Notice of Privacy Practices
DRG AI Inc. (DBA Prente)
Last Updated: May 20, 2025
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
1. Our Role and Commitment
DRG AI Inc. (DBA Prente) ("Prente," "we," or "us") provides specialized artificial intelligence services to hospitals and healthcare institutions in the United States. Our primary service is the generation of medical invoices using Diagnosis-Related Group (DRG) codes based on patient chart data.
In this capacity, we act as a Business Associate to your healthcare provider. We are legally bound by the Health Insurance Portability and Accountability Act (HIPAA) and specific Business Associate Agreements (BAAs) to protect your Protected Health Information (PHI).
2. How We Use and Disclose Your Health Information
We only process PHI as directed by our healthcare institution clients. Common uses include:
Healthcare Operations (Coding & Billing)
We use patient chart data to identify appropriate DRG codes and generate invoices for insurance reimbursement.
Third-Party Processing
We utilize secure, HIPAA-compliant third-party infrastructure (such as Google Cloud Vertex AI) to process data. These partners are also bound by BAAs to ensure your data remains protected.
De-identification
We pseudonymize and de-identify data to the greatest extent possible before processing. Fully de-identified data (which no longer identifies you) may be used for research and to improve our AI models.
Law Enforcement & Legal Requirements
We may disclose PHI if required by federal, state, or local law, or in response to a valid legal order.
3. Strict Data Retention & Minimal Use
Prente follows a strict "just-in-time" data policy:
Immediate Deletion
PHI is used solely for the immediate purpose of generating an invoice.
No Long-Term Storage
Once the invoice is produced and submitted to the relevant insurance company, all patient-identifiable data is immediately discarded from our systems.
4. Your Rights Regarding Your PHI
Under HIPAA, you have specific rights regarding your health information. Because Prente is a service provider, you should generally contact your Hospital or Treating Physician (the "Covered Entity") to exercise these rights, but we support the following:
Right to Confidential Communications
You can request that we communicate with you in a specific way.
Right to Breach Notification
You have the right to be notified in the event of a data breach involving your unsecured PHI.
Right to a Copy of this Notice
You may request a digital or paper copy of this notice at any time.
5. How to Contact Us or File a Complaint
If you have questions about this notice or believe your privacy rights have been violated, you may contact our Privacy Officer. You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights. We will not retaliate against you for filing a complaint.