Notice of Privacy Practices
Effective date: June 2, 2026
This notice describes how your health information may be used and disclosed, and how you can get access to this information. Please review it carefully.
1. Our Commitment to Your Privacy
DiaFem is committed to maintaining the privacy of your protected health information (PHI). PHI includes any information that identifies you and relates to your past, present, or future physical or mental health condition, the provision of healthcare to you, or payment for that care. We are required by law to maintain the privacy of your PHI, provide you with this Notice, and follow the terms of our current Notice of Privacy Practices.
2. How We May Use and Disclose Your PHI
For treatment: We may use and disclose your PHI to provide, coordinate, and manage your health care and related services. This includes sharing information with licensed clinicians on the Platform, your care team, or other providers involved in your treatment — with your authorization.
For health care operations: We may use your PHI to support Platform operations, quality improvement, care coordination, and training of our clinical staff. This includes using de-identified, aggregated data to improve our AI models and care protocols.
As required by law: We will disclose your PHI when required to do so by federal, state, or local law — including in response to a court order, subpoena, or lawful government request.
For public health activities: We may disclose your PHI to public health authorities authorized to collect information to prevent or control disease, injury, or disability — only to the extent required by law.
In the event of a serious threat, we may disclose your PHI if we believe in good faith that it is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public.
For research: We will only use or disclose your PHI for research purposes with your explicit written authorization, or where an authorized review board has waived the authorization requirement under applicable law.
We will not use or disclose your PHI for any other purpose without your written authorization. You may revoke any authorization you have given us at any time by contacting us at contact@diafem.ai.
3. Your Rights Regarding Your PHI
Right to access: You have the right to inspect and receive a copy of your PHI that we maintain. Requests will be fulfilled within 30 days. A reasonable fee may apply for copies.
Right to amend: You have the right to request that we amend your PHI if you believe it is inaccurate or incomplete. We will respond within 60 days. We may deny your request if the information was not created by us, is not part of our records, or is already accurate.
Right to an accounting of disclosures: You have the right to request a list of instances in which we have disclosed your PHI for purposes other than treatment, payment, or health care operations, going back up to six years.
Right to request restrictions: You have the right to request restrictions on how we use or disclose your PHI. We are not required to agree to all restrictions, but we will comply with any restriction we do agree to — except in an emergency.
Right to confidential communications: You have the right to request that we communicate with you about your health matters in a specific way or at a specific location. We will accommodate reasonable requests.
Right to a paper copy of this notice: You have the right to request a paper copy of this Notice at any time, even if you have agreed to receive it electronically.
Right to be notified of a breach: You have the right to be notified if your unsecured PHI is breached. We will notify you within 60 days of discovering a breach, as required by the HIPAA Breach Notification Rule.
4. Our Responsibilities
We are required to maintain the privacy of your PHI. We are required to provide you with this Notice of our legal duties and privacy practices. We are required to notify you following a breach of unsecured PHI. We are required to abide by the terms of this Notice currently in effect. We will not use or disclose your PHI other than as described in this Notice without your written authorization. We will not sell your PHI under any circumstances.
5. Changes to This Notice
We reserve the right to change this Notice at any time. Any revised Notice will apply to PHI we already hold as well as PHI we receive in the future. The revised Notice will be posted on our Platform, and the effective date will be updated. You may request a copy of the current Notice at any time.
6. Complaints
If you believe your privacy rights have been violated, you have the right to file a complaint with DiaFem or with the U.S. Department of Health and Human Services Office for Civil Rights. You will not be penalized or retaliated against for filing a complaint.
To file a complaint with DiaFem: Email: contact@diafem.ai Subject line: Privacy Complaint
7. Contact Our Privacy Officer
For questions about this Notice or to exercise your rights, contact our designated HIPAA Privacy Officer:
DiaFem Privacy Officer Email: contact@diafem.ai