FFolio
Your data

Privacy Notice

Effective July 15, 2026 · Early-access and sandbox version

Our core promise: Folio uses health information to provide the service you request. We do not sell health information, use it for targeted advertising, or use it to train general-purpose AI models.

1. Scope and operator

This Notice explains how Folio, currently operated by Michael Dulin (“Folio,” “we,” or “us”), handles information through foliohealth.app, the Folio early-access service, and patient-authorized health-record connections. The public demonstration uses fictional data and does not connect to healthcare systems.

2. Information we collect

3. How we obtain information

We receive information from you, from healthcare organizations you explicitly authorize through SMART on FHIR, and from service providers that support authentication, hosting, security, and features you request. Folio does not ask for or store your health-system portal password.

4. How we use information

5. AI processing

When you request an AI-assisted feature, Folio sends only the information needed for that task to the configured AI service under commercial data-processing terms. We do not permit that information to be used to train general-purpose models. AI-generated material is labeled and remains subject to your review before it is accepted, exported, or shared.

6. When information is disclosed

We do not sell health information, share it with data brokers, or use it for targeted advertising. We do not disclose it for independent research without separate, explicit consent.

7. Storage and security

Early-access data is stored in the United States. We use access controls, encrypted transport, managed cloud infrastructure, least-privilege rules, and provenance records designed to protect data and preserve its source. No online service can guarantee absolute security.

8. Retention and deletion

We retain active account and health information while your account is open and as needed to provide the service. When you request account deletion, we delete active Folio account and health data, subject to short-lived technical backups, security records, and any limited retention required by law. Backup copies are isolated from normal use and age out under provider retention schedules.

9. Your choices

Folio maintains technical security logs, but the early-access version does not yet provide users a complete viewer-access log or per-access notifications. We will update this Notice before representing that feature as available.

10. Children

The early-access service is not intended for children under 13. We do not knowingly collect a child’s information through the pilot without an appropriate parent, guardian, or legally authorized representative and an approved workflow.

11. Changes and contact

We may update this Notice as the service develops. We will post a new effective date and provide additional notice when required. Questions or requests concerning access, export, correction, or deletion may be sent to mdulin@mikedulinmd.com.