Privacy Policy

Last updated on December 1st, 2016

Key points:

• We use Patient Data (including messages) only to provide our Service in compliance with law.

• Our Service helps Healthcare Providers manage communications with their own Patients through

text messages or the Wellpass Platform.

• We handle each Patient’s Data only as permitted by his or her Healthcare Provider.


This Privacy Policy provides more detail about our Patient Data privacy practices.


1. Introduction


In this Privacy Policy, the term Healthcare Provider means the healthcare individual or entity who

communicates with its Patients through our Service. This could be an individual healthcare provider

(like a doctor), or a larger organization (such as a health center, or a health system). If a Patient is

part of a research study (for example, a test of an experimental medicine), the Healthcare Provider

may also be a clinical researcher.


The word Patient means the Healthcare Provider’s individual patient or that patient’s



While providing our Service, Sense Health collects Patient Data, which can include:


• A Patient’s name and telephone number;

• The communications the Patient and his or her Healthcare Provider send each other through our

Service (such as text messages); and

• Notes or other information regarding the Patient supplied by the Healthcare Provider.


If the Patient uses our app, then his or her Patient Data may also include:


• Information about the Patient’s mobile device, such as device ID and IP address; and

• Information about usage of the app, such as the way the Patient navigates through the app.


2. How We Use Patient Data


We use each Patient’s Data only to provide our Service in compliance with law, and then only as

permitted by our contract with that Patient’s Healthcare Provider. Depending on that contract and

applicable legal requirements, we may use Patient Data as follows:


• To allow Healthcare Providers to manage communications with their Patients;

• To create aggregated or de-identified information (for example, to help Healthcare

Providers understand which communication strategies have been most successful);

• For the proper management and administration of our business (for example, to troubleshoot our

communications tools);

• As required by law; and

• For other purposes authorized by the Healthcare Provider to whom the data pertains.


3. Disclosure of Patient Data


We may disclose a Patient’s Data only to provide our Service in compliance with law, and then only

as permitted by our contract with that Patient’s Healthcare Provider. Depending on that contract

and applicable legal requirements, we may disclose Patient Data as follows:


• To the Relevant Healthcare Provider. When a Healthcare Provider hires us to facilitate

communications with their Patient, our technology permits that communication. The Healthcare

Provider’s use and disclosure of any such Patient Data (such as sharing within its organization) is

subject to its own policies and procedures.


• To Agents & Subcontractors. In compliance with applicable law and our contractual obligations,

we may share Patient Data with third parties that help us operate our business and provide our

Service (or contract with them to collect the data directly), such as a data storage provider.


• If Required by Law. We may disclose Patient Data in response to a mandate that is enforceable in a

court of law (such as a search warrant, court order or subpoena).


• Changes in the Structure or Ownership of the Sense Health or its Assets. To help facilitate

continuity of communications and of healthcare, we may transfer Patient Data when we sell or

transfer all or a portion of our business or assets (such as in connection with a merger, acquisition,

reorganization, dissolution or liquidation), consistent with applicable law.


• Aggregated or De-identified Information. We may share appropriately aggregated or de-identified data             with third parties who cannot identity the Patients or Healthcare Providers to which the original data                 pertained. For example, we may publish a statistic about which communications strategies are most



• At the Healthcare Provider’s request. At the request of a Healthcare Provider client, we may make

other disclosures of Patient Data we hold for that Healthcare Provider.


4. Data Security


We comply with the Security Rule issued by the U.S. Department of Health and Human Services

under the Health Insurance Portability and Accountability Act (HIPAA) and other applicable legal

and contractual data security requirements.


5. A Note about Data Submitted by Healthcare Providers About Themselves.


When a Healthcare Provider or its personnel use our system, they may provide us with their own

contact details. We protect this data, and all other data they submit, in compliance with our

agreement with the Healthcare Provider. To analyze current and potential Healthcare Providers’

use of our website, and to facilitate our efforts to market to the Healthcare Providers, we may

arrange for third-party analytics and advertising companies to use technologies such as cookies on

the Providers’ browsers. To learn more about interest-based advertising generally, including certain

opt-out options offered by some of our current ad service partners, click here. We do not provide

these analytics and advertising service partners with Patient Data or any other information about

Patients. We also don’t use their services or permit them to operate on the part of our website

directed to patients:


6. Updates to this Privacy Policy


We may modify this Privacy Policy and provide notice of the change by posting the updated version

on Although this Policy may evolve, we will continue to protect Patient Data in

compliance with law and our agreements with the relevant Healthcare Providers


7. Contacting us


If you have any questions about this Privacy Policy or our privacy practices, please contact us:


Privacy Officer

Wellpass, Inc

821 Broadway, Floor 5

New York, NY 10003