Last updated: April 2026
We collect information you provide directly, including name, email, health intake responses, and payment information. We also collect usage data and analytics to improve our services.
MedSally is fully HIPAA compliant. We maintain Business Associate Agreements with all vendors who handle Protected Health Information (PHI). Your health data is encrypted at rest and in transit and is never sold to third parties.
We use your information to provide telehealth services, process payments, communicate with you about your care, and improve our platform. We do not sell your personal or health information.
All data is stored on HIPAA-compliant AWS infrastructure with encryption at rest (AES-256) and in transit (TLS 1.3). We conduct regular security audits and maintain role-based access controls.
You have the right to access, correct, or delete your personal information. You may also request a copy of your health records. Contact us at [email protected] for any data requests.
We use cookies for authentication, analytics, and improving your experience. You can control cookie preferences through your browser settings or our cookie consent banner.
For privacy questions, contact us at [email protected] or write to MedSally, Inc., Privacy Office.