Privacy Policy

EZ Medica, LLC  ·  Last updated: May 12, 2026

Note: This Privacy Policy is currently being reviewed and finalized by legal counsel. A complete version will be in place prior to the launch of SMS notification services. For questions in the meantime, contact support@ezcolonprep.com.

1. Who We Are

EZ Medica, LLC (“EZ Medica,” “we,” “us,” or “our”) operates EZColonPrep, a web-based platform that provides personalized colonoscopy preparation guidance to patients on behalf of their healthcare providers. We are a Business Associate under the Health Insurance Portability and Accountability Act (HIPAA) and are committed to protecting the privacy and security of patient health information.

EZColonPrep is provided as a service to medical practices. Patients interact with the platform because their physician’s practice uses EZColonPrep as a patient education tool. We are not a Covered Entity under HIPAA; we act as a Business Associate of the medical practices we serve.

2. Information We Collect

EZColonPrep collects information in two contexts: standard app usage (no account required) and optional notification sign-up (when you choose to receive reminders).

Standard App Usage

When you use EZColonPrep to browse your prep guide, we store your selections (doctor, language, procedure details, medication flags) in your browser’s local storage only. This information never leaves your device unless you sign up for reminders. We also collect anonymized product analytics (pages viewed, videos watched) through PostHog to improve the product.

Notification Sign-Up (Optional)

If you choose to receive prep reminders by text or email, we collect and store the following information:

  • Phone number (for SMS reminders)
  • Email address (for email reminders)
  • Procedure date and approximate procedure time
  • Arrival time
  • Which doctor you selected
  • Whether you take blood thinners (yes/no only)
  • Your bowel prep type and dose schedule

We do not collect your name, diagnosis, full medication list, or any other clinical detail beyond what is listed above. We do not integrate with your electronic health record (EHR).

The combination of phone number, procedure date, and doctor identifier constitutes Protected Health Information (PHI) under HIPAA. This data is stored in a HIPAA-compliant database under a Business Associate Agreement.

3. How We Use Your Information

We use the information we collect solely to:

  • Send you timed text and/or email reminders before your procedure
  • Personalize the reminder content based on your prep type and medications
  • Log your consent to receive communications and any subsequent opt-out requests
  • Improve the EZColonPrep platform through anonymized analytics

We do not sell, rent, or share your personal information with third parties for marketing purposes. We do not use your health information for advertising.

4. HIPAA Compliance

EZ Medica, LLC is a Business Associate under HIPAA. We comply with the HIPAA Security Rule (45 CFR §§ 164.302–.318) for all Protected Health Information we store.

Our HIPAA compliance program includes:

  • Written HIPAA Risk Analysis
  • Business Associate Agreements with all applicable vendors
  • Business Associate Agreements with each medical practice we serve
  • Encryption of data at rest (AES-256) and in transit (TLS)
  • Workforce privacy and security training
  • Incident response and breach notification procedures
  • Documentation retained for a minimum of 6 years

5. SMS Notification Privacy

When you opt into SMS reminders, your phone number and procedure information are stored in a HIPAA-compliant database operated by EZ Medica under a Business Associate Agreement. Our SMS messages are designed to contain no health-identifying information — they contain only a generic prompt and a unique link. The link uses a short, opaque code that reveals no health context to the message carrier.

You may opt out of SMS messages at any time by replying STOP to any message. We will process your opt-out within 24 hours and send a confirmation. We will not send further messages after you opt out.

The last scheduled message (sent on the morning of your procedure) terminates the reminder sequence automatically, regardless of any other action.

Your reminder links expire a few days after your procedure date as an additional security measure.

6. Sharing Your Information

We share your information only as necessary to operate the platform:

  • Database provider (Neon): Stores notification PHI under a Business Associate Agreement.
  • SMS provider: Receives only your phone number and a generic message (no PHI) to deliver text messages. No BAA is required with the SMS provider because our message design contains no health-identifying information.
  • Video hosting (Mux): Delivers prep videos. Receives anonymized playback analytics only.
  • Analytics (PostHog): Receives anonymized product usage data. No PHI is shared with PostHog.

We do not share your information with your physician’s practice beyond confirming that you have enrolled in reminders. We do not share with insurance companies, other healthcare providers, or any third parties not listed above.

7. Data Retention

Notification data (including consent records and opt-out logs) is retained for a minimum of 6 years from the date of collection, as required by HIPAA. Anonymized analytics data may be retained indefinitely. Browser-local data (your app preferences stored in localStorage) remains on your device until you clear your browser data.

8. Your Rights

You have the right to:

  • Opt out of SMS messages at any time by replying STOP
  • Request deletion of your notification data by contacting us
  • Request access to the personal information we hold about you
  • Decline reminders entirely — you still receive full access to the prep guide and videos

Your consent to receive text messages is never a condition of receiving medical care or accessing any feature of the app.

To exercise any of these rights, contact us at support@ezcolonprep.com.

9. Breach Notification

In the event of a data breach affecting your PHI, EZ Medica will notify affected individuals and, where required, relevant regulatory bodies in accordance with HIPAA’s Breach Notification Rule (45 CFR §§ 164.400–.414) and applicable state law. Notification will be provided as promptly as possible given the requirements of the most stringent applicable deadline.

10. Contact Us

For privacy-related questions, data requests, or to report a concern:

EZ Medica, LLC
Email: support@ezcolonprep.com

11. Updates to This Policy

We will update this Privacy Policy as our practices evolve and as required by law. Material changes will be reflected in the “Last updated” date at the top of this page. We encourage you to review this policy before signing up for reminders. Your continued use of the notification service after any update constitutes acceptance of the revised policy.

Terms of UseHelp & SupportContact Us

This tool is for educational purposes only and does not replace the instructions given to you by your doctor. Always follow the guidance provided by your physician and practice directly.