Redox retains data to provide services and support you and all our other customers. Below, we specify what customer-generated data we store, how long we store it for product functionality, and why we use it. We also distinguish the data retention policies for protected health information (PHI) versus other types of data.
Data type | Description | Retention period | Purpose |
|---|---|---|---|
PHI in payloads | Full request payloads containing PHI sent through Redox. | 60 days | For (a) troubleshooting and support; (b) recent transaction data in the dashboard; and (c) historical data replays. |
PHI in searches | Search index that contains salted and hashed identifiers from request payloads—including patient names and identifiers, provider IDs, and other record IDs. | 60 days | For (a) troubleshooting and support; and (b) logs in the dashboard. |
PHI in data operations | Field paths containing patient identifiers, provider IDs, or other record IDs to filter or translate during log processing. | Contract duration Redox purges data within 30 days of customer account closure. | For supporting customer-configured data operations (e.g., filters, translation sets, config modifiers) |
PHI in data on demand | Data on demand stores (a) patient identifiers, basic demographics; (b) provider data; (c) reference URLs to files sent to integrated systems; (d) encoded base64 strings for files sent to integrated systems; and (e) scheduling, orders, and results data. Learn more about data on demand. | Contract duration Redox purges data within 30 days of customer account closure. | For (a) providing a database to query when your connection’s system doesn’t support query type of requests; and (b) accessing stored event-based messages via queries. |
PHI in backfill searches | Search index for backfill data that contains salted and hashed identifiers from request payloads—including patient names and identifiers, provider IDs, and other record IDs. Learn more about backfilling. | 60 days | For (a) troubleshooting and support; and (b) logs in the dashboard. |
Metadata (no PHI) | Any metadata about requests sent through Redox. | May be stored indefinitely Available via the Redox dashboard and Platform API for at least 60 days. | For (a) troubleshooting and support; (b) audit logging; and (c) informed product enhancements. |
Metadata for backfill requests (no PHI) | Any metadata about queries to backfill data . | May be stored indefinitely Available via the Redox dashboard and Platform API for at least 60 days. | For (a) troubleshooting and support; (b) audit logging; and (c) informed product enhancements. |
System backups | Backups of stored data. | Minimum of 5 days and up to 30 days Backups may persist for up to 30 days after data has been deleted from the primary storage method. | For data restoration purposes and resiliency |
System and security logs | Logs generated by our cloud-based security tools. | 90 days (active) 1 year (archived) | For risk and incident management |
Antivirus scan logs | Logs generated by our antivirus/malware solution. | At least 1 year (archived) | For risk and incident management |
Redox organization user information | Names, email addresses, or profile information of any users that are part of a Redox organization. | Contract duration Redox purges data within 30 days of customer account closure. | For product delivery |
Usage statistics | Any metadata about the number of successful API requests made for a specified date range. | 13 months Available via the Redox dashboard and Platform API for at least 1 year. | For monitoring transaction usage |
Data is both processed and stored in the U.S. most of the time. For Canadian organizations, healthcare data is processed in the U.S. but stored in Canada. However, any of the Redox configuration settings for Canadian organizations are stored in the U.S. Learn more about multi-region organizations.
We also store data for compliance and regulatory purposes. This data isn’t related to product functionality. Contact us if you have questions or would like a copy of our full data retention policy.