• Book an Appointment
  • +254 729 161 570
  • +254 105 506 638
  • info@ethmoide.com
    logo
    • Home
    • Products
      • Vomer Hospital Management System
      • Palmchild
      • Ethmoide Brands
      • Habaridaktari
      • Photosurgeon
      • Surgeons in Kenya
    • Services
      • Social Media Marketing
      • Content Generation
      • Influencer Marketing
      • Hospital Management Systems
      • Website Development
      • See more...
    • Blog
    • Contact us
    • About
    • Privacy Policy
    • Terms of Service
    • EN

    Legal & Compliance  /  Product Supplement

    Healthcare Platform Supplement

    Ethmoide Inc.
    Effective Date: June 1, 2025 ·  Last Updated: June 2026


    This is a Product Supplement. It applies exclusively to users of the Ethmoide Healthcare Platform (including ethmoide.com and associated sub-domains providing clinical tools). It must be read together with the Master Terms of Service and Master Privacy Policy. In the event of a conflict between this Supplement and those master documents, this Supplement prevails for the Healthcare Platform. All other Ethmoide Inc. products are governed solely by the master documents unless they have their own supplement.

    Healthcare Data Notice: This Supplement governs the handling of Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations. It applies only to use cases involving PHI processed by Ethmoide on behalf of Covered Entities.

    Part A — Additional Terms of Service

    The following terms supplement and, where applicable, modify the Master Terms of Service for the Ethmoide Healthcare Platform.

    A1. Intended Users and Professional Responsibility

    The Ethmoide Healthcare Platform is designed exclusively for licensed healthcare professionals, including but not limited to physicians, nurses, clinical officers, pharmacists, and healthcare administrators. By using the Healthcare Platform, you represent and warrant that:

    • You are a licensed healthcare professional in good standing in your jurisdiction, or you are accessing the platform under the supervision of such a professional.
    • You will use the platform's clinical decision support, diagnostic, and workflow tools only as an adjunct to — and not as a replacement for — your own professional clinical judgement.
    • You accept sole professional and legal responsibility for all clinical decisions made in connection with your use of the platform.
    • You will comply with all applicable professional standards, codes of conduct, and licensing requirements.

    Ethmoide Inc. is not a licensed healthcare provider and does not provide medical advice, diagnosis, or treatment. Nothing in the Healthcare Platform constitutes a doctor-patient relationship.

    A2. Patient Data and Covered Entity Obligations

    Where you input or upload patient data (including Protected Health Information) to the Healthcare Platform, you represent and warrant that:

    • You are a Covered Entity or an authorised representative of a Covered Entity under HIPAA, or you are acting under a valid authorisation from the relevant patient(s).
    • You have obtained all necessary patient consents and authorisations required under applicable law before submitting any PHI.
    • Your use of the platform complies with your organisation's own HIPAA policies and procedures.
    • You will execute a Business Associate Agreement (BAA) with Ethmoide Inc. before submitting any PHI. Use of the Healthcare Platform to process PHI without an executed BAA is strictly prohibited.

    A3. Clinical Disclaimer and No Warranty for Clinical Outcomes

    In addition to the disclaimers in the Master Terms, Ethmoide Inc. expressly disclaims any warranty that the Healthcare Platform's outputs — including clinical decision support suggestions, diagnostic recommendations, risk scores, or any other clinical content — are accurate, complete, safe, or appropriate for any specific patient or clinical scenario. Such outputs are provided for informational and reference purposes only. Ethmoide Inc. shall not be liable for any clinical outcome, adverse event, or harm to any patient arising from your use of the Healthcare Platform.

    A4. Regulatory Compliance

    You are solely responsible for ensuring that your use of the Healthcare Platform complies with all applicable healthcare laws and regulations in your jurisdiction, including but not limited to medical device regulations, telehealth regulations, and prescribing laws. Ethmoide Inc. makes no representation that the Healthcare Platform is approved, cleared, or certified as a medical device by any regulatory authority unless explicitly stated in the product documentation.


