TruWell AI — Privacy Policy
← Back to TruWell AI
TruWell AI Logo

Privacy Policy

Last Updated: May 1, 2026

HIPAA NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

TruWell AI LLC is a covered entity under HIPAA. We are required by law to maintain the privacy of your Protected Health Information (PHI) and to provide you with this Notice of our legal duties and privacy practices with respect to your PHI.

Geographic Scope: Telemedicine services are currently available to patients located in the state of Utah only. We are licensed and authorized to prescribe and coordinate care for patients in Utah. Patients in other states may be added as additional licensure is obtained.

NPI: 1295621324  |  Address: 3490 W 3300 S, Suite 7, West Haven, UT 84401  |  Phone: (385) 475-6394

TruWell AI LLC ("TruWell AI," "we," "us," or "our") is committed to protecting your privacy and the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, telehealth platform, and related services.

By using our services, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use our services.

1. Information We Collect

Personal Information

  • Full name, date of birth, gender
  • Email address, phone number, mailing address
  • Government-issued identification (when required for identity verification)

Health Information (Protected Health Information — PHI)

  • Medical history, symptoms, and current medications
  • Lab results and diagnostic reports
  • Treatment plans, prescriptions, and provider notes
  • Telehealth consultation recordings (if applicable and with your consent)

Payment Information

  • Credit/debit card numbers, billing address
  • Transaction history and subscription details
  • Payment information is processed by PCI-compliant third-party payment processors; we do not store full card numbers on our servers

Usage Data

  • IP address, browser type, device information
  • Pages visited, time spent on pages, referring URLs
  • Interaction data within our platform (e.g., forms submitted, features used)

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing Care — to facilitate telehealth consultations, create treatment plans, prescribe medications, and coordinate lab work
  • Account Management — to create and manage your patient account, process payments, and communicate with you about your care
  • AI-Powered Optimization — to assist our licensed providers with protocol analysis and treatment recommendations (all clinical decisions are made by providers)
  • Communication — to send appointment reminders, lab notifications, treatment updates, and respond to your inquiries
  • Improvement — to analyze usage patterns and improve our platform, services, and patient experience
  • Compliance — to comply with legal obligations, resolve disputes, and enforce our agreements
  • Marketing — to send promotional communications (only with your consent; you may opt out at any time)

3. HIPAA Compliance

TruWell AI is committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable federal and state regulations governing the protection of health information.

  • All Protected Health Information (PHI) is stored, transmitted, and processed in accordance with HIPAA Security Rule requirements
  • We maintain administrative, physical, and technical safeguards to protect your PHI
  • Our staff and providers receive regular HIPAA training
  • We enter into Business Associate Agreements (BAAs) with all third-party vendors who access or process PHI on our behalf
  • You have the right to request a copy of your medical records, request amendments, and receive an accounting of disclosures as outlined by HIPAA

We will notify you promptly in the event of a breach of your unsecured PHI, as required by the HIPAA Breach Notification Rule.

4. Telehealth Data

When you participate in telehealth consultations through our platform:

  • Video and audio sessions are conducted over encrypted connections
  • Session recordings are only made with your explicit consent and are stored securely in compliance with HIPAA
  • Chat messages and secure portal communications between you and your provider are encrypted in transit and at rest
  • Telehealth session metadata (date, time, duration) is retained as part of your medical record

5. How We Share Information

We do not sell your personal or health information to third parties. We only share your information in the following circumstances:

  • Healthcare Providers — with licensed providers involved in your care
  • Pharmacies — to fulfill your prescriptions
  • Laboratories — to order and receive your lab results
  • Payment Processors — to process your payments securely
  • Business Associates — with vendors who perform services on our behalf under signed BAAs
  • Legal Requirements — when required by law, court order, or governmental regulation
  • Safety — to prevent fraud, protect our rights, or ensure the safety of our patients and staff

6. SMS / Text Message Policy

TruWell AI may send SMS/text messages related to your care and account. By providing your phone number and opting in, you consent to receive text messages from us.

