Home Product Solutions Security Pricing Resources About Contact Request a demo
Legal

Privacy policy

Last updated: January 2026

This document is a template for illustration. It is not legal advice. Have counsel review it before you rely on it.

1. Information we collect

We collect the details you give us when you request a demo or contact us, such as your name, work email, company, and role. When a plan engages us, we also handle claims data and protected health information under a signed Business Associate Agreement.

2. How we use information

We use your contact details to respond to you and to run our services. We use claims data only to audit claims and recover overpayments for the plan that engaged us.

3. Protected health information and HIPAA

Any protected health information we handle is governed by a Business Associate Agreement and by HIPAA. We use it for one purpose: the audit. We do not sell it, use it for marketing, or fold it into other products.

4. How we share information

We do not sell your information. We share it only with the service providers we need to run the audit, and only under agreements that require them to protect it.

5. Security

We encrypt data in transit and at rest, limit access to the people who need it, and log that access. Our full safeguards are described on our HIPAA and security page.

6. Retention

We keep information only as long as we need it for the audit and for legal or contractual obligations. After that we return or destroy it, with written certification when a plan requests it.

7. Your choices

You can ask us what we hold about you, correct it, or ask us to delete it. Email maximus@soro.health and we will respond.

8. Cookies

Our website uses only the cookies needed to make it work. We do not use it to build advertising profiles.

9. Changes to this policy

If we change this policy, we will post the new version here with an updated date.

10. Contact

Questions about privacy go to maximus@soro.health.