Privacy Policy

Intakable is a HIPAA-eligible software-as-a-service platform that helps medical clinics collect pre-visit patient intake information. This Privacy Policy explains how we collect, use, store, and share information through the Intakable platform (the "Service").

We operate as a Business Associate to medical clinics ("Customers") who use the Service to coordinate patient care. Patients ("End Users") interact with the Service through their clinic. This policy applies to both Customers and End Users, with HIPAA obligations primarily flowing through the Customer's separate Business Associate Agreement with us.

From Customers (clinics and clinic staff): account credentials, role assignments, billing information, and audit-log entries showing who accessed what within the Service.

From End Users (patients): Protected Health Information that the patient's clinic asks us to collect on its behalf. This typically includes demographic information (name, date of birth, address, phone, email), insurance information, medical history, current medications, allergies, pain scores, and audio recordings of voice intake calls. We collect this information only at the direction of the patient's clinic and only with the patient's informed consent at the time of appointment booking.

Automatically: standard server logs (IP address, browser type, request paths, timestamps) for security and operational purposes.

We use the information we collect to (a) provide the Service to Customers and their patients, (b) coordinate pre-visit intake workflows including SMS messages and AI-assisted voice calls, (c) generate FHIR-formatted clinical data and forward it to the Customer's electronic medical record system, (d) maintain audit logs of all access to PHI, and (e) ensure the security and integrity of the Service.

We do not use patient data to train AI models, sell to advertisers, or share with third parties except (i) sub-processors strictly necessary to deliver the Service (e.g., cloud hosting, voice/SMS infrastructure, EMR integration), all under written data processing agreements that mirror our HIPAA obligations, or (ii) as legally required.

When a Customer enables Intakable's pre-visit SMS feature, the Service sends transactional SMS messages to patients about their upcoming appointments and intake completion. These messages are sent only to phone numbers for which the Customer has captured written or verbal consent at the time of appointment booking. See our SMS Communications & Consent page for the full consent flow, sample messages, and opt-out details.

Messages are strictly transactional — coordinating the patient's pre-visit intake, appointment confirmations, prep reminders, and post-procedure follow-up — and contain no marketing content. Frequency varies by appointment volume, typically zero to four messages per appointment cycle.

Patients may opt out at any time by replying STOP (or any of END, CANCEL, UNSUBSCRIBE, or QUIT) to any message. Opt-out requests are processed immediately at the carrier level and persisted in our database. Patients may resume messages by replying START or UNSTOP. Replying HELPreturns the clinic's contact phone number and a link to the SMS Communications page.

We do not sell, rent, or share patient phone numbers with third parties for marketing purposes. Phone numbers are disclosed only to the patient's clinic and to the SMS / voice infrastructure sub-processors listed below, all under written data-processing agreements.

Standard message and data rates may apply, depending on the patient's mobile carrier plan. Intakable does not charge patients for messages.

All patient data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Database access is restricted by row-level security enforced at the database engine level — clinics cannot access other clinics' data even with elevated application credentials. Every read, write, and modification of PHI generates an immutable audit-log entry capturing the actor, action, timestamp, and content hash.

Access to production systems is limited to a small number of engineering personnel under signed confidentiality and HIPAA agreements. We use multi-factor authentication, hardware security keys for production access, and quarterly access reviews.

Patients have rights over their information including the right to access, correct, or request deletion of their data. To exercise these rights, contact your clinic directly — they are the data controller and we act as their Business Associate. If your clinic has terminated its account with us, contact us at privacy@intakable.com and we will route your request appropriately.

We retain patient data for as long as the Customer's account is active. Upon termination, we provide the Customer 30 days to export their data, then permanently delete it within 30 additional days unless legal hold or regulatory obligation requires longer retention. Audit logs are retained for the longer of (a) seven years or (b) the period required by HIPAA and state regulations.

We use the following sub-processors to deliver the Service. Each is covered by a written agreement with terms appropriate to their access scope:

• Vercel — application hosting (US-based)
• Supabase — database, authentication, file storage (BAA executed)
• Vapi — AI voice calling (HIPAA-eligible tier)
• Anthropic — AI inference for clinical data extraction (zero-data-retention configuration)
• Twilio — SMS messaging
• Redox — EMR integration to electronic medical records

We update this list as sub-processors change. Customers are notified at least 30 days before a new PHI-handling sub-processor is added.

We may update this Privacy Policy from time to time. Material changes will be communicated to Customers at least 30 days before taking effect. The "Last updated" date at the top of this page reflects the most recent revision.

Privacy questions: privacy@intakable.com

Security concerns or suspected breach: security@intakable.com