Privacy Policy

1. Introduction and Overview

At Serent.ai (“Serent,” “we,” “us,” or “our”), we understand that healthcare data privacy is paramount. As a multi-agentic healthcare Revenue Cycle Management (RCM) platform, we are committed to protecting the privacy and security of all personal information and protected health information (PHI) we process.

This Privacy Policy describes how Serent.ai collects, uses, processes, stores, and protects information in connection with our AI-powered healthcare RCM services, website, platform, and related applications (collectively, the “Services”). We provide artificial intelligence-powered document processing, claims management, and business process automation services specifically designed for healthcare providers.

By using our Services, you acknowledge that you have read, understood, and agree to this Privacy Policy and consent to our collection, use, and disclosure of information as described herein.

Our Services are directed exclusively toward healthcare providers and their business operations. They are not intended for personal, family, or household use. Our processing of data on behalf of our healthcare provider customers is governed by the agreements we enter into with our customers, which may include Business Associate Agreements as applicable and required under the Health Insurance Portability and Accountability Act (“HIPAA”).

2. Information we collect

2.1 Personal Information You Provide

We collect personal information when you:

  • Request demos or information about our services
  • Create accounts or use our platform
  • Communicate with us or our support teams
  • Attend events or conferences
  • Apply for employment

This information may include:

  • Name, job title, and company information
  • Contact information (email, phone, mailing address)
  • Professional credentials and billing information
  • Communications and correspondence with us

2.2 Protected Health Information (PHI)

As a healthcare RCM provider, we may process PHI on behalf of our healthcare provider clients, including:

  • Patient demographic information
  • Medical chart data and clinical documentation
  • Insurance and billing information
  • Claims data and payment records
  • Provider referral forms and intake documentation

2.3 Automatically Collected Information

When you use our Services, we may automatically collect:

  • Log Data: IP addresses, browser type, operating system, pages visited, and timestamps
  • Device Data: Device type, operating system, and browser information
  • Usage Data: Features used, actions taken, time spent, and interaction patterns
  • Location Data: General geographic location derived from IP address
  • Performance Data: System performance metrics and error logs

2.4 Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Operate and administer our platform
  • Analyze usage patterns and improve user experience
  • Provide personalized content and features
  • Ensure security and prevent fraud

You can control cookie preferences through your browser settings, though limiting cookies may affect platform functionality.

3. How we use the information collected

3.1 For Service Provision

  • Provide and maintain our AI-powered RCM services
  • Automate administrative healthcare processes
  • Facilitate appointment scheduling and patient communications
  • Deliver customer support and technical assistance

3.2 For Business Operations

  • Analyze and improve our Services and algorithms
  • Develop new features and capabilities
  • Conduct research and development for healthcare automation
  • Perform quality assurance and system monitoring
  • Maintain security and prevent fraud

3.3 For Communication

  • Respond to inquiries and provide customer support
  • Send administrative information and service updates
  • Provide marketing communications (with opt-out options)
  • Deliver educational content and industry insights

3.4 For Compliance and Legal

  • Comply with healthcare regulations and legal obligations
  • Protect our rights, property, and user safety
  • Prevent illegal activities and policy violations
  • Respond to legal processes and regulatory requests

3.5 For De-Identified Data Use

We may create de-identified data by removing personal identifiers to:

  • Conduct healthcare industry research and analytics
  • Improve our AI algorithms and machine learning models
  • Develop benchmarking and industry insights
  • Enhance service capabilities and performance

4. Information Sharing and Disclosure

We never sell personal information or PHI. We only share information with your consent or as described below:

4.1 Service Providers and Vendors

We may share information with trusted third-party service providers who assist with:

  • Cloud hosting and data storage in US
  • Payment processing and billing services
  • Customer support and communication tools
  • Analytics and performance monitoring
  • Security and fraud prevention services

All service providers are bound by strict contractual obligations to protect your information and comply with healthcare regulations.

4.2 Healthcare Provider Clients

When processing PHI on behalf of healthcare providers, we share processed information only with the respective healthcare provider client according to our Business Associate Agreement.

4.3 Legal Requirements

We may disclose information when required by law, including:

  • Compliance with court orders, subpoenas, or legal processes
  • Protection of our rights, property, or safety
  • Prevention of fraud or illegal activities
  • Response to regulatory investigations or requests
  • National security or law enforcement requirements

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, personal information may be transferred as part of the transaction, subject to equivalent privacy protections.

4.5 Professional Advisors

We may share information with lawyers, auditors, consultants, and other professional advisors bound by confidentiality obligations.

5. Data Retention and Storage

5.1 Data Location

All data is stored exclusively within the United States using HIPAA-compliant cloud infrastructure.

5.2 Retention Periods

  • PHI: Retained according to healthcare provider client agreements and applicable regulations
  • Personal Information: Retained only as long as necessary for service provision and legal compliance.
  • Usage Data: Generally retained for shorter periods unless required for security or compliance
  • De-identified Data: May be retained indefinitely for research and development purposes

5.3 Data Disposal

When data reaches the end of its retention period, it is securely deleted using industry-standard methods to prevent recovery.

We endeavor to protect the privacy of your account and other Personal Information we hold in our records, but unfortunately, we cannot guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of user information at any time.

6. Your Data Privacy Rights

Depending on your location and applicable laws, you may have the following rights:

6.1 Access and Portability

  • Request access to your personal information. Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Serent will provide you with a date when the information will be provided. If for some reason access is denied, Serent will provide an explanation as to why access has been denied.
  • Obtain copies of your data in a portable format
  • Understand how your information is being processed

6.2 Correction and Updates

Update your personal information and preferences. When you update information, we may maintain a copy of the unrevised information in our records and some information may remain in our records after your deletion of such as information from your account.

6.3 Deletion and Restriction

  • Request deletion of your personal information (subject to legal and contractual obligations)
  • Object to specific uses of your information

7. International Data Transfers

Our Services are hosted in the United States. If you are located outside the U.S., your information will be transferred to and processed in the United States, which may have different data protection laws. We implement appropriate safeguards to protect your information during international transfers.

8. Children’s Privacy

Our Services are not directed to individuals under 13 years of age. We do not knowingly collect personal information from children.  If you are under 13, please do not attempt to send any personal information about yourself to us. If we become aware that we have collected information from a child without parental consent, we will delete that information promptly.

9. Third-Party Links and Services

Our Services may contain links to third-party websites or integrate with third-party services.  These links are not an endorsement of, or representation that we are affiliated with, any third party. This Privacy Policy does not apply to third-party practices. We encourage you to review the privacy policies of any third-party services you access.

10. Updates to this Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements.  If we make material changes to this Privacy Policy, we will post updated policies on our website.  Your continued use of our Services after policy updates constitutes acceptance of the revised terms.

11. Contact Information

You may contact us at privacy@demo.serent.ai if you have any questions

Scroll to Top