Privacy Policy
Last updated: April 26, 2026
1. Information We Collect
We collect the information you provide during registration and the intake assessment, including your name, email address, date of birth, state of residence, medical history, and responses to our clinical screening questions.
2. How We Use Your Information
Your information is used to facilitate clinical review by licensed providers, to communicate with you about your care, and to process payments. We do not sell your personal health information.
3. HIPAA Compliance
We treat your health information as Protected Health Information (PHI) under HIPAA guidelines. We implement administrative, physical, and technical safeguards to protect your PHI.
4. Data Security
All data is encrypted in transit (TLS) and at rest. Access to PHI is restricted to authorized personnel and your assigned licensed provider.
5. Third-Party Services
We use Stripe for payment processing. Stripe is PCI-DSS compliant and does not have access to your health information. We may use HIPAA-compliant third-party telehealth partners for provider matchmaking.
6. Data Retention
We retain your health records in accordance with applicable state and federal law. You may request deletion of your account subject to legal retention requirements.
7. Your Rights
You have the right to access, correct, or request deletion of your personal information. Contact us at privacy@cura.health to exercise these rights.