Effective Date: May 1, 2026 · Version 1.0
By creating an account or using GetPreAuth ("the Service"), you agree to be bound by these Terms of Service. If you do not agree to these terms, do not use the Service.
GetPreAuth provides an AI-assisted prior authorization review tool designed to help healthcare providers determine whether clinical documentation may support a prior authorization request. The Service is intended for use by licensed healthcare professionals and their authorized staff.
The Service provides guidance based on publicly available payer guidelines and AI analysis. It does not guarantee that a payer will approve any prior authorization request. Coverage decisions are made solely by the insurance plan. Always verify requirements directly with the payer.
You agree to use the Service only for lawful purposes and in accordance with these Terms. You must not:
Access to the Service is granted by invitation or upon manual review and approval by GetPreAuth administrators. We reserve the right to deny or revoke access at our discretion.
THE SERVICE IS PROVIDED "AS IS" WITHOUT WARRANTIES OF ANY KIND. TO THE MAXIMUM EXTENT PERMITTED BY LAW, GETPREAUTH SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES ARISING FROM YOUR USE OF THE SERVICE.
We may update these Terms at any time. Continued use of the Service after changes constitutes acceptance of the updated Terms.
We collect information you provide when creating an account (name, email, organization) and information submitted during prior authorization reviews (clinical notes, documents). We also collect usage data such as login timestamps and review activity.
We use collected information to:
Clinical documents submitted through the Service may contain Protected Health Information (PHI) as defined by HIPAA. We handle PHI in accordance with our Business Associate Agreement (Section 3) and applicable law. We do not sell or share PHI with third parties for marketing purposes.
We implement industry-standard security measures including encryption in transit (TLS) and at rest, access controls, and audit logging. No system is 100% secure; please contact us immediately if you suspect unauthorized access.
We retain account information for the duration of your account and for a reasonable period thereafter as required by law. Clinical review data is retained in accordance with HIPAA minimum necessary standards.
You may request access to, correction of, or deletion of your account data by contacting us at gil@getpreauth.com.
This Business Associate Agreement ("BAA") is entered into between GetPreAuth ("Business Associate") and the covered entity or their authorized representative ("Covered Entity") using the Service. This BAA supplements and is incorporated into the Terms of Service.
Terms used but not defined in this BAA have the meanings assigned to them in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act, and their implementing regulations (45 CFR Parts 160 and 164).
GetPreAuth may use and disclose PHI only as necessary to provide the Service, as required by law, or as otherwise permitted under HIPAA. GetPreAuth will not use or disclose PHI in a manner that would violate HIPAA if done by the Covered Entity.
GetPreAuth agrees to implement appropriate administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of PHI, in accordance with 45 CFR § 164.308, § 164.310, and § 164.312.
GetPreAuth will enter into agreements with any subcontractors that create, receive, maintain, or transmit PHI on our behalf, requiring them to comply with HIPAA obligations equivalent to those in this BAA. AI processing is performed via Anthropic's API under appropriate data agreements.
GetPreAuth will notify the Covered Entity of any Breach of Unsecured PHI within 60 days of discovery, in accordance with 45 CFR § 164.410.
GetPreAuth will cooperate with requests by Covered Entities to support individuals' rights under HIPAA, including rights of access, amendment, and accounting of disclosures, to the extent the information is maintained in a Designated Record Set.
Either party may terminate this BAA upon 30 days written notice. Upon termination, GetPreAuth will, to the extent feasible, return or destroy all PHI received from or created on behalf of the Covered Entity.
This BAA is effective as of the date you create an account and accept these Terms. By creating an account, the Covered Entity acknowledges and agrees to be bound by this BAA.