Privacy Policy

Last updated: February 11, 2026

At Codon, we are committed to protecting your privacy and the privacy of your patients. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cloud-based practice management platform.

HIPAA Compliance: Codon is designed to help you manage Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA). We maintain appropriate safeguards to protect health information.

1. Information We Collect

1.1 Account Information

When you create an account, we collect information such as your name, email address, phone number, professional credentials, and practice information.

1.2 Patient Health Information

You may input Protected Health Information (PHI) into the Service, including patient names, medical records, appointment information, billing data, and other clinical information. This information is stored securely and is accessible only to authorized users you designate.

1.3 Usage Information

We collect information about how you use the Service, including log data, device information, IP addresses, and usage patterns to improve our Service and ensure security.

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send technical notices, updates, and support messages
  • Respond to your comments, questions, and requests
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Service

3. HIPAA and Health Information

When you use Codon to store or process Protected Health Information (PHI), we act as a Business Associate under HIPAA. We:

  • Maintain appropriate administrative, physical, and technical safeguards to protect PHI
  • Do not use or disclose PHI except as permitted by our Business Associate Agreement (BAA)
  • Report any security incidents involving PHI as required by HIPAA
  • Ensure our subcontractors who access PHI are bound by appropriate safeguards

You are responsible for obtaining necessary patient authorizations and consents before inputting PHI into the Service.

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information or patient health information. We may share information only in the following circumstances:

4.1 Service Providers

We may share information with third-party service providers who perform services on our behalf, such as cloud hosting, payment processing, and analytics. These providers are contractually obligated to protect your information.

4.2 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or to protect the rights, property, or safety of Codon, our users, or others.

4.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction, subject to the same privacy protections.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication mechanisms
  • Secure data centers with physical security measures
  • Regular backups and disaster recovery procedures
  • Employee training on data security and privacy

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Your Rights and Choices

You have the right to:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information, subject to legal and contractual obligations
  • Portability: Request a copy of your data in a portable format
  • Opt-out: Unsubscribe from marketing communications
  • Account Closure: Close your account at any time

To exercise these rights, please contact us at privacy@codon.com.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. We may retain certain information for longer periods as required by law, to resolve disputes, or to enforce our agreements. When you close your account, we will delete or anonymize your information in accordance with our data retention policies and legal obligations.

8. Children's Privacy

Codon is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your country. We take appropriate measures to ensure your information receives adequate protection in accordance with this Privacy Policy.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We may also notify you via email or through the Service. Your continued use of the Service after such changes constitutes acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@codon.com
Address: [Your Company Address]
Phone: [Your Phone Number]

← Back to Home Terms of Service →