Skip to main content

Ward Health Privacy Policy

Effective date: June 18, 2026

Last updated: June 18, 2026


1. Introduction

This Privacy Policy explains how Ward Health ("Ward," "we," "us," or "our") handles personal information. Ward provides a patient observation and safety platform that healthcare facilities use to document observations with proximity verification, record vitals and assessments, and manage alerts.

This Policy covers the personal information we collect and control directly:

  • the clinical staff and facility administrators who hold Ward accounts and use the Ward app and dashboard, and
  • visitors to our website (ward.health) and people who join our waitlist.

It does not cover patient information that we process on behalf of our healthcare facility customers. That information is governed by separate agreements and is described in Section 2.

2. Patient information is handled under our Business Associate Agreement, not this Policy

When a healthcare facility uses Ward to monitor and document patient observations, Ward acts as a service provider and HIPAA business associate. We create, receive, maintain, and transmit patient information, which may include Protected Health Information ("PHI") under the Health Insurance Portability and Accountability Act ("HIPAA"), solely on behalf of and at the direction of the facility (the covered entity). We do not control how that patient information is used, and we do not use it for our own purposes.

Our handling of patient information is governed by the Business Associate Agreement we sign with each facility and by that facility's own Notice of Privacy Practices, not by this Privacy Policy. If you are a patient at a facility that uses Ward, please contact your provider, and refer to your provider's Notice of Privacy Practices, for information about how your health information is used and disclosed and how to exercise your rights in it. We will refer any request we receive directly from a patient to the facility.

We do not use patient information to train, develop, or improve machine learning or artificial intelligence models, except with the facility's prior written consent. We may create de-identified or aggregated data in accordance with HIPAA, which no longer identifies any individual.

3. Information we collect

We collect the following categories of personal information on the controller side covered by this Policy.

Information you provide to us:

  • Account and profile information for staff and administrators: full name, work email address, role, clinical credentials, facility and unit assignment, contact phone number used for alert escalation, and an optional profile photo.
  • Authentication information: your password (stored only as a salted hash), multi-factor authentication enrollment, and, if your facility uses single sign-on, the identity your facility's identity provider sends us.
  • Waitlist and contact information: if you join our waitlist or contact us, the email address you submit and the contents of your message.
  • Support and correspondence: information you provide when you contact support.

Information we collect automatically:

  • Device and app information: device type and name, operating system, app version, and push notification token.
  • Usage information: actions you take in the app and dashboard, timestamps, and diagnostic and crash data.
  • Website information: when you submit our waitlist form, we receive your browser user-agent and the page that referred you. We do not use cookies or third-party analytics on our marketing or documentation websites.

Proximity scanning (mobile app). To verify that staff are physically present for an observation, the Ward app scans for nearby patient wristbands over Bluetooth Low Energy (BLE) and estimates the distance between the staff device and the wristband. This proximity check operates at room or facility scale to confirm presence. It is not satellite or geographic location, and Ward does not collect, derive, or store your latitude and longitude from it.

Biometrics. If you enable Face ID, Touch ID, or device passcode unlock, that check happens entirely on your device as a local unlock. Ward never receives, transmits, or stores your biometric data.

Audit logs. For security and HIPAA compliance, we log actions taken in the system, including who performed an action and when. These logs may identify the staff member who took an action.

4. How we use information

We use the information covered by this Policy to:

  • provide, operate, secure, and maintain the Ward platform;
  • authenticate accounts and enforce role-based access and multi-factor authentication;
  • route and deliver alerts and notifications;
  • diagnose problems, monitor performance, and improve the product;
  • communicate with you about your account, service changes, and support;
  • contact waitlist subscribers about Ward (you can unsubscribe at any time);
  • maintain audit logs and meet our legal, security, and compliance obligations.

5. How we share information

We do not sell your personal information, and we do not share it for cross-context behavioral advertising or targeted advertising.

We share personal information only as follows:

  • Service providers (subprocessors) that process data on our behalf under contract, restricted to providing services to us and prohibited from using the data for their own purposes. Our current subprocessors are listed in Section 6.
  • Your facility. Account, usage, and audit information is available to the administrators of the facility you work for, consistent with their role.
  • Legal and safety. When required by law, to respond to lawful requests, to enforce our agreements, or to protect the rights, safety, and security of users, the public, or Ward.
  • Business transfers. In connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.
  • With your direction or consent.