    Part B — Additional Privacy Provisions

    The following privacy provisions supplement and, where applicable, modify the Master Privacy Policy for the Ethmoide Healthcare Platform.

    B1. Protected Health Information (PHI) and HIPAA

    Ethmoide Inc. operates as a Business Associate under HIPAA when processing PHI on behalf of Covered Entities (healthcare providers, health plans, and healthcare clearinghouses). In this capacity:

    • We use and disclose PHI only as permitted or required by our executed BAA and applicable HIPAA regulations.
    • We implement administrative, physical, and technical safeguards as required by the HIPAA Security Rule to protect electronic PHI (ePHI).
    • We do not use PHI for marketing purposes or sell PHI under any circumstances.
    • We report any breaches of unsecured PHI to the relevant Covered Entity in accordance with the HIPAA Breach Notification Rule.
    • We support Covered Entities in fulfilling patient rights under the HIPAA Privacy Rule, including rights of access, amendment, and accounting of disclosures.

    If you are a patient whose PHI has been processed through the Healthcare Platform, please contact the healthcare provider or institution through whom you accessed care for privacy-related requests. Patients may also direct enquiries to our Privacy Office at the contact information below.

    B2. Additional Data Categories Collected

    In addition to the data categories in the Master Privacy Policy, the Healthcare Platform may collect:

    • Professional Credentials: Medical licence numbers, specialisation, registration bodies, and affiliated institutions.
    • Patient Data (PHI): Patient records, clinical notes, diagnostic data, imaging data, laboratory results, and related health information entered or uploaded by authorised healthcare providers.
    • EHR Integration Data: Data received from Electronic Health Record systems, hospital management systems, or health information exchanges with which the platform integrates, subject to applicable authorisations.
    • Clinical Activity Data: Records of clinical decisions, queries, and tool usage within the platform, which may be used in de-identified form to improve clinical algorithms.

    B3. Data Retention — Healthcare Platform

    PHI is retained in accordance with applicable state, federal, and Kenyan medical records retention laws, and the terms of our executed BAA with the relevant Covered Entity. De-identified clinical activity data may be retained for longer periods for research and algorithm improvement purposes. Upon a lawful deletion request and subject to applicable legal obligations, we will securely destroy or de-identify PHI in accordance with HIPAA standards.

    B4. Business Associate Agreements (BAAs)

    All third-party vendors engaged by Ethmoide Inc. who process PHI on our behalf are required to execute a Business Associate Agreement that imposes HIPAA-compliant obligations. Ethmoide Inc. maintains a current list of such Business Associates and will make this available to Covered Entities upon written request.

    B5. Minors' Health Data

    Patient data involving minors may be processed on behalf of Covered Entities as part of clinical care delivery. Such data is handled in strict accordance with applicable law, including HIPAA, Kenya's Data Protection Act 2019, and the Children's Online Privacy Protection Act (COPPA) where applicable. Access to minors' health data is restricted to authorised healthcare professionals acting within their scope of practice.

    Contact — Healthcare Platform Privacy & Legal

    For questions specific to this Supplement, including BAA requests or PHI-related privacy matters:

    Ethmoide Inc. — Healthcare Privacy OfficeEmail: privacy@ethmoide.comLegal: legal@ethmoide.comPostal Address: Hospital Rd, Upper Hill, Nairobi, Kenya

    © 2026 Ethmoide Inc. All rights reserved.
    This Supplement was last reviewed in June 2026.

    Master Terms of ServiceMaster Privacy PolicyLegal Hub

    logo image
    • Nairobi, Kenya
    • info@ethmoide.com
    • +254 729 161 570
    • +254 105 506 638

    Leverage technology to provide quality healthcare.

    Latest news

    • Blog with category

    last blogs

    The Next Big Healthcare Innovation: Design

    The Next Big Healthcare Innovation: Design

    20, 22, 21,
    More than Healthcare: Innovation and the Social Determinants of Health

    More than Healthcare: Innovation and the Social Determinants of Health

    20, 22, 21,

    contact us

    Copyright © 2025
    Ethmoide inc. All Rights Reserved - Since 2017.
    • Privacy Policy
    • Terms of Service