Privacy Policy
Last updated: May 1, 2026
Aurum Practice Management ("Aurum," "we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our practice management platform and related services.
1. Information We Collect
Account Information: When you register for an Aurum account, we collect your name, email address, phone number, practice name, and professional credentials.
Practice Data: Through your use of the platform, you may enter patient records, appointment data, billing information, insurance claims, and clinical notes. You are the data controller of all patient information entered into Aurum.
Usage Data: We automatically collect information about how you access and use the platform, including IP address, browser type, device information, pages visited, and feature usage patterns.
Communications: When you contact us for support or provide feedback, we collect the content of those communications.
2. How We Use Your Information
We use the information we collect to:
- Provide, maintain, and improve the Aurum platform
- Process transactions and send related information
- Send administrative messages, including security alerts and support communications
- Respond to your requests, comments, and questions
- Monitor and analyze usage trends to improve user experience
- Detect, investigate, and prevent fraudulent or unauthorized activity
3. SMS and Communication Policy
If you opt in to receive SMS notifications from Aurum, we may send appointment reminders, scheduling confirmations, and practice communications to the phone number you provide. Message and data rates may apply. You may opt out at any time by replying STOP to any message. Message frequency varies based on your practice activity. We do not sell, rent, or share your phone number or SMS opt-in data with third parties for marketing purposes.
4. Data Sharing and Disclosure
We do not sell your personal information. We may share information with:
- Service Providers: Third-party vendors who assist us in operating the platform (e.g., hosting, payment processing, SMS delivery via Twilio)
- Legal Requirements: When required by law, regulation, or legal process
- Business Transfers: In connection with a merger, acquisition, or sale of assets
5. Data Security
We implement industry-standard security measures including encryption in transit (TLS 1.2+), encryption at rest, TOTP-based two-factor authentication, role-based access controls, and tenant-level data isolation. While we strive to protect your information, no electronic transmission or storage method is 100% secure.
6. HIPAA Compliance
Aurum is designed with HIPAA-aware architecture. We implement administrative, physical, and technical safeguards to protect electronic Protected Health Information (ePHI). We will enter into a Business Associate Agreement (BAA) with covered entities as required by HIPAA regulations.
7. Data Retention
We retain your account information and practice data for as long as your account is active or as needed to provide services. Upon account termination, we will delete or anonymize your data within 90 days, unless retention is required by law.
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access, correct, or delete your personal information
- Object to or restrict certain processing activities
- Request data portability
- Withdraw consent where processing is based on consent
To exercise these rights, contact us at [email protected].
9. Children's Privacy
Aurum is not directed to individuals under 18. We do not knowingly collect personal information from children. Patient records for minors are managed by the practice and are subject to the practice's own privacy policies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date.
11. Contact Us
If you have questions about this Privacy Policy, please contact us at:
Aurum Practice Management
Email: [email protected]