emTRUTH PRIVACY POLICY & ACCOUNT DISCLOSURE

PART B: COMPREHENSIVE LEGAL PRIVACY POLICY FRAMEWORK

1. Regulatory Alignment and Jurisdictional Scope

This Comprehensive Privacy Policy governs the operational and structural logic of the emTRUTH software platform. emTRUTH currently provides the Service to users located in the United States. The architecture maintains continuous compliance with the statutory frameworks applicable to that service governing Protected Health Information (PHI) and digital data privacy, including the 21st Century Cures Act (Information Blocking Mandates), the CCPA/CPRA, and standard HIPAA rules where emTRUTH acts as a Business Associate to covered healthcare entities. As emTRUTH expands to serve users in other jurisdictions, it will implement and adhere to the additional data-protection frameworks applicable to those users—including the EU/UK GDPR (including Article 9 protections for health data)—and will issue country-specific, localized, and translated policy versions at the time of each international launch.

For consumer-directed workflows where patients explicitly authorize and pull their own medical health data into the platform—including data sourced from Medicare—emTRUTH operates as a non-custodial software provider governed under the regulatory jurisdiction of the Federal Trade Commission (FTC) and the FTC Health Breach Notification Rule, rather than HIPAA’s commercial business-associate frameworks.

2. Federal Framework Schedule & Regulatory Pre-Approval Commitments

For users who explicitly connect their accounts to retrieve data from Medicare via the Centers for Medicare & Medicaid Services (CMS) API framework, emTRUTH strictly enforces the additional mandates of the CMS Privacy Policy Checklist:

• Mandatory Pre-Approval Step: Before rolling out or implementing any material or operational changes to this Privacy Policy or the accompanying Terms of Service on our public website or platform, emTRUTH must electronically email the full text of the proposed changes, along with a draft copy of the intended user change notification, directly to the CMS Blue Button API team (BlueButtonAPI@cms.hhs.gov).

• No-Rollout Restriction: emTRUTH is legally and operationally restricted from deploying any policy modifications, rolling out software updates that alter these terms, or notifying enrollees until formal written approval is granted by CMS.

  
  

3. Information Collection, Active Opt-In Mandates, and Ingestion Parameters

emTRUTH processes data exclusively to deliver non-custodial, multiple layered data security that includes advanced blockchain-based encryption and sovereign data administration tools directly to users. 

Information acquisition follows these boundaries:

• Strict Active Opt-In Protocol: The platform enforces a mandatory clickwrap acceptance model. No automatic agreement, pre-checked boxes, or passive consent by browsing are permitted. Users must actively click an explicit checkbox to affirm agreement to this Privacy Policy and the Terms of Service before an account can be provisioned or any data pipeline can be initiated.

• Data Selection Naming: When users elect to connect external data providers within the user interface picker, the platform displays the standardized data source title "Medicare" for federal account linking, ensuring absolute clarity for enrollees.

• Data Categories: Collection is limited to basic account profile criteria (user name, authenticated email address, configuration parameters) and the historical PHI, diagnostic logs, imaging files, or data arrays that the user actively commands the platform to fetch via secure standard interfaces like FHIR.

  
  

4. Absolute Non-Monetization Mandate & Zero Data Selling Policy

The core business model of emTRUTH is rooted entirely in transaction layer provisioning and infrastructure software utilities. Commercial exploitation of digital identities is structurally forbidden across all user tiers.

• Prohibition of Sale and Exploitation: emTRUTH does not sell, rent, lease, trade, barter, or distribute personal identity info, behavioral logs, or PHI to any third-party broker, health insurer, pharmaceutical network, or marketing aggregator. We do not conduct automated processing to anonymize, pseudonymize, or aggregate user records for commercial market evaluation or advertising alignment.

  
  

5. Architecture, Decentralization, and Infrastructure Controls

• Cryptographic Ledger Anchoring: Every transaction, data permission grant, identity authorization query, or explicit consent revocation is written in real time to an immutable, cryptographically secure blockchain ledger. This mechanism produces a permanent, unalterable, and chronologically sealed audit log that completely prevents unauthorized administrative manipulation or historical retrofitting.

• Zero-Knowledge Pipelines & Exclusive AWS GovCloud Deployment: All patient data payloads are encrypted at rest, in transit, and in use. emTRUTH functions strictly as a zero-knowledge communication pipe. For our current U.S. service, all execution logic, cryptographic orchestrations, and API routing pipelines are hosted within monitored AWS GovCloud (US) secure isolation zones, completely blocking bare-metal infrastructure personnel and root administrators from inspecting data executing within memory registers. For users in other countries, equivalent processing occurs within a comparably secure, monitored region selected to meet that country’s applicable legal requirements.

