How Enrollix Health, Inc. collects, uses, protects, and respects your personal health information.
Enrollix Health, Inc. ("Enrollix Health," "we," "us," or "our") is a Delaware corporation (EIN: 41-4965725) headquartered at 116 NW Harris Lake Dr, Lake City, FL 32055. We operate the MediEnroll AI platform, an artificial intelligence-powered Medicaid enrollment platform designed to help individuals determine eligibility for Medicaid and other government benefit programs and assist them in completing and submitting applications.
This Privacy Policy applies to all information collected through our website at enrollixhealth.com, our MediEnroll AI platform, our Navigator Portal, and any other services we offer (collectively, the "Services").
By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree, please discontinue use of our Services.
We collect several types of information to provide and improve our Services:
| Category | Examples | Purpose |
|---|---|---|
| Identity Information | Name, date of birth, gender, race/ethnicity, citizenship status | Medicaid eligibility determination and application |
| Contact Information | Address, phone number, email address | Application processing and follow-up communications |
| Federal ID / SSN | 9-digit Federal Identification Code (stored encrypted, never in plaintext) | Required for Medicaid application identity verification |
| Financial Information | Monthly income, income sources, assets, household size | Medicaid eligibility screening and Federal Poverty Level calculation |
| Insurance Information | Current coverage, Medicare status, prior Medicaid history | Eligibility determination |
| Medical/Health Information | Disability status, pregnancy status, medical record numbers provided by referring facilities | Program eligibility and application |
| Facility Information | Referring facility name, MRN, encounter number, account number | Coordination with referring health system or facility |
| Usage Data | IP address, browser type, pages visited, time on site | Platform improvement and security monitoring |
| Communications | Notes, messages, SMS opt-in/opt-out records | Application management and TCPA compliance |
We use the information we collect for the following purposes:
We will never use your information for commercial advertising, sell it to data brokers, or share it with third parties for their own marketing purposes.
Enrollix Health operates as a Business Associate under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) when providing services to covered entities such as hospitals, health systems, skilled nursing facilities, and clinics. In this capacity, we are required to:
When you interact with MediEnroll AI directly as a patient or community participant (not referred by a covered entity), we still apply HIPAA-equivalent privacy and security standards to all information you provide.
⚠️ Your Federal ID Code (Social Security Number) is encrypted using AES-256 encryption immediately upon entry and is never stored in plaintext anywhere in our systems. Every access to this field is logged to an immutable audit trail.
We do not sell your personal information. We share your information only in the following limited circumstances:
| Recipient | What We Share | Why |
|---|---|---|
| State Medicaid Agencies | Full application data as required | To submit your Medicaid application |
| Referring Health System / Facility | Enrollment status, application outcome | Coordination of care and reporting under BAA |
| Anthropic (AI Provider) | De-identified screening data processed by AI | Eligibility determination via Claude API (under BAA) |
| Supabase (Database) | Encrypted patient records | Secure data storage (under BAA) |
| Twilio (Communications) | Phone number, message content | SMS and voice communications (under BAA) |
| Law Enforcement / Legal | As required by law | Legal compliance, court orders, or to protect rights |
All third-party service providers who handle personal or health information on our behalf are required to sign Business Associate Agreements (BAAs) and maintain HIPAA-equivalent security standards.
We implement industry-leading security measures to protect your information:
While we implement these safeguards, no method of transmission over the internet or electronic storage is 100% secure. If you believe your information has been compromised, please contact us immediately at bryan@enrollixhealth.com.
Enrollix Health complies fully with the Telephone Consumer Protection Act (TCPA), CAN-SPAM Act, and applicable state communications laws.
SMS / Text Messages: We will only send you text messages if you have provided express written consent. You may opt out at any time by replying STOP to any text message. After opting out, we will send one confirmation message and no further texts.
Phone Calls: Automated or pre-recorded calls require prior express consent. You may request to be placed on our do-not-call list at any time by contacting us at bryan@enrollixhealth.com or (386) 965-6474. We do not place calls before 8:00 AM or after 9:00 PM in the recipient's local time zone.
Email: You may unsubscribe from non-transactional emails at any time. Transactional emails related to your active application (status updates, document requests) will continue until your application is resolved.
All opt-out requests are honored immediately and recorded in our system. We maintain records of all consent and opt-out events as required by law.
You have the following rights regarding your personal information:
To exercise any of these rights, contact us at bryan@enrollixhealth.com or (386) 965-6474. We will respond to all requests within 30 days.
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA). Please contact us for more information.
We retain your personal information for as long as necessary to fulfill the purposes described in this policy, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods:
When data is no longer required, it is securely deleted or anonymized in accordance with industry best practices.
Our Services are not directed to children under the age of 13, and we do not knowingly collect personal information from children under 13 without verifiable parental consent. We may collect information about minor household members as part of a Medicaid eligibility screening when a parent or guardian initiates the application on their behalf.
If you believe we have inadvertently collected information from a child under 13 without appropriate consent, please contact us immediately at bryan@enrollixhealth.com and we will take steps to delete such information.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will update the "Last Updated" date at the top of this page.
For material changes, we will provide notice through our platform or by email to registered users. Your continued use of our Services after such notice constitutes your acceptance of the updated policy.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Bryan Thomas — Founder & CEO
📍 116 NW Harris Lake Dr, Lake City, FL 32055
For HIPAA-related complaints, you also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at hhs.gov/ocr. We will not retaliate against you for filing a complaint.