This policy does not contradict our Data Oath. Every commitment made on that page is a legally binding obligation reflected in this document. If you find a conflict, tell us immediately.
InPursuit Health, Inc. ("InPursuit Health," "we," "us," or "our") is a veteran-owned health data orchestration company. We build the TETRA™ platform — infrastructure that unifies, protects, and puts health data to work for the people and organizations that generate it. We are not a data company that happens to offer software. We are an infrastructure company whose revenue comes from delivering outcomes — not from monetizing the information that flows through our systems.
This Privacy Policy governs how we collect, handle, protect, and limit the use of personal information and protected health information (PHI) across our websites, the TETRA™ platform, TETRA Ex™, TETRA Conductor™, TETRA Aegis™, TETRA Sentinel™, the InPursuit consumer application, and all related services (collectively, the "Services").
These commitments are not aspirational language. They are legally binding obligations. They do not have carve-outs. They cannot be overridden by a future policy update. They are the foundation everything else in this document is built on.
We will never sell your data. Your health information will never be sold, traded, brokered, or transferred to any third party for profit — not to advertisers, data brokers, pharmaceutical companies, insurers, or anyone else. No exceptions. No loopholes.
You own your data — always. Every provider and patient retains full intellectual property ownership of their data at all times. InPursuit Health is a custodian and a tool. If you leave, your data leaves with you, in full, in standard formats, at no cost.
Your data trains only your insights. We do not aggregate, anonymize, pool, or repurpose your clinical data to train AI models, build commercial products, or develop benchmarks sold to or shared with any other organization. Your patient population is yours.
Full transparency — always. You will always know exactly what data we hold, how it is used, and who has accessed it. There are no hidden processes, no shadow analytics, and no secondary uses you have not explicitly approved.
Data is never our product. Our revenue comes from infrastructure subscriptions and outcome-based arrangements. We have no financial interest in the content of the data that flows through our platform. Data monetization does not supplement our fees — it is prohibited.
Security is ongoing, not a checkbox. We continuously invest in penetration testing, vulnerability assessments, compliance audits, and emerging threat intelligence. Your data protection does not expire.
"We built InPursuit Health on a simple, unbreakable rule: the people who generate health data are the people who own it. No exceptions. No loopholes. No fine print." — InPursuit Health Leadership. Read the full Data Oath →
When you are a healthcare provider, health plan, or other HIPAA-covered entity using the TETRA platform, or a patient whose records are orchestrated through TETRA Ex™, we handle PHI as a Business Associate under a signed Business Associate Agreement (BAA). See Section 5 and Section 6 for how PHI is governed and protected within the TETRA Vault architecture.
If you use TETRA Ex™ — either as a provider connecting to health information exchanges or as an individual exercising your data rights — we access clinical records, lab results, medications, claims, and other health information from connected systems solely on your direction and with your explicit authorization. We are the pipe, not the destination. This data lives in your TETRA Vault and is governed by your permissions.
We use the information we collect only for the following purposes:
We do not use your information for: advertising, behavioral profiling, commercial data analytics, AI model training on behalf of third parties, or any purpose not listed above.
When InPursuit Health handles PHI on behalf of a HIPAA-covered entity, we act as a Business Associate under 45 C.F.R. § 160.103. A signed Business Associate Agreement (BAA) must be in place before any PHI is processed through our platform. We do not treat HIPAA compliance as a badge or a marketing claim — it is a legal obligation that is operationally enforced at every layer of our architecture.
To request a BAA: privacy@InPursuitHealth.com.
As a Business Associate, we use or disclose PHI only: (a) as directed by the covered entity in the BAA; (b) as required for the proper management and administration of our services to that covered entity; or (c) as required by law. We do not use PHI for any commercial purpose, AI training, or analytics that benefit InPursuit Health commercially.
Role-based access controls (RBAC) are enforced across every component of the TETRA platform. Access to PHI is granted only to personnel and systems with a documented need. Audit logs record every access event with full provenance.
Individuals have rights to access, amend, and obtain an accounting of disclosures of their PHI under 45 C.F.R. §§ 164.524–164.528. For PHI handled on behalf of a covered entity, requests should be directed first to that covered entity, who will coordinate with us. For PHI held in your personal TETRA Vault through the consumer application, you may exercise these rights directly by contacting privacy@InPursuitHealth.com.
The TETRA Vault is the architectural model by which your data is stored and governed within our platform. It is not a marketing concept — it is how the system is built.
We share information in only the following limited circumstances, and we do not share beyond what is necessary for each purpose.
Through TETRA Ex™, we transmit PHI and clinical data to providers, systems, and networks that you have explicitly authorized to receive it. This is the core function of the platform — bidirectional exchange at your direction. We are executing your instructions, not making independent sharing decisions.
