Terms and Conditions

By accessing or using the Clara Health platform ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you are accepting these Terms on behalf of a company, organization, or other legal entity, you represent and warrant that you have the authority to bind that entity to these Terms.

If you do not agree to these Terms, you may not access or use the Service. Clara Health may update these Terms from time to time. Continued use of the Service after changes take effect constitutes acceptance of the revised Terms.

Clara Health provides a cloud-based patient recovery monitoring platform for aesthetic and dermatological practices. The Service includes automated patient communication via SMS, recovery dashboards, photo documentation, check-in questionnaires, and analytics reporting.

The Service is intended for licensed healthcare providers and their authorized staff. Clara Health does not provide medical advice, diagnosis, or treatment. All clinical decisions remain the sole responsibility of the treating provider.

You must register for an account to use the Service. You agree to provide accurate, current, and complete information during registration and to keep it up to date. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.

You agree to notify Clara Health immediately of any unauthorized use of your account or any other security breach. Clara Health is not liable for loss or damage arising from your failure to comply with this section.

You agree not to use the Service for unlawful purposes, upload or distribute harmful content, attempt to gain unauthorized access to systems connected to the Service, or interfere with the integrity or performance of the Service.

You are solely responsible for ensuring that your use of the Service complies with all applicable federal, state, and local laws, including HIPAA, state privacy laws, and regulations governing the practice of medicine.

Access to the Service requires a paid subscription. Fees are billed in advance on a monthly or annual basis depending on your selected plan. All fees are non-refundable except as expressly set forth in these Terms or as required by law.

Clara Health may change subscription fees on 30 days prior written notice. If you do not agree to a fee change, you may cancel before the change takes effect.

The Service and all related technology, content, and materials are owned by Clara Health and protected by copyright, trademark, and other intellectual property laws. You are granted a limited, non-exclusive, non-transferable license to access and use the Service for your internal business purposes during the term of your subscription.

You retain all rights to your data, including patient information. By using the Service, you grant Clara Health a limited license to process your data solely for the purpose of providing and improving the Service.

This Business Associate Agreement ("BAA") is entered into by and between Clara Health ("Business Associate") and your practice ("Covered Entity"), effective as of the date you accept these terms.

Business Associate provides software services that may require the use and disclosure of Protected Health Information (PHI) on behalf of Covered Entity. Both parties are committed to complying with HIPAA, HITECH, and their implementing regulations.

Business Associate agrees not to use or disclose PHI other than as permitted or required by this Agreement or by law. Business Associate will use appropriate safeguards, and comply with Subpart C of 45 CFR Part 164 with respect to electronic PHI, to prevent unauthorized use or disclosure.

We implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of the electronic PHI we create, receive, maintain, or transmit on your behalf.

All PHI transmitted through Clara Health is encrypted in transit using TLS 1.2 or higher. All PHI stored within our databases is encrypted at rest using AES-256 encryption.

Access to PHI is controlled through role-based access controls and requires multi-factor authentication for administrative access. We maintain audit logs of access to and modification of PHI.

Business Associate may use or disclose PHI to perform functions, activities, or services for, or on behalf of, Covered Entity as specified in the Terms of Service, provided that such use or disclosure would not violate HIPAA if performed by Covered Entity.

Business Associate may use PHI for proper management and administration or to carry out legal responsibilities. Business Associate may de-identify PHI under 45 CFR 164.514(a)-(c) and use that de-identified data for product improvement and analytics.

Business Associate will report to Covered Entity any use or disclosure of PHI not provided for by this Agreement, including breaches of unsecured PHI as required by 45 CFR 164.410, and any security incident of which it becomes aware.

Notification will be made without unreasonable delay and no later than 15 calendar days after discovery of a breach, including identification of each affected individual whose unsecured PHI has been, or is reasonably believed to have been, accessed, acquired, used, or disclosed.

Upon termination of this Agreement, Business Associate shall return to Covered Entity or, if agreed by Covered Entity, destroy all PHI received from Covered Entity or created, maintained, or received by Business Associate on behalf of Covered Entity that Business Associate still maintains in any form.

If return or destruction is not feasible, Business Associate shall extend the protections of this Agreement to such PHI and limit further uses and disclosures to those purposes that make the return or destruction infeasible.

Covered Entity shall notify Business Associate of any limitations in its notice of privacy practices in accordance with 45 CFR 164.520 to the extent those limitations may affect Business Associate use or disclosure of PHI.

Covered Entity shall not request Business Associate to use or disclose PHI in any manner that would not be permissible under Subpart E of 45 CFR Part 164 if done by Covered Entity.

To the maximum extent permitted by law, Clara Health will not be liable for indirect, punitive, incidental, special, consequential, or exemplary damages, including damages for loss of profits, goodwill, use, data, or other intangible losses arising out of or relating to the use of, or inability to use, the Service.