Last updated: July 2026
CPTAIN processes medical chart documents on behalf of healthcare clients (as a Business Associate under HIPAA, and as a processor under GDPR where applicable). Protected Health Information (PHI) is masked at ingestion — names, dates of birth, medical record numbers, account numbers, contact details — before charts are displayed to coders or sent to any model. Only masked text is stored in the working database.
Our marketing site and application use Google Analytics and Microsoft Clarity for product analytics, loaded only after you accept cookies. IP anonymization is on. No chart content, PHI, or coding data is ever sent to analytics providers.
Where GDPR applies you may request access, rectification, erasure, restriction, and portability of your personal data by writing to founders@powersmy.biz. We respond within 30 days. Data processing agreements and sub-processor lists are available on request.
Workspace data is retained for the duration of the client contract plus the period required by the client's record-retention policy, then deleted. Audit logs are append-only and retained for 6 years in line with HIPAA documentation requirements.
Data protection contact: founders@powersmy.biz