• Geographic Scope and Data Residency: emTRUTH currently provides the Service to users located in the United States, and user data is stored within AWS GovCloud (US). As emTRUTH expands to additional countries, each user’s country of origin is collected at registration (patient.emtruth.com) and used to store and process that user’s data within a region that meets the legal and regulatory requirements applicable to that country. 

  
  

6.  Account Termination, Closed Status, Dormant status and Right to Be Forgotten Lifecycle

Users and institutions may terminate their account relationship at any strictly chosen interval. Upon receiving an account closure or Right to Be Forgotten instruction, emTRUTH purges your data from temporary caches and deletes your name and contact details from standard systems. Data secured in blockchains, including Protected Health Information (PHI) and historical data-routing logs, are made permanently inaccessible by randomizing blockchain keys. This means no historical file can ever be re-linked or viewed by anyone.

• As a courtesy, emTRUTH retains user data for seven (7) years following the user's most recent login, with the retention period resetting each time the user logs in. To keep an account secure, we encourage users to log in at least once a month. If two (2) years pass without a login, the account will be set to dormant, and the user must contact emTRUTH to reactivate it to complete a verified login sequence. If a further 5 years pass, totaling seven (7) years without a login, the account will be closed following the same procedure as a user-requested account closure.

• Account status variations do not impair or diminish data ownership. Except for the seven (7) year retention limit described above, emTRUTH does not terminate user accounts or destroy access mappings solely on the basis of passive account dormancy. As a security measure, if an account experiences an extended period of inactivity exceeding twenty-four (24) consecutive months, emTRUTH may pause active API processing nodes and transaction routing lines associated with that specific account to preserve cloud processing efficiency within our secure AWS GovCloud instances. Users retain an absolute, perpetual right to reactivate their dormant profiles at any time so long as no greater than 7 years has passed from their last log in. Account reactivation requires no penalty fees or data restoration protocols; the user simply needs to complete a standard verified login sequence to unpause active database pipelines and restore immediate data-sync capabilities. 

• However, once 7 years have passed without a log in, the account will not be recoverable. 

  
  

The user can create a new account and repopulate their account with their medical data stored on other platforms. 

7. Incident Management, 72-Hour Breach Notices, and User-Protective Actions

emTRUTH operates under rigorous incident handling rules to protect user environments against unauthorized security events:

• 72-Hour Direct Notification & FTC Alignment: In the event that emTRUTH discovers, identifies, or verifies an anomaly or security exploit that compromises data routing pipeline integrity, emTRUTH will directly notify all affected individuals and institutional partners via secure electronic communications within seventy-two (72) hours of official event verification, adhering to the notification specifics of the FTC Health Breach Notification Rule.

• Mandatory User-Protective Action Advice: All breach notifications delivered by emTRUTH to enrollees will be written in clear plain language and will explicitly include a dedicated section detailing concrete, actionable steps that users can take to protect their personal digital environments. This includes detailed instructions on how to instantly audit and update application permission settings, how to sever connections to data sources like Medicare, and references to federal cybersecurity resources and credential protection protocols.

• SOC2 Escalation and Board Mobilization: Any material security incident automatically activates an internal escalation protocol. Executive leadership will immediately notify the emTRUTH Board of Directors and convene an extraordinary ad hoc board session to oversee incident containment, validate security patches, and directly coordinate investigation activities with federal and state regulatory entities, including the Federal Trade Commission (FTC), the Department of Health and Human Services (HHS), local  and regional law enforcement agencies, regional high-tech task forces, and Federal agencies like the Federal Bureau of Investigation (FBI). 

  
  

8. Material Changes, User-Facing Notifications, and Opt-Out Choices

• User Change Notifications: If emTRUTH intends to update or materially alter any portion of this Privacy Policy, we will provide users with clear, prominent advance notification via email and directly within the platform user interface before any changes take effect.

• Transparency of Modifications: These change notices will state plainly what modifications are being introduced, how they impact data handling, and will provide users with an immediate, straightforward option to adjust their configuration settings, reject the new parameters, or opt out entirely by closing their account and executing the cryptographic deletion sequence before the changes go into effect.

  
  

9. Corporate Transitions and Absolute Continuity Guarantees

The Corporate Continuity Pledge: In the event that emTRUTH, Inc. executes or undergoes a structural corporate transition—including an enterprise merger, equity acquisition, change of corporate management, company reorganization, asset sale, or formal insolvency proceedings—your absolute ownership of your medical data and your exclusive control over its underlying access keys remain completely unaffected, unaltered, and structurally intact. No incoming successor team or acquiring corporate entity holds the authority to amend or dilute user data sovereignty rights.