Privacy Policy

1. About This Policy

This Privacy Policy explains how EGS Health Inc. ("EGS Health," "we," "our," or "us") collects, uses, stores, and shares information when you access or use Protocol Pilot — our AI-powered clinical protocol and guideline platform — through our website at www.protocolpilot.ai, our application programming interfaces, and any related services (collectively, the "Platform").

Protocol Pilot is a business-to-business (B2B) Software-as-a-Service product deployed within healthcare organisations. End users are primarily licensed healthcare professionals — including physicians, nurses, pharmacists, and clinical administrators — acting under the authority and data governance policies of their employing institution (the "Covered Entity" or "Business Associate").

Please read this policy carefully. By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy.

2. Who We Are

EGS Health Inc. is the legal entity that operates Protocol Pilot. For the purposes of applicable data protection law, EGS Health acts as:

  • A Business Associate under the Health Insurance Portability and Accountability Act (HIPAA), when processing Protected Health Information (PHI) on behalf of a Covered Entity pursuant to a signed Business Associate Agreement (BAA).
  • A data processor / service provider under applicable state privacy laws, when processing personal information on behalf of our institutional customers.

Registered Address: EGS Health Inc., N27 W23960 Paul Road, Suite 101, Pewaukee, Wisconsin 53072.
Data Protection Contact:

3. Scope of This Policy

This Policy applies to:

  • All users of Protocol Pilot including but not limited to Clinicians, nurses, pharmacists, and administrative staff who access Protocol Pilot through their employer's licensed deployment.
  • Hospital administrators, IT contacts, and procurement representatives who interact with us for pilot or contract purposes.
  • Visitors to www.protocolpilot.ai.

This Policy does not govern the data practices of our institutional customers or of third-party services they independently operate. Employees and contractors of EGS Health are governed by separate internal HR privacy notices.


Protocol Pilot is not a substitute for the physician’s judgment and is designed as a protocol and policy reference tool, not a clinical records system.

4. Information We Collect

4.1 Information Provided by Your Institution

When your healthcare organisation deploys Protocol Pilot, it provides us with configuration data necessary to operate the Platform, which may include:

  • Organisational details (hospital name, address, department structure)
  • User account provisioning data (name, job title, role, department, employee ID, email address)
  • Role-based access permissions assigned by the institution's administrators
  • Clinical protocol documents, policies, and guidelines (uploaded in any format)

4.2 Information Generated Through Platform Use

When clinicians use Protocol Pilot to query the knowledge base, the Platform automatically collects:

Data Type Examples Purpose
Query Logs Plain-language questions submitted to the AI agent Generate AI responses; compliance audit trail
Interaction Logs Follow-up questions, clarification requests, session timestamps Conversational continuity; usage analytics
Protocol Access Records Which protocols/guidelines were surfaced in response to queries Adherence tracking; compliance reporting
Adherence Data Order set usage mapped against protocol recommendations Quality improvement; leadership dashboards
Device & Technical Data Browser type, OS, IP address, session identifiers Security monitoring; platform stability

4.3 Website Visitor Data

If you visit www.protocolpilot.ai without an institutional account, we may collect standard web analytics data (page views, referral source, device type) and any information you voluntarily submit through contact or demo-request forms (name, email, organisation, phone number).

ℹ What We Do Not Collect (by Design)
Protocol Pilot is not designed to collect, store, or process patient-identifiable information directly. Queries are made by healthcare practitioners only and are intended to be protocol-related and policy-directed. Any inadvertent inclusion of patient identifiers in a query is addressed under our PHI handling procedures described in Section 6.

5. How We Use Your Information

Your healthcare provider and EGS Health Inc may use the information collected for the following purposes:

  • Platform Delivery: Provision, operation, and maintenance of Protocol Pilot and its AI agent capabilities.
  • AI Knowledge Base Management: Ingesting, indexing, and contextualising clinical protocols and guidelines uploaded by your institution.
  • Adherence & Quality Improvement: Generating adherence tracking reports, leadership dashboards, and protocol gap analyses at the institutional level.
  • Compliance Audit Trail: Maintaining interaction logs that document clinician due diligence in accessing protocols, supporting accreditation reviews and regulatory inquiries.
  • Security & Fraud Prevention: Monitoring for unauthorised access, platform abuse, and security incidents.
  • Customer Support: Responding to technical queries and support requests from institutional administrators and clinical users.
  • Product Improvement: Aggregated, de-identified analytics to improve AI model accuracy, platform performance, and feature development. No individually identifiable data is used for model training without explicit written consent.
  • Legal Obligations: Compliance with applicable law, court orders, or regulatory requirements.
  • Communications: Sending service updates, contract-related notices, and (with consent) marketing communications to institutional contacts.

6. HIPAA & Protected Health Information

🔒 HIPAA Compliance Commitment
EGS Health Inc. operates Protocol Pilot on a HIPAA-compliant infrastructure and enters into a signed Business Associate Agreement (BAA) with every Covered Entity prior to deployment. We implement the administrative, physical, and technical safeguards required under the HIPAA Security Rule (45 CFR Part 164).

