Log In
NEDOCS Privacy Policy
NEDOCS LLC ("NEDOCS" or "we" or "our') is committed to maintaining security and privacy of information of its customers. NEDOCS offers a platform and services to give patients access to their electronic health information and facilitates data interoperability between patients, health care providers, health care systems, third party payors and other authorized health care solutions partners. This Privacy Policy describes NEDOCS’s information collection practices in connection with use by patients of our platform at, the NEDOCS website at, software we offer through our website, mobile applications, and web-based tools (collectively, our "Services"). NEDOCS collects and uses information in the course of our customers’ ("you" or "your") use of our Services.
Information we collect
The information NEDOCS collects from you depends on your activities and use of our Services. We comply with all local, state and federal privacy laws regulating the transmission, processing and storing of health information, including the Health Insurance Portability and Accountability Act of 1996, as amended from time to time, together with the regulations adopted thereunder ("HIPAA"). We also comply with the CARIN Alliance Code of Conduct, Veterans Affairs API Terms of Service, ONC Model Privacy Notice, and the rules and regulations of the Centers for Medicare & Medicaid Services. References in this Privacy Policy to "data" applies to all types of data, including de-identified, anonymized or pseudonymized data.
Information you provide to us
Account and Profile Information:When you register and use the Services, we may collect a information about you such as your name, title, email address, phone number, address, payment information (when and if applicable), and similar information by which you may be personally identified (“Personal Information”). We may collect this information directly from you or from another user (administrator or other authorized person).
Health Information: You may also provide us with Protected Health Information (as defined under HIPAA) or authorize us to obtain Protected Health Information from third parties. This may include:
Health information that might be included in electronic health or medical records (including medications) or Medicare claims and encounter data, if you elect to have that information shared with us. You are responsible for determining uses and disclosures of your personal health information and the potential impact such uses and disclosures might have on your family members when it involves data regarding genetic and family health histories. Together, we refer to Personal Information and Protected Health Information as "PHI". Content of Information:We collect and store content you create, input, transmit, or store in the process of using our Services, including PHI and data you post (i.e., upload) to our platform. We also collect information on your behalf when you authorize us to retrieve and import information from business customers, vendors or other third parties. We may collect other data you may submit when using our website or that you may submit to us directly such as when you request customer support.
Information we automatically collect from your use of our website
NEDOCS and our third-party partners (such as analytics service providers) may automatically receive and record certain non-Personal Information from you using web logs when you interact with our website (such as your IP address, browser type, internet service provider, operating system, URLs, date/time stamps, and system configuration information). We also collect and store analytics (e.g., usage) information to help us improve our Services.
NEDOCS uses various technologies to collect information about your use of our website, including cookies and other tracking mechanisms. We gather this information to allow you to access and use the website more easily and to improve our services to you more generally. For example, we use these tools to save user preferences, preserve session settings and activity, help authenticate users, allow users to auto-fill pages of websites they frequently visit, and debug and evaluate the performance of our website. Our third party service providers also may collect such information about your online activities over time and on other websites or apps. Our systems do recognize browser “do-not-track” requests. You may be able to disable certain tracking, cookies, and change browser settings to block and delete cookies when you access our website through a web browser, however doing so may affect its functionality.
How we use information
We may use the information we collect for a variety of purposes, including to:
Provide, operate, maintain, improve, promote, and personalize our Services to you;
Communicate with you, including responding to your comments and questions; providing customer service and support; providing you with information about our Services, including technical notices, security alerts, changes in our terms, or administrative messages; and providing other news or information about us and our partners;
Investigate and prevent fraudulent transactions, unauthorized access to our Services, and other illegal activities;
For business purposes, such as data collection and analysis, developing new products, services, features, and functionality; we may anonymize and aggregate data collected through our Services; and
Monitor and analyze trends, usage, and activities in connection with our Services to better understand how users access and use our Services and platform, both on an aggregated and individualized basis, in order to improve our Services, platform and our services to our customers, and for other research and analytical purposes. We may combine and compile Your Information with other individuals’ information for the purpose of analysis.
It should be noted that some data, even if it has been anonymized, can still be used to identify people with specific medical conditions. The aggregation process involves de-identification of Your Information such that you and other individuals cannot be reasonably identified specifically.
When we share information
To the extent that you provide us with Your Information, we will use and disclose it only to the extent disclosed and permitted in this Privacy Policy. We apply reasonable and appropriate measures to safeguard the confidentiality, integrity, and availability of Your Information we store and process on behalf of you.
We may share Your Information in the following ways:
With your consent:We will share Your Information with companies, organizations, or individuals outside of 1upHealth when we have your prior proper consent to do so, except as otherwise specified herein.
Vendors and other third parties:We may share Your Information with third party vendors, service providers, contractors or agents who perform function or services on our behalf and require access to such information to do that work and perform our business. in each such case in compliance with HIPAA. Examples include data analysis, payment processing, hosting services, and customer support functions. Such third-party service providers will only have access to the Your Information as necessary to perform their functions and pursuant to agreements they enter into with us that require them to fully comply with our data protection policies and this Privacy Policy.
Compliance with laws and protection of our rights:We may use and disclose Your Information to a third party if: (i) we believe that disclosure is reasonably necessary to comply with any applicable law, regulation, legal process or governmental request; (ii) to enforce our agreements, policies and terms of service; (iii) to protect our operations and the security or integrity of 1upHealth’s products and services; (iv) to protect the property, rights, and safety of 1upHealth, you, our customers or the public from harm or illegal activities; or (v) to investigate and defend ourselves against any third-party claims or allegations and to allow us to pursue available remedies or limit the damages that we may sustain.
Sale of the Business:We may share or transfer Your Information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. In the event of such an event, an acquiring company will be responsible for informing you about material changes to the way your data is used.
Aggregate or non-identifying data:We may share aggregate or other non-Personal Information that does not directly identify you with third parties in order to improve the overall experience of your using our website and the Services that we provide.
We do not rent, sell or share Personal Information about you with other persons for their direct marketing or other purposes, without your permission.
Contact Us
You may contact us regarding this privacy policy via email at