PatientPowerbeyondmychart.com 🏠 Home

Privacy Policy & Disclosure

Last updated: June 28, 2026

This Privacy Policy & Disclosure explains how PatientPower ("we," "us") accesses, uses, shares, secures, and lets you control your health information when you use the Service at beyondmychart.com. We follow a patient-first model consistent with the CMS Interoperability & Patient Access rule and the principles of the CARIN Alliance Code of Conduct for consumer-facing health apps.

Plain-language summary: Your health information is yours. We access only what you authorize, use it to show and explain your records to you, never sell it, never use it for advertising, and let you export or delete it and revoke access at any time.

Practitioner Care Plans (Case Manager)

When a healthcare practitioner uses PatientPower's Case Manager to create and manage a care plan for you (for example, Nassab Chiropractic), your provider directs how your information is used. In that role, PatientPower acts as a service provider / business associate to your provider, and these principles apply:

1. Information We Access

With your explicit authorization, the Service connects to your health system or health plan using standards-based, consent-driven APIs (such as SMART on FHIR) and accesses only the categories you approve, which may include:

2. How We Use Your Information

3. How We Share Your Information

We share…Only…
With people you choose (a clinician, caregiver)When you direct it; you can revoke anytime
With service providers that operate the ServiceUnder contract, only to provide the Service to you
When required by lawTo comply with a valid legal obligation

We do not otherwise disclose your health information to third parties, and we never sell it or share it for their independent marketing.

4. Your Consent & Control

5. Data Security

We use reasonable administrative, technical, and physical safeguards — including encryption in transit and access controls — to protect your information. Token exchanges with connected systems occur over secure server-side connections, and credentials/secrets are not exposed to your browser. No method of transmission or storage is 100% secure, but we work to protect your data and to notify affected users of a material breach as required by law.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. When you delete your data or account, we remove it from active systems within a reasonable period, except where retention is required by law.

7. Third-Party Sources

Connected health systems and health plans control their own data and are governed by their own privacy policies. PatientPower accesses only what you authorize from those sources and is not responsible for their practices.

8. Children

The Service is intended for adults and for caregivers acting on behalf of someone they are authorized to assist. It is not directed to children under 13, and we do not knowingly collect their information without appropriate authorization.

9. Your Rights

Depending on where you live, you may have rights to access, correct, export, or delete your information, and to withdraw consent. To exercise these rights, contact us through beyondmychart.com.

10. Changes to This Policy

We may update this policy; material changes will be reflected by the "Last updated" date and, where appropriate, by notice in the Service.

11. Contact

Questions or requests about your privacy and data? Contact us through beyondmychart.com.

See also our Terms & Conditions.