WalshDoc is designed to protect your privacy by separating your identity from your health data wherever possible. This policy explains what we collect, how we use it, and the choices you have.
WalshDoc (“we,” “our,” “us”) is a patient‑education and assessment platform based on the Walsh Approach. We minimize collection of personally identifiable information (“PII”) and keep identity separate from clinical entries wherever feasible. You can use a Patient ID instead of your name for most features.
2. What We Collect (by Tier)
Tier 1 — Short Questionnaire
Anonymous symptom responses (no name required).
Optional contact info if you request follow‑up.
Tier 2 — Weighted Questionnaire
Detailed symptom responses with weighted scoring.
Optional contact info; recommended use of Patient ID.
Optional file uploads, comments, and Patient ID linkage.
Tier 4 — Physician Review
Consent‑based sharing of questionnaires, labs, and report with a physician.
Optional identity details you choose to provide for clinical care.
3. How We Use Data
Generate your assessment summaries and biotype confidence indicators.
Display dashboards and track your progress across tiers.
Provide physician review (Tier 4) only if you consent.
Improve our questionnaires and educational content (de‑identified analytics).
4. Storage & Separation of Identity
Separation by design: Your contact/payment details are stored separately from questionnaire and lab entries. Identifiers are pseudonymous (e.g., Patient ID).
No single export: Our systems are structured so that your name and full health data are not kept in one place and are not “one‑click” exportable to third parties.
Access controls: Limited personnel access for support and clinical operations, logged and audited.
5. Consent for Physician Review
By default, your data is private to you. If you choose the Tier 4 review (or earlier), you may grant consent for a physician (e.g., Dr. Epstein) to view your questionnaire, labs, and assessment report and, if requested, to contact you. You can revoke consent at any time; revocation does not affect prior processing already completed for your case.
6. Payments & KYC
Lab orders and consultations are processed on Second Opinion Physician (SOP). SOP may collect payment details and information required for order fulfillment.
WalshDoc does not require KYC or address for questionnaires or self‑entered labs. However, SOP checkout may correlate your payment to an order. Consent is requested at checkout for this correlation.
As we introduce a BSV wallet, payments may be completed anonymously while still enabling proof of purchase.
7. BSV & TAO Integrations
BSV: We may anchor cryptographic receipts of your reports on‑chain (tamper‑evident). Private health data remains off‑chain.
TAO AI: With your consent, de‑identified data may be analyzed to produce clearer summaries and confidence indicators. You may opt out at any time.
8. Data Retention
Questionnaires and lab summaries: retained while your account/Patient ID remains active or until you request deletion.
Physician correspondence and Tier 4 records: retained as required for clinical documentation and compliance.
Backups: maintained for disaster recovery with limited retention windows.
9. Your Choices & Rights
Use a Patient ID instead of your name for most platform features.
Request access, correction, or deletion of your entries (subject to legal/clinical recordkeeping requirements).
Revoke physician‑view consent at any time.
Opt out of de‑identified analytics and TAO processing.
10. Security
Encryption in transit; strong access controls; routine monitoring.
Vendor due diligence for processors involved in email, forms, storage, and payments.
11. Children’s Privacy
WalshDoc is designed for adults. If you believe a minor has submitted information, please contact us so we can address it promptly.
12. Changes to This Policy
We may update this policy to reflect product changes or legal requirements. When we do, we’ll revise the effective date above and, when appropriate, notify you through the site.
This page is informational and not a substitute for legal advice. If your operations expand internationally, we can adapt this policy for HIPAA/GDPR/CCPA and add a Data Processing Addendum.