We engage a limited set of vetted infrastructure providers (cloud compute, storage, security monitoring) to operate the TETRA platform. All subprocessors are bound by:
Our current subprocessor list is publicly available at privacy@InPursuitHealth.com. We update this list before adding any new subprocessor with access to PHI and notify affected customers.
We may disclose information when required by law, court order, or government authority. Where legally permitted, we will notify you before disclosure and cooperate with any efforts to obtain a protective order. We will not disclose PHI in response to a voluntary government request without a BAA or court order.
In the event of a merger, acquisition, or sale of substantially all assets, we will provide at least 60 days' advance notice to affected customers. Any successor entity will be required to honor all existing Data Oath commitments and BAAs as a condition of the transfer. You may terminate your agreement and export your data before any transfer takes effect.
AI capabilities within the TETRA platform exist for one purpose: to improve health outcomes for patients and reduce administrative burden for providers. TETRA Conductor™ routes clinical AI interactions to the appropriate model. TETRA Aegis™ and TETRA Sentinel™ ensure those interactions are safe, auditable, and confined to your authorized data scope.
Your data trains only your insights. When AI learns from your patient population, those insights stay within your TETRA Vault. We never pool clinical data across customers to build, fine-tune, or benchmark AI models — for ourselves or for any third party. This applies equally to anonymized, de-identified, or aggregated derivatives of your data. The only exception is internal platform improvements that use technical (non-clinical) performance data — never PHI, never patient-level records.
Every AI-generated recommendation produced through the TETRA platform includes the reasoning behind it. No black boxes. Every AI interaction — input, classification, risk score, decision, output — is captured in your immutable audit log. You can review any AI decision at any time.
TETRA Aegis™ is the supervisory control layer between your users and any AI model. It intercepts every prompt, classifies the sensitivity of the content, scores the interaction for risk, and either passes, mediates, or blocks the interaction — all in under 200ms, before any data leaves your organization. TETRA Sentinel™ is the intelligence inside that layer — the AI that watches AI — providing continuous behavioral surveillance, hallucination detection, and anomaly monitoring across all AI interactions in your environment.
The TETRA platform supports clinical decision-making. It does not replace it. AI-generated outputs are informational. All clinical decisions remain the exclusive responsibility of licensed healthcare providers. InPursuit Health does not assume liability for clinical outcomes based on AI-generated recommendations.
We retain data for the shortest period consistent with our legal obligations and your business needs. We do not retain data to build commercial value from it.
Upon request or account termination, we will provide a full export of your data in standard formats and confirm in writing when destruction is complete.
The TETRA platform was built to meet Department of Defense security standards — forged in the U.S. Military Health System and the Department of Veterans Affairs before entering the commercial market. Security is not a feature we added — it is the foundation the platform was built on.
Our security program includes:
If you believe your account has been compromised or you have identified a security vulnerability, contact us immediately at security@InPursuitHealth.com.
These rights apply to personal information we hold about you directly. For PHI handled on behalf of a covered entity, coordinate requests through that entity.
To exercise any right, contact privacy@InPursuitHealth.com. We respond within 30 days, or sooner as required by applicable law, and at no charge.
Our Services are not directed to individuals under 18. We do not knowingly collect personal information from minors under 18. If we become aware of such a collection, we will delete it promptly. Contact privacy@InPursuitHealth.com if you believe a minor's information has been collected.
For minor patients whose PHI flows through the TETRA platform as part of authorized care coordination, access and authorization rights are governed by HIPAA and applicable state law regarding parental and guardian rights.
On our marketing website (InPursuitHealth.com):
On the clinical TETRA platform, there are no third-party tracking scripts of any kind. All logging is internal, audit-purpose only, and accessible to you.
California residents have rights to know, delete, correct, and opt out of sale or sharing of personal information. We do not sell personal information. We do not share personal information for cross-context behavioral advertising. California residents may submit requests to privacy@InPursuitHealth.com. We will not discriminate against you for exercising your rights.
Residents of these states have rights to access, correct, delete, and port personal data, and to opt out of targeted advertising and profiling. Submit requests to our Privacy Officer. We respond within the timeframes required by each applicable state law.
We extend the same rights to residents of all states with comprehensive privacy legislation and will continue to update our practices as new state laws take effect.
In the event of a confirmed breach of unsecured PHI or personal information, InPursuit Health commits to:
We will not minimize, delay, or obscure the nature or scope of any breach. Transparency after an incident is an extension of the same commitment we make before one.
We will not retroactively change this policy to enable uses of your data that were not permitted when you signed up. Any material change to this Privacy Policy requires:
The "Last Updated" date at the top of this page reflects the most recent revision. Prior versions are available upon request.
For privacy inquiries, rights requests, BAA execution, or breach reports:
HIPAA Privacy Officer
InPursuit Health, Inc.
privacy@InPursuitHealth.com
Security incidents: security@InPursuitHealth.com
General: info@InPursuitHealth.com
To file a complaint with HHS Office for Civil Rights: hhs.gov/ocr/complaints