Effective: March 1, 2026
SurgHome is a post-operative patient recovery monitoring service operated by Heirloom Data, Inc. ("we," "us," or "our"). This service sends automated SMS check-in messages to surgical patients during the 30 days following their procedure. This Privacy Policy describes how we collect, use, store, and protect your information when you participate in the SurgHome program.
When you enroll in SurgHome, we collect the following information:
During the program, we collect your responses to clinical screening questions, including pain ratings, symptom reports, medication use, and satisfaction assessments. If you send free-text messages to the system, those are also recorded.
Your information is used solely for the following purposes:
We do not sell your personal information. We do not use your information for marketing or advertising. We do not share your information with third parties except as required to deliver the service (e.g., Twilio for SMS delivery) or as required by law.
SurgHome is designed to comply with the Health Insurance Portability and Accountability Act (HIPAA). Your health information is protected health information (PHI) and is handled accordingly. We maintain administrative, physical, and technical safeguards to protect your information, including encryption of data in transit and at rest, access controls limiting data access to authorized clinical personnel, and audit logging of all access to patient records.
Your information is stored in encrypted databases hosted in the United States. Phone numbers are stored as one-way cryptographic hashes where possible. All communications between the system and SMS delivery providers are encrypted. We retain your data for the duration of the program plus a reasonable period for quality improvement analysis, after which identifiable data is deleted or de-identified.
By enrolling in SurgHome, you consent to receive automated SMS messages related to your post-surgical recovery. Message frequency varies but typically includes 6 scheduled check-ins over 30 days, plus follow-up messages as clinically indicated. Message and data rates from your mobile carrier may apply. You may opt out at any time by replying STOP to any message. You may request help by replying HELP.
We use Twilio, Inc. to send and receive SMS messages. Twilio processes your phone number and message content to facilitate delivery. Twilio's privacy practices are governed by their own privacy policy. We maintain a Business Associate Agreement with Twilio as required by HIPAA.
You have the right to opt out of the program at any time by replying STOP. You have the right to request access to the information we have collected about you. You have the right to request deletion of your information, subject to any legal or regulatory retention requirements. To exercise these rights, contact us at the address below.
SurgHome is intended for adults aged 18 and older. We do not knowingly collect information from individuals under 18.
We may update this Privacy Policy from time to time. If we make material changes, we will notify active participants via SMS. The effective date at the top of this page indicates when the policy was last revised.
If you have questions about this Privacy Policy or your data, contact:
Heirloom Data, Inc.
Email: privacy@heirloomdata.io