6.1 Our Role as a Business Associate

Protocol Pilot is not a substitute for the physician’s judgment and is designed as a protocol and policy reference tool, not a clinical records system. The Platform does not intentionally receive, maintain, or transmit individually identifiable patient information. However, we acknowledge that:

  • Users may inadvertently include patient identifiers in their queries.
  • Integration with EHR systems (e.g., Epic, Cerner) may result in contextual patient data being surfaced within the Platform interface.

Where any such data constitutes Protected Health Information under HIPAA, EGS Health treats it as PHI subject to all applicable safeguards under the BAA in place with the relevant Covered Entity.

6.2 Minimum Necessary Standard

We apply the HIPAA minimum necessary standard: the Platform is engineered to request and process only the data required to respond to a clinical query or generate an adherence report. Unnecessary exposure to PHI is minimized by design.

6.3 Breach Notification

In the event of a breach of unsecured PHI, EGS Health will notify the relevant Covered Entity without unreasonable delay and within no more than 60 calendar days of discovery, in accordance with the HIPAA Breach Notification Rule (45 CFR §164.410). The Covered Entity remains responsible for notifying affected individuals and the Department of Health and Human Services as required.

6.4 No Sale or Marketing Use of PHI

EGS Health does not sell, rent, or use PHI for marketing, advertising, or any purpose beyond those specified in the applicable BAA and this Privacy Policy.

7. AI Processing & Your Data

7.1 How the AI Agent Uses Your Data

Protocol Pilot's conversational AI agent operates as follows:
  • Ingestion: Clinical protocol documents, policies, and guidelines uploaded by your institution are processed, structured, and indexed to form a private organizational knowledge base.
  • Query Processing: When a clinician submits a plain-language query, it is processed against the institutional knowledge base to generate a cited, contextualized response.
  • EHR Context (where enabled): If integrated with Epic via Alert Cards, the Platform may receive contextual patient information (such as active care pathway) to surface relevant protocols. This context is used solely to generate the immediate response and is not retained beyond the session unless required for audit logging

7.2 No Cross-Institutional Data Sharing

Each institutional deployment is logically isolated. Protocol documents, queries, and interaction logs from one hospital are never shared with, accessible to, or used to inform the AI responses of another institution.

7.3 AI Model Training

EGS Health will not use your institution's protocol documents, individual clinician queries, or any PHI to train, fine-tune, or improve the underlying AI models without your institution's explicit, documented consent. Aggregate, fully de-identified usage statistics (e.g., query category distributions) may be used internally to improve Platform performance.

7.4 Human Review & Oversight

Protocol Pilot is a decision-support tool. All AI-generated responses are sourced from and cited to your institution's own approved protocol documents. The Platform does not make autonomous clinical decisions. Final clinical judgement always rests with the licensed healthcare professional.

8. EHR & System Integrations

Protocol Pilot may integrate with the following systems as configured by your institution:
System Integration Type Data Exchanged
Epic Native Alert Cards / SMART on FHIR Active protocol triggers, order set recommendations; contextual patient pathway (read-only, session-scoped)
Cerner API Integration Protocol context surfacing; order set display
SharePoint Document repository connector Protocol & policy documents (read-only ingestion)
EDW / Data Warehouse Read-only query layer Adherence metrics; quality improvement data feeds
Custom Repositories Configurable connector Institutional documents in any format

All EHR integrations are configured and authorized by your institution's IT and compliance teams. EGS Health does not unilaterally initiate data access from any integrated system.

9. How We Share Information

We do not sell personal information. We may share information only in the following circumstances:

  • With Your Institution: Interaction logs, adherence reports, and analytics dashboards are shared with your institution's administrators as part of the contracted service. Your institution's privacy policies and data governance rules govern their use of this information.
  • Service Providers (Sub-processors): We engage third-party sub-processors to operate the Platform (e.g., cloud infrastructure providers, security monitoring services). All sub-processors are bound by data processing agreements requiring HIPAA-equivalent or stronger data protection. A current list of sub-processors is available upon request at .
  • Legal Requirements: We may disclose information where required by law, regulation, court order, or at the request of a government authority with lawful jurisdiction. Where permitted, we will provide advance notice to the relevant institutional customer.
  • Business Transfers: In the event of a merger, acquisition, or sale of substantially all assets, personal information and PHI may be transferred subject to the same protections as described in this Policy and any applicable BAA. Affected institutions will be notified in advance.
  • Aggregate Analytics: De-identified, aggregated statistics (e.g., industry-wide protocol query trends) may be published or shared publicly. No individual, patient, or institution is identifiable in such outputs.

10. Data Retention

We retain data for the minimum period necessary to fulfil the purposes described in this Policy and to comply with legal and contractual obligations:
Data Category Default Retention Period
Active user account data Duration of the institutional contract + [90] days post-termination
Query & interaction logs [7 years] or as specified in the BAA / applicable law
Protocol documents Duration of institutional contract; deleted upon written request post-termination
Adherence & analytics reports [7 years] from report generation date
Website visitor analytics [13 months] from collection
Marketing contact data Until withdrawn consent or unsubscription

Upon termination of an institutional contract, EGS Health will securely delete or return all institutional data within [30] days of written request, unless retention is required by law.

