📄 Legal & Governance

Privacy & Data Protection Notice

Jurisdiction: United States
Last updated: June 2026
Version: 1.0
TheraCALC is a clinical calculator and decision-support platform designed to assist licensed healthcare professionals with dose calculations and clinical decision support. TheraCALC does not create user accounts, collect patient identities, or store clinical inputs entered during a session. This notice explains how TheraCALC handles information and how we protect user and patient privacy in the United States.
1 — Data Collection & Storage
  • TheraCALC does not create user accounts and does not require logins or passwords.
  • TheraCALC does not collect or store patient-identifiable information — such as names, medical record numbers, or dates of birth — on TheraCALC-controlled servers.
  • Clinical values entered into TheraCALC during a session are used solely to generate the requested calculation and are not retained, stored, or transmitted by TheraCALC for any other purpose.
  • TheraCALC does not use cookies or browser local storage to persist clinical inputs or calculation results beyond the current session, except where explicitly noted for non-clinical interface preferences.
Runtime independence TheraCALC does not rely on any third-party clinical decision-support service or external AI model to generate recommendations. Recommendations are generated using the proprietary TheraIQ engine developed and maintained in-house.
2 — HIPAA & US Healthcare Context
  • TheraCALC does not act as a system of record, data repository, or communication channel for protected health information (PHI).
  • Because TheraCALC does not receive, store, or transmit PHI on its own servers, TheraCALC is not intended to function as a HIPAA business associate to covered entities.
  • Covered entities and healthcare providers remain responsible for ensuring that their use of TheraCALC is consistent with their HIPAA policies and procedures, including avoiding the entry of directly identifiable patient information into any external systems unless approved by their organization.
Important — clinician responsibility TheraCALC is intended as a decision-support reference. Users should not enter directly identifiable patient information (names, MRNs, dates of birth) into any browser-based tool unless explicitly authorized by their organization's policies. De-identified clinical values — such as weight, age, and lab results — are appropriate for use with TheraCALC.
3 — Use of Third-Party Services
  • TheraCALC relies on a small number of reputable third-party services to keep the platform available, fast, and secure. These services support infrastructure and site delivery — not clinical functionality.
  • These services may log basic information about site visits, such as general location, browser type, and pages accessed. This is standard practice for any website and is used solely for operational purposes.
  • Clinical values entered into TheraCALC calculators are not shared with these services. TheraCALC takes reasonable steps to ensure that calculator inputs remain within the user's own session.
4 — Security & Site Safety
  • TheraCALC is delivered over a secure, encrypted connection. All communication between the user's browser and our hosting is protected using current web security standards.
  • TheraCALC is designed so that clinical inputs entered during a session are used only to generate the requested output and are not retained or stored by TheraCALC beyond that purpose.
  • TheraCALC has been reviewed and categorized by major web security and content-classification platforms as a legitimate medical reference tool, with no history of malicious or harmful content.
For institutional or IT review TheraCALC is designed with data minimization in mind — clinical inputs are not retained, shared, or used beyond generating the immediate calculation result. Organizations requiring additional documentation for security review or network approval are welcome to reach out via the contact information below.
5 — Intended Use & User Responsibilities
  • TheraCALC is intended for use by licensed clinicians and healthcare professionals in the United States as a decision-support tool and does not replace clinical judgment, patient-specific assessment, or current institutional protocols.
  • All outputs — including diagnoses, fluid recommendations, infusion rates, and drug dosing — are estimates based on population-derived formulas. Individual patient responses may vary significantly. Always verify calculations independently and consult current evidence-based guidelines.
  • Users are responsible for verifying calculation results, ensuring that no patient-identifiable information is exposed outside their authorized environment, and complying with all applicable organizational policies and US laws.
  • Healthcare organizations should treat TheraCALC as a browser-based reference tool. Because TheraCALC does not receive or store PHI on its own servers, it does not function as an electronic medical record or clinical data system.
6 — Updates to This Notice

We may update this notice to reflect changes in TheraCALC functionality, applicable US law, or security practices. The Last Updated date at the top of this page indicates the most recent revision. Continued use of TheraCALC following a posted update constitutes acceptance of the revised notice.

Contact

Questions about TheraCALC's privacy or security practices, or requests for additional documentation for security review or institutional whitelisting:

Email [email protected]
Website www.theracalc.com
For institutional security teams If your organization requires a completed vendor security questionnaire, a data processing agreement, or network whitelisting documentation, please reach out via email above. We are committed to supporting institutional review processes.