Effective: April 1, 2026 · Last updated: April 9, 2026
Pathriva Inc. provides clinical outcomes analytics for GLP-1 telehealth operators. We process aggregate health data on behalf of our customers (Covered Entities under HIPAA).
De-identified and aggregated clinical data: patient demographics, medication records, clinical observations, and adherence metrics. We do NOT store SSN, financial data, or unencrypted patient identifiers.
Pathriva operates as a Business Associate under HIPAA. BAA signed with every customer before data flows. All processing within Google Cloud Platform with signed GCP BAA. PHI never sent to external AI APIs.
AES-256 encryption at rest. TLS 1.2+ in transit. JWT-based multi-tenant isolation. HIPAA-compliant audit logs.
Customer data retained for contract duration. Upon termination, all data purged within 30 days. Certified destruction provided. Audit logs retained 6 years per HIPAA.
Privacy: privacy@pathriva.com · Security: security@pathriva.com · General: business@pathriva.com