RosettaHealth Legal Center

Welcome to the RosettaHealth Legal Center.

Here you’ll find our public privacy and website terms, along with references to the contractual agreements that govern our customer relationships.

1. Privacy Policy (Summary)

Effective Date: 08/11/2025

RosettaHealth, Inc. (“RosettaHealth”) is committed to protecting the privacy and security of the information we process on behalf of our customers. We operate exclusively as a HIPAA Business Associate and follow strict contractual, legal, and industry standards for handling protected health information (“PHI”).

What We Do:

  • Provide secure health information exchange services for healthcare organizations

  • Process PHI only as directed by our customers and never for marketing or sale

  • Maintain robust safeguards aligned with HIPAA, SOC 2, and other recognized frameworks

How We Protect Data:

  • Encryption in transit and at rest

  • Access controls with multi-factor authentication

  • Continuous monitoring and regular compliance audits

When We Share Information:

  • Only with authorized parties designated by our customers

  • With subcontractors under HIPAA-compliant agreements

  • When required by law

Your Rights:

Questions about your PHI should be directed to your healthcare provider. If we receive a request, we will route it to the applicable customer.

Breach Notification:

We notify affected customers without unreasonable delay if a breach of unsecured PHI occurs, in accordance with our Business Associate Agreements and HIPAA.

Full Privacy Policy: RosettaHealth Privacy Policy

2. Website Terms of Use

Effective Date: 08/14/2025

These Terms govern your use of the RosettaHealth public website and related online resources (the “Site”). By using the Site, you agree to these Terms.

Purpose:

The Site provides information about RosettaHealth. It does not create a customer relationship or grant access to our services.

Not a Substitute for Contractual Terms:

Customer relationships, service levels, privacy and security commitments, and fees are governed exclusively by signed Business Associate Agreements (BAAs), Master Services Agreements (MSAs), and related order forms.

Acceptable Use:

You agree not to violate laws, introduce malware, gain unauthorized access, or infringe upon the rights of others when using the Site.

Intellectual Property:

All Site content is owned or licensed by RosettaHealth and may not be copied or used without permission.

No Warranties & Limitation of Liability:

The Site is provided “as is” without warranties of any kind. RosettaHealth is not liable for damages from your use of the Site.

Links:

We are not responsible for the content or privacy practices of third-party websites.

Changes:

We may update these Terms from time to time. Continued use of the Site after changes constitutes acceptance.

Full Website Terms of Use: RosettaHealth Website Terms of Use

3. Contractual Terms for Customers

For existing or prospective customers, the following agreements govern our services and obligations:

  • Business Associate Agreement (BAA) – Defines our HIPAA privacy and security commitments, breach notification process, and permitted uses/disclosures of PHI.

  • Master Services Agreement (MSA) – Defines service scope, SLAs, uptime commitments, and limitations of liability.

  • Order Forms / Statements of Work – Define specific services purchased, pricing, and delivery timelines.

These agreements are executed directly with each customer and are not posted publicly.

Contact Us
Privacy Officer – RosettaHealth, Inc.
Email: privacy@rosettahealth.com
Legal Inquiries: legal@rosettahealth.com