Logo
Home
How it works
Pricing
About
Contact
Login
Privacy Policy

DAHN Privacy Policy

Last Updated: May 8, 2026

1. Introduction

DAHN ("we", "our", or "us") respects your privacy and is committed to protecting the personal and health-related information you share with us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our nursing documentation application and related services (the "Service").

2. Information We Collect

We may collect:

  • Account information: name, email, role (nurse, agency), credentials.
  • Patient documentation: notes, assessments, and clinical content you create.
  • Usage data: device information, log data, and feature interactions.
  • Payment information: processed securely by third-party payment providers.

3. How We Use Your Information

  • Provide, maintain, and improve the Service.
  • Process transactions and manage subscriptions.
  • Send important updates, security alerts, and support messages.
  • Comply with legal obligations and enforce our terms.

4. Protected Health Information (PHI)

If you use the Service to document patient care, you are responsible for ensuring your use complies with HIPAA and all applicable laws. We implement administrative, technical, and physical safeguards to protect PHI, but you remain the data controller for the patient information you enter.

All patient data and clinical documentation entered into the Service is owned and controlled by the healthcare provider or organization using the Service. DAHN acts solely as a data processor/business associate and does not claim ownership of such data.

5. HIPAA Compliance

DAHN is designed to support compliance with the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health (HITECH) Act. We understand the importance of protecting Protected Health Information (PHI) and have implemented safeguards to support compliance.


Business Associate Agreements (BAAs):

We will enter into a Business Associate Agreement (BAA) with any Covered Entity or Business Associate as required by 45 CFR 164.504(e). The BAA outlines our responsibilities for safeguarding PHI and reporting breaches. Contact us at info@dahn.ai to request a signed BAA.


Administrative Safeguards:

  • Designated HIPAA Privacy and Security Officers.
  • Workforce training on HIPAA policies and procedures.
  • Regular risk assessments and remediation plans.
  • Incident response and breach notification procedures.
  • Access management and role-based permissions.


Physical Safeguards:

  • Controlled access to facilities and systems hosting PHI.
  • Workstation and device security policies.
  • Secure disposal of hardware and media containing PHI.


Technical Safeguards:

  • End-to-end encryption for data in transit (TLS 1.2+).
  • Encryption at rest using industry-standard algorithms (AES-256).
  • Unique user identification and strong authentication.
  • Automatic session timeout and access logging.
  • Audit controls to monitor access to PHI.


Breach Notification:

In the event of a breach of unsecured PHI, we will notify affected Covered Entities without unreasonable delay and no later than 60 days from discovery, as required by 45 CFR 164.410. If the breach affects 500 or more individuals, we will also notify the Secretary of HHS and, when required, prominent media outlets.


In the event of a data breach affecting personal information, we will take reasonable steps to notify affected users in accordance with applicable laws.


Minimum Necessary Standard:

We adhere to the "Minimum Necessary" standard (45 CFR 164.502(b) and 164.514(d)), ensuring that access to PHI is limited to the minimum necessary to accomplish the intended purpose.

6. Sharing of Information

We do not sell your personal information. We may share information with trusted service providers (hosting, analytics, payments) under confidentiality obligations, or when required by law.

We use third-party service providers including, but not limited to, cloud hosting providers (such as AWS), payment processors (such as Stripe), and analytics tools. These providers may process data on our behalf under strict confidentiality and security obligations and, where applicable, under Business Associate Agreements.

7. Data Security

We use encryption in transit and at rest, access controls, and regular security reviews. No method of transmission over the internet is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain personal and health-related information only for as long as necessary to provide the Service and fulfill legal, regulatory, and contractual obligations. Healthcare organizations are responsible for determining appropriate retention periods for clinical documentation in accordance with applicable laws.

9. Subscription and Pricing

We reserve the right to modify subscription pricing at any time. In the event of a price increase, you will receive advance notice via email or through the Service at least 30 days prior to the change taking effect. By continuing to use the Service after a price change, you agree to the updated pricing. If you do not agree to the new pricing, you may cancel your subscription before the change takes effect.

10. Your Rights

You may request access to, correction of, or deletion of your personal information by contacting us. For Protected Health Information, requests must be made through the healthcare provider or organization that controls the data, in accordance with applicable laws including HIPAA.

11. Children's Privacy

The Service is not directed to children under 16, and we do not knowingly collect personal information from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or by email.

13. Cookies and Tracking

We may use cookies or similar technologies to improve functionality and analyze usage. You can control cookie preferences through your browser settings.

14. Governing Law

This Privacy Policy is governed by applicable laws of the State of Louisiana.

15. Contact Us

For questions or concerns about this Privacy Policy, please contact us at:

Email: info@dahn.ai

Website: www.getdahn.com