top of page

Privacy Policy

Sloth-Technologies 

Effective Date: April 2, 2026

Sloth Technologies ("we", "us", or "our") provides the Sloth Tech Clinical Suite service. This Privacy Policy explains how we collect, use, disclose, and protect personal information in connection with the Service.

This Privacy Policy is a public website/app privacy policy. It is not a Notice of Privacy Practices for a covered entity provider or health plan.

1. Who This Policy Covers

This Policy applies to:

  • Authorized users of the Service (clinicians, nurses, and administrative staff)

  • Website visitors

  • Business contacts and support requestors

Depending on the workflow, the Service may process patient information, including protected health information (PHI), on behalf of healthcare organization customers and subject to customer instructions, contracts, and applicable law.

2. Information We Collect

We may collect the following categories of information:

A. Account and professional information

  • Name, email address, and phone number

  • Organization and facility information

  • Professional role or title

  • Login and session metadata

B. Patient and clinical information made available through authorized use

  • Patient demographics, medication data, and laboratory data

  • Vital signs, allergies, diagnoses, and encounters

  • Clinical records, documents, or uploaded files used in supported workflows

C. Integration data

  • PointClickCare identifiers (API and sync metadata)

  • Tenant, organization, facility, patient, and encounter references

D. Device, log, and security information

  • IP address, browser, and device details

  • Cookies and session identifiers

  • Authentication, audit, and access logs

E. User inputs and generated outputs

  • Search queries and chat prompts

  • Uploaded document content

  • AI-generated summaries, report output, and clinical responses

3. Sources of Information

We collect information directly from users, from healthcare organization customers, from authorized integrations such as PointClickCare, and automatically from devices used to access the Service.

4. How We Use Information

We use information to:

  • Authenticate users and secure the Service

  • Provide and improve AI-assisted clinical workflows

  • Support Morning Report, Admission Reconciliation, and Chat with AI features

  • Maintain audit trails and comply with HIPAA security requirements

  • SMS Privacy: Phone numbers and SMS opt-in data are used exclusively for service updates and are not shared with third parties or affiliates for marketing purposes.

5. AI and Automated Processing

Some features use AI to generate summaries or retrieval responses from authorized source data. AI-supported outputs are intended to assist users with workflow efficiency and are not a substitute for clinician judgment. Users must review outputs before relying on them for clinical decisions.

6. How We Disclose Information

We do not sell personal information or PHI. We may disclose information:

  • To service providers helping operate the Service

  • To integration partners (PCC) to support authorized workflows

  • As required by law, regulation, or subpoena

  • In connection with a merger or acquisition, subject to applicable protections

7. Service Providers and Infrastructure

We use trusted providers for cloud hosting, database infrastructure, and AI model services. (A full list of subprocessors is available upon request).

8. Cookies and Session Technologies

We use essential cookies for authentication and session continuity. These are necessary for the Service to function.

9. Data Retention

We retain information as long as necessary to provide the Service.

  • Customer Data and PHI: Retained as directed by contract or customer instruction.

  • Security Logs: Retained for the duration required by HIPAA audit standards.

10. Security

We use administrative, technical, and physical safeguards (including SSL and at-rest encryption) designed to protect information. While we strive for absolute security, no method of transmission is 100% secure.

11. HIPAA and Healthcare Privacy

Where we process PHI on behalf of a healthcare customer, we do so as a Business Associate in accordance with applicable Business Associate Agreements (BAAs). Patients should contact their healthcare provider directly regarding their health information.

12. Your Choices and Requests

You may request access, correction, or deletion of personal information. In cases involving healthcare customer data, we will direct your request to the relevant facility customer who controls the records.

13. International Use

The Service is intended for use in the United States.

14. Children's Privacy

The Service is not directed to children.

15. Changes to This Policy

We may update this policy periodically. The revised version will be posted with an updated effective date.

16. Contact Us

Sloth Technologies Maryland, USA

Support: contact@sloth-technologies.com

Privacy/Security: admin@sloth-technologies.com

bottom of page