Effective Date: April 27, 2026
GenniRx, Inc. collects and processes Protected Health Information (PHI) on behalf of healthcare providers. This Privacy Policy describes how we collect, use, and protect that information.
GenniRx collects patient and operational data including identifiers, prescription information, insurance details, and audit logs on behalf of cardiology practices.
Data is used solely to provide workflow automation, refill tracking, communication services, and compliance support. GenniRx does not use PHI for any purpose beyond providing the contracted service.
GenniRx uses the following third-party service providers:
GenniRx does not sell or use PHI for marketing purposes.
Data is encrypted in transit using TLS and at rest using AES-256 encryption. Access is restricted to authorized users only. GenniRx implements role-based access controls.
Data is retained for a minimum of six (6) years in accordance with HIPAA requirements. Data is archived upon account closure and is not deleted upon account termination.
GenniRx is designed to support HIPAA-compliant workflows. Full compliance depends on executed Business Associate Agreements with all applicable third-party vendors. GenniRx provides a BAA to all subscribing practices.
Healthcare providers may access and export their practice data at any time. Patients must contact their healthcare provider directly to exercise any data rights. GenniRx does not accept patient data requests directly.
GenniRx facilitates automated SMS refill reminder messages on behalf of cardiology practices. Patient consent is obtained and recorded by the practice at intake. Patients may opt out at any time by replying STOP.
GenniRx reserves the right to update this Privacy Policy. Customers will be notified of material changes via email. Continued use of the Service constitutes acceptance of the updated policy.
For privacy-related inquiries contact: support@gennirx.com | GenniRx, Inc. | DeLand, Florida, United States