Qurvia HIPAA Privacy Policy

At Qurvia, your trust means everything to us. We know that when you share sensitive health information, you expect it to be protected with the highest level of care. That’s why Qurvia was built from the ground up to meet HIPAA standards for privacy, security, and data protection.

How We Keep Your Information Safe

Our Team

Every Qurvia team member:

  • Passes a background check before joining.

  • Completes annual training on HIPAA, privacy, and security.
    We take security seriously—every person on our team knows it’s part of their job.

Staying Compliant

We regularly review and update our security policies to keep them current.
Our Chief Technology Officer (CTO) leads all privacy and security efforts to make sure your information stays safe.

Secure by Design

  • Every software change goes through a security review.

  • Our infrastructure runs on “infrastructure as code,” meaning every change is carefully reviewed before deployment.

  • Our engineers receive secure development training so safety is built in at every step.

Where Your Data Lives

  • Qurvia runs on Microsoft Azure, one of the most secure cloud platforms in the world.

  • We maintain a HIPAA-compliant Business Associate Agreement (BAA) with Microsoft.

  • Azure’s high-availability infrastructure means your data is always secure and accessible when you need it.

Data Protection

  • All information is encrypted both in transit (while moving) and at rest (while stored).

  • Protected health information (PHI) is only used for the purpose you expect—never for anything else.

Our Partners

  • Any partner or vendor who might handle PHI must also be HIPAA compliant and sign a BAA with Qurvia.

  • We regularly check that our vendors maintain the same high standards we do.

Qurvia + AI

  • Qurvia’s AI is designed to respect patient privacy.

  • PHI is never used to train our AI models.

  • Our AI tools are HIPAA-compliant and do not retain or reuse sensitive data.

Patient Information

  • All patient data is fully encrypted at every stage.

  • Temporary files (like recordings or processing data) are securely stored only as long as needed for summaries and quality checks, then automatically deleted.

  • Patient notes can be deleted anytime, or you can set them to auto-delete after 30 days.

🔒 Our Promise

Qurvia is committed to protecting sensitive health information with care, transparency, and the highest security standards. You focus on caring for patients—we’ll take care of the rest.