VeriMedic Privacy Policy
Last Updated: July 7, 2026
VeriMedic, Inc. (“VeriMedic,” “we,” “us,” or “our”) respects your privacy and is committed to handling personal information responsibly and in accordance with applicable United States laws and regulations. This Privacy Policy (this “Policy”) describes how VeriMedic collects, uses, discloses, and protects personal information in connection with the VeriMedic website located at getverimedic.com (the “Website”), the VeriMedic CaseSync platform, including the CaseSync web application and related mobile, desktop, and application programming interface offerings (collectively, the “Platform”), and our related communications, sales, marketing, support, and business activities (together with the Website and Platform, the “Services”).
By accessing or using the Services, you acknowledge that you have read and understood this Policy. If you do not agree with our practices, please do not use the Services. This Policy is incorporated into and forms part of the VeriMedic CaseSync Platform Terms of Use.
1. Who This Policy Applies To
VeriMedic provides software and related hardware to emergency medical services agencies, fire departments, hospitals, municipalities, and similar organizations (each, an “Agency”) and their authorized professional users. The Services are intended for use by Agencies and their personnel—including paramedics, emergency medical technicians, dispatchers, administrators, and other professional users—and are not directed to or intended for use by members of the general public for personal purposes.
The Services are offered and operated in the United States and are intended for users located in the United States and its territories and possessions. We do not offer the Services to individuals located outside the United States. If you access the Services from outside the United States, you do so on your own initiative and are responsible for compliance with applicable local laws.
This Policy applies to personal information about: (i) visitors to the Website; (ii) prospective customers and the personnel of Agencies with whom we communicate about the Services; (iii) authorized users who register for or access the Platform on behalf of an Agency; and (iv) individuals who otherwise interact with us for sales, marketing, support, or business purposes. This Policy does not apply to information we process about our job applicants or personnel, or to the websites or services of third parties.
2. Protected Health Information and HIPAA
The Platform is designed to store and process protected health information and individually identifiable health information (collectively, “PHI”) as those terms are defined under the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations, as amended (collectively, “HIPAA”). When VeriMedic creates, receives, maintains, or transmits PHI on behalf of an Agency that is a covered entity or business associate, VeriMedic acts as a business associate.
This Policy does not govern VeriMedic’s handling of PHI. VeriMedic’s collection, use, disclosure, and safeguarding of PHI within the Platform are governed exclusively by HIPAA and by the separate Business Associate Agreement (“BAA”) entered into between VeriMedic and the applicable Agency, together with the Agency’s own notice of privacy practices and instructions. In the event of any conflict between this Policy and an applicable BAA with respect to PHI, the BAA controls. Patients and other individuals whose PHI is processed through the Platform should direct privacy questions and requests to the Agency responsible for their care, which is the entity that determines how that PHI is collected and used.
An Agency is solely responsible for ensuring that its collection, use, disclosure, and submission of PHI to the Platform complies with HIPAA and all other applicable federal, state, and local privacy, security, and medical-records laws, and for obtaining all consents and authorizations required to do so. Authorized users must not submit PHI to any feature of the Services that is not covered by an executed BAA.
3. Personal Information We Collect
In the course of providing the Services and operating our business, VeriMedic may collect and process the following categories of personal information. This section describes ordinary personal information and does not describe PHI, which is addressed in Section 2.
- Contact and identifier information. Information such as name, title, employer or Agency, business email address, business postal address, and business telephone number that you or your Agency provide so that we can identify and contact you.
- Account and profile information. Information used to create, administer, and secure accounts on the Platform, including username, login credentials, role and permission settings, and account preferences. We do not collect consumer payment-card information through the Platform; billing is generally handled at the Agency level under a Subscription Agreement.
- Transaction and billing information. Information we collect when an Agency purchases or subscribes to the Services, such as Agency name, order and subscription details, billing contact, and transaction history.
- Communication and support information. The contents of, and metadata about, your communications with us, including email, telephone, text or chat messages, support tickets, and information you choose to share when you contact us for sales, support, or other purposes.
- Usage and device information. Technical, configuration, and usage data relating to the provision, operation, performance, and security of the Services, such as IP address, device and browser type, operating system, log files, access times, pages and features viewed, referring URLs, and similar information collected automatically when you use the Website or Platform.
