed HIPAA-compliant BAAs
  • Law enforcement, only if required by law
  • In emergency situations where disclosure is necessary to prevent harm

5. Cookies & Tracking

We use strictly necessary and performance cookies for:

  • User session management
  • Site analytics to improve performance (non-identifiable)

You can manage cookie preferences through your browser settings.

6. Data Retention

  • Patient data is retained only for the duration of the clinician’s session
  • Clinicians may export, modify, or delete patient data as required under HIPAA and state laws

7. Your Rights

As a clinician or user, you have the right to:

  • Access and correct your personal information
  • Download and export your data
  • Request deletion of your account and associated data
  • Report suspected misuse to privacy@SOAPsync.com

Patients must direct requests to their clinician, who manages their records.

8. Third-Party Links

Our platform may contain links to third-party services. We are not responsible for the privacy practices of external sites.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted here and emailed to registered users.

10. Contact Us

If you have any questions, please contact: