Privacy Policy

1. Who we are

MyWellnessID, LLC (“MyWellnessID,” “we,” “us”) operates a personal injury evidence platform that retrieves medical records, integrates wearable data, and runs adaptive AI check-ins to document the severity of a plaintiff’s injury over time. The platform serves two groups of people:

• Law firm users attorneys and staff who manage cases and receive structured evidence packages.
• Plaintiffs the injured individuals whose records and data are collected, with their authorization, on behalf of the firm representing them.

Our guiding principle is your data, your evidence: information collected about a plaintiff belongs to that plaintiff and the firm representing them not to MyWellnessID. We process it as a service provider acting on documented instructions.

2. Information we handle

• Firm and account information names, work email addresses, firm name, and role of attorney and staff users.
• Plaintiff identity and authorization records identity verification details and the signed authorizations that permit record retrieval.
• Protected health information (PHI) medical records, imaging, treatment history, and provider lists retrieved from connected electronic health record (EHR) systems.
• Wearable and device data activity, sleep, and related metrics a plaintiff chooses to connect from services such as Apple Health, Fitbit, Whoop, and Oura.
• Assessment responses pain scores, functional limitations, notes, and photos a plaintiff submits during twice-weekly AI check-ins.
• Usage and technical data log data, device and browser information, and cookies needed to operate and secure the platform.

3. How information is collected

Collection is plaintiff-directed. A plaintiff verifies their identity and authorizes record retrieval before anything is collected. Acting on that authorization, we retrieve records electronically via FHIR R4 across supported EHR platforms using the Individual Access request pathway and we may identify additional treating providers through provider-discovery partners such as Particle Health. Wearable and assessment data are collected only from sources the plaintiff connects or completes themselves.

4. How we use information

• Retrieve, organize, and structure medical records into a usable evidence package.
• Generate analytical outputs such as the Evidence Strength Score and Quantified Impact dashboard.
• Produce exportable evidence (PDF, CSV, FHIR) and, at the firm’s direction, sync it to case management systems.
• Provide support, maintain security, prevent fraud, and meet legal obligations.

5. AI assessments are a documentation tool only

The adaptive AI check-ins capture and structure how a plaintiff reports feeling over time. They do not make medical diagnoses, provide medical advice, or replace a clinician. Analytical outputs are decision-support aids for the firm; the methodology behind the Evidence Strength Score is disclosed in the evidence package appendix.

6. How we share information

• With the authorizing law firm the firm and its client receive the evidence collected for their matter.
• With data sources EHRs, health systems, and provider-discovery partners, only as needed to fulfill an authorized request.
• With subprocessors vetted service providers (e.g., cloud hosting, retrieval and integration partners) bound by written contracts.
• With case management systems Litify, Filevine, CASEpeer, or SmartAdvocate, only when the firm enables a sync.
• For legal and safety reasons where required by law or to protect rights and safety.

We do not sell personal information and we do not use plaintiff health data for advertising.

7. HIPAA and our role as a Business Associate

When MyWellnessID handles PHI on behalf of a law firm, it may act as a Business Associate under HIPAA. A Business Associate Agreement (BAA) governs that relationship and is available to firms at no charge request a BAA here. Our handling of records is aligned with the 21st Century Cures Act and HL7 / FHIR R4 standards.

8. Data retention and deletion

Information is retained for the life of the legal matter and for as long as the firm instructs or applicable law requires. Firms and plaintiffs may request deletion; we will honor verified requests except where retention is required by law or an active legal hold. Plaintiffs may withdraw authorization for future collection at any time.

9. How we protect information

We use encryption in transit and at rest, role-based access controls, and a complete audit trail and chain of custody for every record action. Read more on the Security page.

10. Your rights and choices

Depending on jurisdiction, plaintiffs and firm users may request access to, correction of, or deletion of their information, and may withdraw consent. Plaintiffs can raise a request through the firm representing them or by contacting us directly. We will verify identity before acting on any request.

11. Cookies and analytics

We use a minimal set of cookies and similar technologies to keep the platform working, to keep sessions secure, and to understand aggregate usage. We do not use third-party advertising cookies.

12. Minors and represented persons

The platform is intended for use by law firms and by adult plaintiffs or the authorized legal representatives of plaintiffs (for example, a guardian acting for a minor). We do not knowingly collect information directly from a minor without an authorized representative.

13. Scope

MyWellnessID is operated for use within the United States. Records, consent, and data handling follow applicable U.S. federal and state law.

14. Changes to this policy

We may update this policy as the platform evolves. Material changes will be reflected by an updated “last updated” date above, and, where appropriate, communicated to firm administrators.

15. Contact us

Questions about this policy or your information can be sent to support@mywellnessid.com. See also our Terms of Service.