- Cookies and analytics information. Information collected through cookies and similar technologies on the Website, as described in Section 6.
We obtain personal information directly from you and your Agency, automatically through your use of the Services, and, where applicable, from service providers, business partners, and publicly available sources. You are not under a statutory or contractual obligation to provide personal information to us; however, if you do not provide information that is necessary to deliver a product or service, we may be unable to provide it to you.
4. How We Use Personal Information
VeriMedic may use personal information for the following purposes:
- to create, administer, secure, and support accounts on the Platform and to verify the identity and authorization of users;
- to provide, operate, maintain, troubleshoot, and improve the Services, including updating and securing them and providing customer and technical support;
- to manage our relationship with you and your Agency, including processing orders and subscriptions, sending administrative information, and communicating about changes to our terms, policies, or the Services;
- to respond to your inquiries, requests, and communications;
- to market and promote the Services to Agencies and their personnel, and to measure the effectiveness of our communications, subject to your right to opt out of marketing communications;
- to operate, evaluate, develop, and improve our business, products, and services, including through analytics and research;
- to develop, train, evaluate, test, and improve algorithms and machine-learning and artificial-intelligence models, features, products, and services, including through analytics and research and, as described below, using de-identified data;
- to protect against, identify, and prevent fraud, security threats, and other malicious, unauthorized, or illegal activity, and to protect the rights, property, and safety of VeriMedic, our users, and others;
- to comply with applicable laws, regulations, legal process, and governmental requests, and to enforce our terms and policies and establish, exercise, or defend legal claims.
VeriMedic may also create and use data that has been de-identified or aggregated so that it does not identify you, your Agency, or any individual, for research, development, benchmarking, analytics, product-improvement, and the development, training, evaluation, and improvement of machine-learning and artificial-intelligence models, features, and products. This includes de-identified data derived from Agency Content—such as de-identified audio, video, and images and the annotations, tags, and labels applied to them by authorized users—which VeriMedic may use and retain for these purposes, including after the applicable Services or agreements end. VeriMedic does not attempt to re-identify any de-identified data. Any de-identified data derived from PHI is created, used, and disclosed only in accordance with HIPAA and the applicable BAA, including the requirement that such information be de-identified in accordance with 45 C.F.R. § 164.514 before it is used for these purposes.
5. How We Share Personal Information
VeriMedic does not sell personal information. We do not share personal information with third parties for their own direct marketing purposes. We may disclose personal information in the following circumstances:
- Service providers. We share personal information with vendors and service providers who perform services on our behalf—such as hosting, infrastructure, analytics, communications, payment processing, and customer support—and who are contractually required to protect the information and use it only to provide services to us.
- Your Agency. We may share information with an Agency in connection with the administration of its account and authorized users.
- Legal and compliance. We may disclose personal information to comply with applicable law, regulation, subpoena, court order, or other legal process, or to respond to lawful requests from public and governmental authorities.
- Protection of rights and safety. We may disclose personal information where we believe it is necessary to investigate, prevent, or address fraud, security, or technical issues, or to protect the rights, property, privacy, safety, or security of VeriMedic, our users, or others.
- Business transfers. We may disclose or transfer personal information in connection with, or during negotiations of, a merger, acquisition, financing, reorganization, sale of assets, or other business transaction, subject to customary confidentiality protections.
Disclosures of PHI are governed by HIPAA and the applicable BAA rather than this Section.
6. Cookies and Similar Technologies
The Website uses cookies and similar technologies to recognize your device, enable basic functionality, remember your preferences, understand how the Website is used, and support our marketing. Cookies are small text files placed on your device that allow a web server to recognize your browser. The types of cookies and similar technologies we may use include strictly necessary technologies that enable core functionality, preference technologies that remember your choices, and analytics technologies that help us understand how visitors interact with the Website.
Most browsers allow you to refuse or delete cookies through their settings. If you disable certain cookies, some features of the Website may not function properly. Where required by applicable law, we will provide additional notice and obtain consent for the use of non-essential cookies.
