Last Updated: November 2025
PursueTech is committed to maintaining the privacy, confidentiality, and security of all information entrusted to us. As a technology company transforming the Post-Acute Healthcare market, we recognize our responsibility to protect both personal information and Protected Health Information (“PHI”). This Privacy Policy describes how PursueTech collects, uses, discloses, and safeguards information when individuals access our applications, websites, software platforms, and related services (collectively, the “Services”). Because PursueTech operates as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations, we strictly adhere to federal, state, and contractual privacy and security requirements. By using our Services, you acknowledge and accept the practices described in this Privacy Policy.
Reading this Privacy Policy will help you understand your privacy rights and choices. If you do not agree with our policies and practices or still have any questions or concerns, please contact us at (949) 620-1357 or info@PursueTech.com.
This Privacy Policy governs all information collected through PursueTech’s websites, mobile applications, cloud-based solutions, integrations, and technology products offered to healthcare organizations in all states. It applies to individuals visiting our website, communicating with us, or interacting with our technology in a non-clinical capacity. When PursueTech processes PHI on behalf of healthcare organizations, that information is also governed by Business Associate Agreements (BAAs) and the Covered Entities’ own Notices of Privacy Practices. This Privacy Policy does not modify those documents; instead, it explains PursueTech’s own obligations as a Business Associate, technology vendor, and steward of sensitive information.
Because we provide software to organizations operating nationwide, this Privacy Policy also reflects the requirements of federal privacy laws, the California Consumer Privacy Act (CCPA/CPRA), and all major state consumer privacy statutes, including those in Colorado, Connecticut, Delaware, Florida, Indiana, Iowa, Kentucky, Maryland, Minnesota, Montana, Nebraska, New Hampshire, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia.
Protected Health Information (PHI)
In performing our services for healthcare organizations, PursueTech may receive or generate PHI as defined by HIPAA. PHI includes identifiable patient information collected or transmitted during clinical care, admissions, discharges, facility operations, and documentation workflows. This may include medical history, demographic information, clinical assessments, vital signs, treatment details, medication and diagnostic information, therapy notes, progress notes, and other data necessary for supporting healthcare operations. PHI is collected only as authorized by a Covered Entity and processed under the strict terms of the applicable BAA.
Personal Information (Non-PHI)
When individuals visit PursueTech’s public webpages, communicate with our staff, sign up for product information, register for accounts, or engage with our Services outside the clinical context, PursueTech may collect personal information such as name, contact information, organizational affiliation, job title, login credentials, and information provided voluntarily through forms or support communications.
Technical and Usage Information
PursueTech may collect device-level technical information such as IP addresses, browser types, unique device identifiers, operating system details, referring URLs, session data, page interaction information, and timestamps. We use cookies and similar technologies to enhance user experience, measure website performance, maintain platform security, and support analytical insights. This automatically collected information is typically used in aggregated or anonymized form unless necessary to secure our systems or respond to support inquiries.
Cookies
We use cookies to collect information and improve our Services. Cookies are small data files stored on your device. You may adjust your browser settings to refuse cookies or alert you when cookies are being sent. However, declining cookies may affect the functionality of certain website features.
Use of PHI in Compliance With HIPAA
PursueTech uses PHI solely to perform functions permitted under HIPAA and authorized by the healthcare organizations we serve. These uses include supporting clinical workflows, facilitating care coordination, maintaining software functionality, performing system analytics, ensuring billing or operational accuracy, providing technical support, and enhancing platform reliability. PursueTech does not use PHI for marketing, advertising, behavioral profiling, or any purpose unrelated to supporting healthcare operations. We do not de-identify PHI except where permitted by HIPAA, and any de-identified information is processed in accordance with 45 CFR § 164.514.
Use of Personal Information
Personal information collected from business contacts, administrators, website visitors, and non-patient users may be used to:
Where required by law, PursueTech obtains consent before using personal information for marketing or optional communications.
PursueTech does NOT sell, rent, lease, or otherwise disclose PHI or personal information for commercial purposes. We may share information only in the following limited circumstances:
With Covered Entities and Authorized Healthcare Organizations
PursueTech may disclose PHI back to the healthcare providers who engage us or to authorized individuals within their organizations. This includes information necessary for treatment, payment, and healthcare operations, or as required to support the provider’s use of our Services.
With Subcontractors and Service Providers
We may share PHI or personal information with carefully vetted third-party vendors who assist in hosting, infrastructure, cybersecurity, cloud storage, analytics, communication systems, or technical support. All subcontractors handling PHI are bound by HIPAA-compliant BAAs, and all vendors must meet PursueTech’s privacy and security standards.
For Legal or Security Purposes
We may disclose information when required by law, such as responding to subpoenas, regulatory inquiries, lawful requests by authorities, investigations, or to prevent or address potential threats to the rights, property, or safety of PursueTech, its clients, or the public.
PursueTech does not engage in cross-context behavioral advertising and does not share data for purposes prohibited under the CPRA or other state laws.
PursueTech complies with the California Consumer Privacy Act (CCPA/CPRA) as well as other state privacy statutes designed to protect consumer information. Individuals residing in regulated states may have rights related to the personal information PursueTech collects outside of the HIPAA context.
The California Consumer Privacy Act of 2018 (CCPA) gives consumers more control over the personal information that businesses collect about them, including:
As of January 1, 2023, consumers have new rights in addition to those above, such as:
PursueTech does not sell personal information as defined by the CPRA or other state privacy laws. These state-specific privacy rights do not apply to PHI, which is protected solely under HIPAA. Individuals seeking to exercise rights related to PHI must contact the healthcare provider responsible for that data.
Requests related to personal information (non-PHI) may be submitted to: info@PursueTech.com
PursueTech implements rigorous administrative, physical, and technical safeguards designed to protect PHI and personal information in accordance with HIPAA’s Privacy and Security Rules, the National Institute of Standards and Technology (NIST) cybersecurity framework, and industry best practices. These measures include encryption of data at rest and in transit, multi-factor authentication, access controls, routine audits, vulnerability scanning, intrusion detection, secure coding practices, and ongoing workforce training. Despite these protections, no security system is impenetrable, and we cannot guarantee absolute protection against all potential threats. However, PursueTech maintains a formal incident response program and breach notification procedures that comply with HIPAA and applicable state laws.
PursueTech retains PHI and personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, to comply with legal obligations, or to meet contractual retention requirements established by our healthcare clients. PHI retention timelines are governed primarily by the Covered Entities we serve. When information is no longer required, we dispose of it securely in accordance with HIPAA and NIST-approved data destruction standards.
We may update this Privacy Policy periodically to reflect changes in technology, legal requirements, industry standards, or operational practices. Changes will be posted on this page with an updated “Last Updated” date. Continued use of our Services after the posting of any revisions constitutes acceptance of the revised Privacy Policy.
If you have any questions regarding this Privacy Policy, HIPAA compliance, state privacy rights, or PursueTech’s data protection practices, please contact:
Thank you for trusting PursueTech with your information.