Compliance & Security

Security posture

Our systems are designed with healthcare and sensitive data in mind. We use industry-standard practices for access control, encryption in transit and at rest where applicable, and secure development and deployment. We work with our customers to align with their security and risk requirements.

HIPAA and Business Associate Agreements

Where our products handle data that may be subject to HIPAA or other health privacy rules, we enter into Business Associate Agreements (BAAs) with covered entities and business associates as required. Our BAA outlines our commitments regarding the use, safeguarding, and disclosure of protected health information (PHI).

Data handling

We process data only as necessary to deliver and support our products. We do not use customer data or PHI for marketing or unrelated purposes. Data retention and deletion follow our agreements and applicable law. For more detail on how we handle information collected via this website, see our Privacy Policy.

Human oversight and accuracy

Our products are built with human oversight in mind. Escalation paths, review workflows, and clear visibility into system behavior help ensure that decisions affecting care operations can be reviewed and corrected when needed. We design for accuracy and trust, not black-box automation.

Questions for procurement or compliance

If you are evaluating Caregentis for your organization and need security questionnaires, compliance documentation, or BAA terms, please contact us through our Contact page. We are happy to provide information appropriate to your review process.