11. Security Safeguards

EGS Health Inc implements a comprehensive security program proportionate to the sensitivity of healthcare data. Key measures include:

  • Encryption:All data is encrypted in transit (TLS 1.2+) and at rest (AES-256 or equivalent).
  • Access Controls: Role-based access control (RBAC) ensures each user sees only data relevant to their role and department, as configured by the institutional administrator.
  • Audit Logging: All access to clinical data, query submissions, and administrative actions are logged in tamper-evident audit trails.
  • Infrastructure: The Platform is hosted on HIPAA-eligible cloud infrastructure with SOC 2 Type II certified data centers located in the [United States].
  • Vulnerability Management: Regular penetration testing, vulnerability scanning, and security patch management.
  • Incident Response: A documented incident response plan with defined escalation procedures and breach notification timelines.
  • Employee Training: All EGS Health personnel with access to PHI receive HIPAA and security awareness training on appointments and annually thereafter.

No security measure is infallible. If you discover a potential security vulnerability, please report it responsibly to .

12. Your Rights & Choices

12.1 Rights of Individual Platform Users (Clinicians & Staff)

Because Protocol Pilot is deployed by your employer or healthcare professional under a contract with EGS Health, many privacy rights (such as access, correction, or deletion of your account data) are administered by your institution's data governance team. Please contact your institution's Privacy Officer or IT department in the first instance. Your healthcare provider has contracted with EGS Health for the use of Protocol Pilot and therefore EGS Health has no direct interaction with patients and users of Protocol Pilot. Any claim relating to the use of the Protocol Pilot must be directed to the healthcare provider.

Where EGS Health directly controls personal data (e.g., a direct contact relationship with an institutional administrator), you may request: .

  • Access: A copy of the personal data we hold about you.
  • Correction: Correction of inaccurate or incomplete data..
  • Deletion: Erasure of personal data, subject to legal retention requirements..
  • Portability: Receipt of your data in a structured, machine-readable format..
  • Objection / Restriction: Objecting to or restricting certain processing activities..

12.2 HIPAA Individual Rights

Rights to access, amend, or request an accounting of disclosures of PHI are rights that belong to the patient and are administered by the Covered Entity (your employer's organization). EGS Health will cooperate with Covered Entities in fulfilling such requests within the timelines specified in the applicable BAA.

12.3 Marketing Communications

Institutional contacts who have opted into marketing communications may unsubscribe at any time by clicking the "Unsubscribe" link in any email or by contacting .

12.4 Exercising Your Rights

To submit a privacy request directly to EGS Health, contact us at . We will respond within 30 days. We may request verification of your identity before fulfilling any request.

13. Cookies & Tracking Technologies

Our public website (www.protocolpilot.ai) may use the following types of cookies and similar technologies:

  • Strictly Necessary Cookies: Required for the website to function (e.g., session management). These cannot be disabled.
  • Analytics Cookies: Used to understand visitor behavior in aggregate (e.g., Google Analytics or equivalent). These are deployed only with your consent where required by applicable law.
  • Marketing Cookies: Used to measure the effectiveness of our marketing campaigns. Deployed only with your consent.

The Platform application itself (deployed within your institution's environment) does not use third-party advertising or tracking cookies. Session-management cookies within the application are strictly necessary and governed by the institutional contract.

You may manage your cookie preferences through our [Cookie Preference Centre — to be implemented] or through your browser settings.

14. Children's Privacy

Protocol Pilot is an enterprise platform intended solely for use by licensed healthcare professionals and authorized institutional staff. It is not directed at, and we do not knowingly collect personal information from, individuals under the age of 18. If you believe we have inadvertently collected such information, please contact us immediately at .

15. International Data Transfers

Protocol Pilot is operated from and primarily processes data within the United States. If your institution is located outside the United States, or if you access the Platform from another jurisdiction, your data may be transferred to and processed in the US, which may have data protection laws different from those of your home country.

For institutional customers subject to the European General Data Protection Regulation (GDPR) or equivalent legislation, EGS Health will ensure appropriate safeguards are in place for any international data transfer, including execution of Standard Contractual Clauses (SCCs) or equivalent mechanisms as required. [Legal team to confirm applicability and cross-border transfer mechanisms.]

16. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Platform, or applicable law. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this page.
  • Notify institutional administrators via email and/or an in-Platform notice at least 30 days before material changes take effect.
  • Where required by law, seek renewed consent.

Your institution's continued use of the Platform after the effective date of any updated Policy constitutes acceptance of the changes. We encourage institutional Privacy Officers to review this page periodically.

17. Contact & Complaints

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy & Data Protection Enquiries
Security Vulnerability Reporting
General Contact +1 262-347-4911
Mailing Address EGS Health Inc., N27 W23960 Paul Road, Suite 101, Pewaukee, Wisconsin 53072.

If you are an EU/EEA data subject and believe we have not addressed your concern satisfactorily, you have the right to lodge a complaint with your local supervisory authority. [Legal team to insert relevant authority and contact details if applicable.]