7. How We Protect Personal Information
VeriMedic is committed to protecting the security of personal information. We implement and maintain administrative, physical, and technical safeguards that are commercially reasonable and consistent with applicable industry practices and law, designed to protect the confidentiality, integrity, and availability of personal information against unauthorized access, use, modification, disclosure, loss, and other misuse. Our information security program includes security requirements for personnel and service providers who have access to personal information, as well as ongoing security awareness training.
Notwithstanding these measures, no method of transmission over the Internet or method of electronic storage is completely secure. You are responsible for maintaining appropriate safeguards within your own systems, protecting your account credentials, and configuring user access within your Agency’s account. Safeguards applicable to PHI are addressed in the BAA and applicable law.
8. Data Retention
VeriMedic retains personal information for as long as needed to fulfill the purposes for which it was collected, to provide the Services, to maintain our business records, and to comply with our legal obligations, resolve disputes, and enforce our agreements. When personal information is no longer needed for these purposes, we will delete, de-identify, or otherwise render it unrecoverable in a manner consistent with applicable law. De-identified, aggregated, and derived data—including machine-learning and artificial-intelligence models and their parameters—are not personal information and may be retained and used by VeriMedic indefinitely as described in Section 4. Retention, return, and deletion of PHI and of Agency Content are governed by the applicable Subscription Agreement, the BAA, and applicable law.
9. Children’s Privacy
The Services are intended for use by professional users who are at least eighteen (18) years of age. The Website and Platform are not directed to children, and we do not knowingly collect personal information directly from children through the Website or Platform in their capacity as consumers. This Section concerns personal information collected directly from individuals through our Website and Platform; it does not address PHI relating to patients of any age that an Agency processes through the Platform, which is governed by HIPAA and the BAA. If you believe we have inadvertently collected personal information from a child through the Website, please contact us using the information in Section 13.
10. Your U.S. State Privacy Rights
Depending on the U.S. state in which you reside, you may have certain rights with respect to personal information that we process about you as a consumer. These rights may include, subject to applicable law and certain exceptions:
- Right to know and access. the right to know and access the personal information we have collected about you, and information about how we collect, use, and disclose it;
- Right to correct. the right to request that we correct inaccurate personal information about you;
- Right to delete. the right to request that we delete personal information we have collected from you;
- Right to opt out. the right to opt out of the “sale” or “sharing” of personal information and of certain targeted advertising and profiling, to the extent applicable;
- Right to non-discrimination. the right not to receive discriminatory treatment for exercising your privacy rights; and
- Right to appeal. where provided by applicable law, the right to appeal a denial of your request.
VeriMedic does not sell personal information and does not share personal information for cross-context behavioral advertising, as those terms are defined under applicable state privacy laws. Certain information, such as information about health, may be treated as “sensitive” personal information under applicable law; we use such information only for the purposes for which it was provided or as otherwise permitted by law. The rights described in this Section apply to ordinary personal information governed by this Policy and do not apply to PHI, employment-related information, or information otherwise exempt under applicable law. Many state privacy laws also exempt PHI and information governed by HIPAA from their requirements.
To exercise any of these rights, please contact us using the information in Section 13. We will verify your request before responding, and we may need to confirm your identity and your state of residence. You may use an authorized agent to submit a request on your behalf, subject to our verification of the agent’s authority. If you are an authorized user acting on behalf of an Agency, certain requests may be directed to your Agency.
11. Third-Party Websites and Services
The Services may contain links to, or integrate with, third-party websites, applications, or services that are not owned or controlled by VeriMedic. This Policy does not apply to those third-party services, and we are not responsible for their content, privacy practices, or security. We encourage you to review the privacy policies of any third-party services you access.
12. Changes to This Privacy Policy
We may update this Policy from time to time in our discretion. When we make changes, we will revise the “Last Updated” date above and, where appropriate or required by law, provide additional notice. Changes are effective when posted. Your continued use of the Services after we post changes means you accept the revised Policy.
13. How to Contact Us
If you have questions or concerns about this Policy or our handling of personal information, or if you would like to exercise a privacy right, please contact us at:
VeriMedic, Inc.
442 N President Ave,
Lancaster PA 17603
Attn: Privacy
Email: privacy@verimedicsystem.com
Website: www.getverimedic.com