Skip to main content
Mortho.ai - AI-Powered Orthopedic Collaboration Platform
Home

Privacy Policy

Privacy at a Glance

We Protect Your Data

Your personal and medical data is encrypted, secure, and compliant with HIPAA standards.

You Are in Control

You have the right to access, update, and request deletion of your personal information.

We Don't Sell Your Data

We will never sell your personal or identifiable health information to third parties.

We Share Responsibly

We only share data with your Physician, trusted partners, or when required by law.

Protecting your private information is our priority.

This Privacy Policy applies to Mortho.AI and governs data collection and usage.

By using Mortho.AI, you consent to the data practices described in this statement.

HIPAA Compliance

Mortho.AI is committed to compliance with the Health Insurance Portability and Accountability Act (HIPAA).

All Protected Health Information (PHI) including medical records, X-ray images, and Physician-patient communications are handled in accordance with HIPAA privacy and security rules.

Collection of Your Personal Information

We collect personal information only when you voluntarily provide it, including:

  • Registering for an account as a device manufacturer, Physician, patient, or general user
  • Using our Physician-patient chat feature
  • Uploading X-ray images for analysis
  • Using our AI chat feature for knee and hip information
  • Submitting payment information when purchasing services

Use of Your Information

We use your information to:

  • Provide prediction modeling for knee and hip surgical outcomes
  • Facilitate Physician-patient communications
  • Process X-ray images within conversations
  • Deliver AI-powered educational information about knee and hip conditions
  • Improve our services and user experience

Medical Data Processing

  • X-ray images and medical data are encrypted in transit and at rest
  • AI processing of X-rays occurs within HIPAA-compliant infrastructure
  • Physician-patient chat conversations are encrypted and accessible only to authorized parties
  • Prediction modeling data is de-identified when used for research or algorithm improvement

Multi-Tenant Data Segregation

Mortho.AI operates with strict data separation between organizations and tenants.

Device manufacturers, Physicians, patients, and general users each have access only to their authorized data.

AI and Machine Learning

Our AI chat feature for general users provides educational information only and does not constitute medical advice.

The AI does not store or learn from individual conversations.

Clinical prediction models are trained on aggregated, de-identified data.

Sharing Information with Third Parties

Mortho.AI does not sell, rent, or lease your personal or medical information to third parties.

We may share data with HIPAA-compliant service providers for: cloud hosting, payment processing, technical support, and data analytics.

All service providers sign Business Associate Agreements (BAAs) and are required to maintain confidentiality.

We may disclose your information when required by law, to comply with legal process, to protect rights and property, or under exigent circumstances to protect personal safety.

Right to Deletion

Upon verifiable request, we will delete your personal information from our records and direct service providers to do the same.

We may retain information necessary to:

  • Complete transactions or fulfill service contracts
  • Comply with HIPAA record retention requirements
  • Detect security incidents or fraudulent activity
  • Debug and maintain functionality
  • Conduct peer-reviewed research with your informed consent
  • Comply with legal obligations

Medical Records Retention

In accordance with healthcare regulations, certain medical records including X-rays, surgical predictions, and Physician-patient communications may be retained for minimum periods as required by state and federal law, even after account deletion.

Age Requirements

Mortho.AI does not knowingly collect personally identifiable information from children under 13.

For users aged 13-18, parental or guardian consent is required for account creation and use of medical features.

Data Security

We implement industry-standard security measures including encryption, secure authentication, regular security audits, and access controls to protect your data.

Your Rights

You have the right to:

  • Access your personal and medical information
  • Request corrections to inaccurate data
  • Request deletion of your data (subject to legal retention requirements)
  • Opt-out of non-essential communications
  • Receive a copy of your medical records in a portable format

Changes to This Policy

We reserve the right to update this Privacy Policy.

We will notify you of significant changes via email to your registered address and/or prominent notice on Mortho.AI.

Continued use constitutes acceptance of the modified policy.

Contact Information

For questions or concerns about this Privacy Policy, or to exercise your privacy rights:

Mortho.ai
Email: support@mortho.ai

HIPAA Privacy Officer: Michael J. Murphy
Email: info@mortho.ai

Effective as of October 5, 2025