Privacy Policy

Last Updated: March 2026

Introduction

AskChart is a product of Klarity Health, Inc. We are committed to protecting your information and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

Please read this policy carefully. If you have any questions, contact us at compliance@helloklarity.com.

Information We Collect

Provider Account Information

When you create an AskChart account, we collect your name, professional credentials, National Provider Identifier (NPI), email address, phone number, and practice details.

Protected Health Information (PHI)

When you use AskChart, we process Protected Health Information (PHI) on your behalf under a Business Associate Agreement (BAA). This may include patient demographics, medical history, diagnoses, treatment plans, and communications.

Platform Usage Data

We collect information about how you use the platform, including feature usage, automation configurations, and performance metrics.

EHR Integration Data

If you connect your EHR system to AskChart, we collect information from your EHR as needed to power automations and provide our services.

How We Use Your Information

  • To provide and maintain the platform: Operating AskChart, processing automations, managing your account.
  • To execute automations: Running AI-powered workflows like billing, scheduling, and patient communication on your behalf.
  • To process billing: Handling payments, generating invoices, and managing billing operations.
  • To generate reports: Creating practice intelligence and performance metrics.
  • To improve the platform: Using de-identified and aggregated data to enhance features.
  • To communicate: Sending service updates, security alerts, and support messages.
  • To comply with law: Meeting legal obligations and responding to lawful requests.

Patient Communication Modes

Draft Mode (Default)

Draft Mode is the default for all new accounts. AskChart generates messages and communications, which you review and approve before sending to patients.

Auto-Send Mode

Auto-Send must be explicitly enabled by you for specific message categories. You control which communication types are approved for auto-sending and can modify or disable this setting anytime.

How We Share Your Information

We only share your information as described below:

With Your Authorization

We share PHI with other providers, service providers, or entities only under your explicit authorization, governed by our Business Associate Agreement.

Service Providers

We share information with service providers who help operate AskChart (EHR vendors, billing processors, cloud providers). These providers are bound by protective agreements and may only use your information to provide services on our behalf.

Legal Requirements

If required by law, court order, or government request, we may disclose your information. We will notify you of such requests when legally permitted.

Business Transfers

If AskChart is involved in a merger, acquisition, bankruptcy, or other business transfer, your information may be transferred as part of that transaction. We will notify you of any such change.

AI and Machine Learning

Third-Party AI Providers

We use third-party AI and LLM providers to deliver AskChart functionality. All third-party providers are bound by HIPAA Business Associate Agreements.

AI Accuracy

AI-generated outputs may contain errors or inaccuracies. All AI outputs must be reviewed and approved by you before use or sending to patients.

Training Data

Your patient data is never used to improve our AI models or shared with third-party AI providers for training purposes.

Data Security

  • Encryption: All data is encrypted at rest and in transit using industry-standard encryption.
  • Access controls: Access to sensitive data is restricted to authorized personnel on a need-to-know basis.
  • Audit logs: All access and modifications to PHI are logged and auditable.
  • Regular audits: We conduct regular security audits and penetration testing.
  • Breach notification: In the event of a breach, we will notify you within 24 hours for preliminary notification, with a full incident report within 60 days.

Data Retention

We retain your information for the following periods:

  • Account data: During your agreement with us, plus 7 years for regulatory compliance.
  • PHI: Per the terms of our Business Associate Agreement and applicable healthcare regulations.
  • Usage data: Retained for up to 3 years for analytics and service improvement.
  • De-identified data: Retained indefinitely for service improvement and analytics.

Your Privacy Rights

  • Access: You have the right to access and receive a copy of your information.
  • Correction: You have the right to request that we correct inaccurate information.
  • Deletion: You have the right to request deletion, subject to legal requirements.
  • Data portability: You have the right to request your information in a portable format.
  • Communication opt-out: You have the right to opt out of marketing communications.

To exercise any of these rights, contact us at compliance@helloklarity.com.

Questions About This Policy?

If you have questions about this Privacy Policy, please contact:

Klarity Health, Inc.
Email: compliance@helloklarity.com

This is a summary of our privacy practices. Full legal documents and HIPAA agreements are available upon request. This Privacy Policy may be updated periodically. Continued use of AskChart constitutes acceptance of any updates.