HIPAA Notice

PatientLead Health LLC | Last Updated: March 12, 2026

Our Relationship to HIPAA

The Health Insurance Portability and Accountability Act (HIPAA) establishes rules for how "covered entities" (healthcare providers, health plans, and healthcare clearinghouses) and their "business associates" handle Protected Health Information (PHI).

PatientLead Health LLC is not a covered entity or a business associate under HIPAA. We are a consumer technology company that provides tools directly to patients. We do not provide healthcare services, process insurance claims, or have access to healthcare provider systems.

What this means for you: Our tools are consumer products that you use voluntarily. The health information you provide to our tools is shared by you, at your discretion. HIPAA's privacy protections apply to your healthcare providers and insurance companies, not to consumer tools you choose to use.

How We Handle Health Information

Although HIPAA does not apply to us as a matter of law, we design our products with privacy principles that align with the spirit of health information protection:

Throughline

  • All conversation data and generated artifacts are stored in your browser's local storage on your device
  • We do not receive, store, or have access to your health information on our servers
  • Messages are transmitted to our API for AI processing but are not logged or retained
  • No account, no profile, no persistent server-side data

PriorAuthPro

  • Denial letter content and patient details are processed in memory to generate appeal packets
  • Health information is not stored on our servers after processing
  • Optional anonymized intelligence data contains only enumerated values (insurer name, denial category, state), never PHI
  • Multiple enforcement layers (key allowlists, value validation, PHI regex scanning) prevent accidental PHI storage

Your Responsibility

Because our tools help you create documents that may contain your health information, you should be aware of the following:

  • Documents you generate and download are stored on your device. You are responsible for securing them.
  • Documents you share with providers, insurers, or others are no longer under your exclusive control.
  • Information you type into our tools is transmitted over the internet using encryption (TLS), but no transmission method is completely secure.
  • If you use our tools on a shared or public device, other users of that device could potentially access information stored in the browser.

Third-Party AI Processing

Both Throughline and PriorAuthPro use Anthropic's Claude AI to process your information. When you use our tools, the information you provide is transmitted to Anthropic's servers for processing. Anthropic's handling of this information is governed by their privacy policy and our data processing agreement. Anthropic does not use your data to train their AI models.

Questions

If you have questions about how we handle health information, contact us at hello@patientlead.health.

If you have concerns about how your healthcare provider or insurer handles your health information under HIPAA, you may file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/hipaa.