Last updated: March 30, 2026
PillCoach, Inc. ("PillCoach," "we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our medication adherence platform, website, and related services (collectively, the "Services"). By using our Services, you agree to the collection and use of information in accordance with this policy.
We collect information you provide directly, including: account registration details (name, email address, phone number, organization name, and role); pharmacy management system credentials for integration purposes; communication preferences; and any other information you voluntarily submit through our platform, forms, or support channels.
In the course of providing our pharmacy platform services, we may receive, process, and store Protected Health Information (PHI) as defined under HIPAA. This includes patient medication records, prescription data, PDC adherence scores across all major measures plus HIV and SUPD, MTM encounter data including CMR and MedRec records, MedGuide distribution records, clinical monitoring data such as blood pressure, blood glucose, pulse oximetry, weight, A1C, and cholesterol lab results, vaccine administration records, telehealth session data, secure messaging content between pharmacy staff and patients, faxed documents, appointment records, and related health information. All PHI is handled in accordance with our Business Associate Agreements and HIPAA regulations. Please see our HIPAA Compliance page for detailed information about how we protect PHI.
When you access our Services, we automatically collect certain technical information, including: IP address, browser type, and device identifiers; pages visited, features used, and time spent on the platform; referring URLs and search terms; and log data and usage analytics. We use cookies and similar tracking technologies to enhance your experience. We do not use marketing pixels or third party tracking on authenticated pages that display health information.
We use the information we collect to: provide, operate, and maintain our all in one pharmacy platform; generate PDC analytics and adherence scoring across all major measures, HIV, and SUPD; facilitate MTM workflows including CMRs, MedRecs, and MedGuide distribution; enable patient communications via secure text messaging, faxing, appointment scheduling, and telehealth; support clinical monitoring for blood pressure, blood glucose, pulse oximetry, weight, A1C, and cholesterol labs; manage vaccine task workflows and adherence related task generation; provide MedlinePlus integrated patient education resources; generate financial performance dashboards and prescription reimbursement tracking at patient and organization levels; track user and staff performance metrics for administrators; facilitate integration with pharmacy management systems including PioneerRx, Liberty, and PrimeRx; communicate with you about your account, updates, and support inquiries; improve our Services through aggregated, de identified usage analytics; comply with legal obligations including HIPAA and applicable state pharmacy regulations; and enforce our Terms of Service and protect against fraud or misuse.
We do not sell your personal information. We may share information in the following circumstances: with pharmacy organizations and health plans as necessary to deliver our Services and as authorized under applicable Business Associate Agreements; with service providers who assist in operating our platform (e.g., cloud hosting, analytics), subject to confidentiality obligations and, where applicable, Business Associate Agreements; in response to legal process, court orders, or government requests, or to establish, exercise, or defend legal claims; in connection with a merger, acquisition, or sale of assets, subject to applicable confidentiality requirements; and with your consent or at your direction.
We implement administrative, technical, and physical safeguards designed to protect your information. These measures include AES 256 encryption for data at rest and TLS 1.2+ encryption for data in transit; multi factor authentication for all platform access; role based access controls with least privilege principles; continuous monitoring, intrusion detection, and immutable audit logging; regular vulnerability assessments and penetration testing; and SOC 2 Type II aligned security practices. Despite these measures, no method of electronic storage or transmission is completely secure. We continually review and update our security practices to address emerging threats.
We retain personal information for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. PHI is retained in accordance with HIPAA requirements and applicable state pharmacy record retention laws, which generally require a minimum of six years. When information is no longer needed, we securely delete or de identify it using industry standard methods.
Depending on your jurisdiction, you may have the right to: access, correct, or delete your personal information; object to or restrict certain processing of your data; request portability of your data in a structured, machine readable format; and withdraw consent where processing is based on consent. For PHI related requests, please refer to the Notice of Privacy Practices provided by the applicable covered entity (pharmacy or health plan). To exercise any of these rights regarding your account information, please contact us at info@pillcoach.co.
Our Services may integrate with third party pharmacy management systems, health plan portals, and other platforms. These integrations are governed by separate privacy policies maintained by those third parties. We encourage you to review the privacy practices of any third party services you connect to through our platform. We are not responsible for the privacy practices of third party services.
Our Services are designed for use by pharmacy professionals and healthcare organizations. We do not knowingly collect personal information directly from individuals under the age of 13. If you believe we have inadvertently collected such information, please contact us immediately and we will take steps to delete it.
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or industry standards. We will notify you of material changes by posting the updated policy on our website with a revised "Last updated" date and, where required, by sending direct notification to your registered email address. Your continued use of our Services after any changes constitutes acceptance of the updated policy.
If you have questions or concerns about this Privacy Policy or our data practices, please contact us at: PillCoach, Inc. — Email: info@pillcoach.co — Website: pillcoach.co/contact
Depending on your state of residence, you may have additional rights under state privacy laws. Texas residents are protected under the Texas Data Privacy and Security Act (TDPSA), which grants rights including the right to know what personal data is being processed, the right to delete personal data, the right to correct inaccurate data, the right to obtain a copy of your data in a portable format, and the right to opt out of the processing of personal data for targeted advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects. California residents may have rights under the California Consumer Privacy Act (CCPA) as amended by the CPRA. PillCoach does not sell personal information as defined under the CCPA or TDPSA. To exercise any state specific privacy rights, contact us at info@pillcoach.co. We will respond to verified requests within the timeframes required by applicable law. We will not discriminate against you for exercising your privacy rights.
Our website and platform use cookies and similar technologies to enhance functionality, analyze usage, and improve your experience. Strictly necessary cookies are required for the platform to function and cannot be disabled. They include session management, authentication tokens, and security cookies. Analytics cookies help us understand how users interact with our platform so we can improve performance and usability. We use first party analytics only and do not share this data with advertising networks. We do not use advertising or marketing cookies on authenticated pages or any pages that display or process PHI. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect platform functionality. We honor browser based opt out signals including Global Privacy Control (GPC) as required by applicable state privacy laws.
PillCoach does not sell your personal information to third parties. We do not share personal information for cross context behavioral advertising. We do not use or disclose sensitive personal data for purposes beyond those necessary to provide our Services. If you believe your data has been shared in a manner inconsistent with this policy, please contact us immediately at info@pillcoach.co.
PillCoach operates in different data processing capacities depending on the context. When processing PHI on behalf of pharmacies or health plans under a Business Associate Agreement, PillCoach acts as a Business Associate (processor) and processes data solely as directed by the covered entity. When collecting account registration information, website usage data, and other non PHI information directly from users, PillCoach acts as a data controller and processes such data in accordance with this Privacy Policy. This distinction is important because your rights and the applicable legal framework may differ depending on PillCoach's role in relation to your data.
PillCoach uses automated systems to generate PDC analytics, adherence risk scores, and task prioritization recommendations. These automated processes are designed to assist pharmacy staff in identifying patients who may benefit from outreach — they do not make clinical decisions and are not a substitute for professional clinical judgment. No automated decision made by our platform produces legal effects or similarly significant effects on any individual without human review. If you have questions about how automated processing affects you or your patients, please contact us at info@pillcoach.co.