  • Types of Messages: Appointment reminders, lab notifications, treatment updates, account alerts, and promotional messages (if opted in)
  • Frequency: Message frequency varies based on your care and account activity
  • Opt Out: You may opt out at any time by replying STOP to any message. You will receive a confirmation and no further messages will be sent
  • Help: Reply HELP for assistance or contact [email protected]
  • Costs: Message and data rates may apply depending on your mobile carrier and plan
  • We do not share your phone number or SMS consent data with third parties for marketing purposes
  • Consent to receive text messages is not a condition of purchasing any service

7. Cookies & Tracking

Our website and platform use cookies and similar tracking technologies to:

  • Maintain your session and authentication status
  • Remember your preferences
  • Analyze website traffic and usage patterns
  • Deliver relevant content and advertising

You can control cookie settings through your browser. Disabling cookies may affect certain features of our platform. We use analytics tools (such as Google Analytics) that may collect anonymized usage data. These tools do not have access to your PHI.

8. Third-Party Services

We integrate with the following third-party services to deliver our care and operate our business:

  • Cerbo (md-hq.com) — Electronic Health Records (EHR) system for managing your medical records and clinical documentation
  • GoHighLevel (GHL) — Patient communication, appointment scheduling, and care coordination
  • Quest Diagnostics — Laboratory partner for blood work and diagnostic testing (Account #70418251)
  • LabCorp — Laboratory partner for blood work and diagnostic testing
  • Empower Pharmacy — LegitScript-certified, PCAB-accredited compounding pharmacy for prescription fulfillment
  • Mountain View Compounding — Compounding pharmacy for prescription fulfillment (NABP accreditation status under verification)
  • Payment Processors (Stripe) — PCI-compliant services for processing credit/debit card transactions

Each third-party provider is bound by their own privacy policies and, where applicable, Business Associate Agreements with TruWell AI. We encourage you to review their privacy practices.

9. Data Security

We implement industry-standard security measures to protect your information, including:

  • 256-bit SSL/TLS encryption for all data in transit
  • AES-256 encryption for data at rest
  • Role-based access controls limiting data access to authorized personnel only
  • Regular security audits and vulnerability assessments
  • Multi-factor authentication for staff and provider accounts
  • Secure, HIPAA-compliant hosting infrastructure

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. If you suspect unauthorized access to your account, contact us immediately at [email protected].

10. Your Rights

You have the following rights regarding your personal and health information:

  • Access — You may request a copy of the personal and health information we hold about you
  • Correction — You may request that we correct inaccurate or incomplete information
  • Deletion — You may request deletion of your personal information, subject to legal retention requirements (we are required to retain medical records for the period mandated by applicable law)
  • Restriction — You may request that we restrict certain processing of your information
  • Portability — You may request your data in a commonly used, machine-readable format
  • Opt Out — You may opt out of marketing communications at any time

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

11. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations:

  • Medical Records: Retained for a minimum of 10 years after the last date of treatment, or as required by applicable state and federal law
  • Account Information: Retained for the duration of your account and for a reasonable period after account closure
  • Payment Records: Retained as required by tax and financial regulations
  • Usage Data: Typically retained for up to 24 months in anonymized or aggregated form

12. Children's Privacy

TruWell AI services are intended for adults aged 18 and older. We do not knowingly collect personal or health information from individuals under the age of 18. If we become aware that we have inadvertently collected information from a minor, we will take immediate steps to delete that information. If you believe a minor has provided us with personal information, please contact us at [email protected].

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page
  • Notify you via email or through our platform for significant changes
  • Post the revised policy on our website

Your continued use of our services after changes are posted constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

TruWell AI LLC — Privacy Officer
Corporate Address: 89 N Rio Grand Ave, Farmington, UT 84025
Clinical Address: 3490 W 3300 S, Suite 7, West Haven, UT 84401
Phone: (385) 475-6394
Email: [email protected]
Website: truwell.ai
NPI: 1295621324

For HIPAA-related inquiries or to file a privacy complaint, you may also contact the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr.

HIPAA Compliant Licensed Providers Secure & Encrypted Utah, USA