6. Subprocessors

We use the following subprocessors. We require each to protect personal information and, where they may handle PHI, to sign a Business Associate Agreement.

SubprocessorPurposeLocationPHI
Supabase, Inc.Database, authentication, storage, and backend servicesUnited StatesYes (under BAA)
ResendTransactional and notification emailUnited StatesNo (email addresses only)
Expo (incl. Apple APNs, Google FCM)Mobile builds, updates, and push notification deliveryUnited StatesNo (push content is generic)
SentryError and crash diagnosticsUnited StatesNo (opaque IDs only)
PostHogProduct analyticsUnited StatesNo (opaque IDs only)
UpstashRate limiting and session countersUnited StatesNo
NetlifyWebsite and dashboard hostingUnited StatesNo
TailscaleSecure remote administration of on-premise hubsUnited StatesNo

Your facility's electronic medical record (EMR) system and single sign-on identity provider are controlled by your facility, not by Ward, and are not Ward subprocessors.

We will notify customers before adding a new subprocessor that will have access to PHI, consistent with the Business Associate Agreement, which provides a window to object.

7. Cookies and tracking

Our product requires a session cookie or token to keep you signed in. Our marketing and documentation websites do not use advertising cookies, tracking pixels, or third-party analytics, and we do not engage in cross-site tracking.

8. Mobile application disclosures

  • Push notifications. We use push notification tokens to deliver alerts. Notification content is generic and does not contain patient health information.
  • Device security checks. On launch, the app checks for signs of a compromised device and reads device identifiers for this purpose. Failing devices show a warning but remain usable so clinical work can continue.
  • Bluetooth proximity. See Section 3. Ward uses Bluetooth to verify staff presence for observations and does not use it to track geographic location.
  • No advertising or tracking. Ward does not use third-party advertising networks and does not track you across other companies' apps or websites.

Our App Store and Google Play data-safety disclosures are consistent with this Policy.

9. Data retention

We retain personal information for as long as needed to provide the service and meet legal, regulatory, and security obligations. Clinical records that Ward processes for facilities are retained under the Business Associate Agreement (generally the service term plus seven years, or longer if law requires). Indicative retention for records covered by this Policy and for clinical record types:

Data typeRetention
Observations, alerts, vitals, assessments1 year active, then archived to 7 years total
Audit logs1 year active, then archived to 7 years total
Sensor events90 days
Login attempt records7 days
Account informationFor the life of the account, then deleted or de-identified
Waitlist informationUntil you unsubscribe or 24 months after your last interaction, whichever comes first

Retention of clinical records is configurable per facility based on regulatory requirements.

10. Security

We protect personal information with administrative, physical, and technical safeguards consistent with the HIPAA Security Rule, including:

  • encryption in transit and at rest (AES-256), with mobile offline data encrypted using keys held in secure hardware on your device;
  • row-level security that isolates each facility's data, role-based access, and multi-factor authentication for elevated roles;
  • screen-capture prevention and inactivity lock in the mobile app;
  • comprehensive audit logging, and a practice of never sending patient health information to our analytics or error-tracking tools.

No system is perfectly secure, but we work to protect your information and to notify affected parties of confirmed breaches as required by law and our agreements.

11. Your privacy rights and choices

Depending on where you live, you may have some or all of the following rights regarding personal information we control: to know or access it, to correct it, to delete it, to obtain a portable copy, to opt out of its sale or sharing or of targeted advertising and certain profiling, and to appeal a decision on your request. We do not discriminate against you for exercising these rights.

To exercise a right, contact us at privacy@ward.health. We will verify your request and respond within the time required by applicable law. You may use an authorized agent where the law allows.

We honor recognized opt-out preference signals, including Global Privacy Control, where required.

If your request concerns patient information that we process on behalf of a facility, we will refer you and the request to that facility, which controls that data. See Section 2.

12. State-specific notices

California. California residents have the rights described in Section 11 under the CCPA, as amended. We collect the categories of personal information described in Section 3 (identifiers, professional information, internet and device activity, and, for staff, audit records), from the sources and for the purposes described in this Policy. We do not sell or share personal information as those terms are defined under California law. California's "Shine the Light" law: we do not share personal information with third parties for their own direct marketing.

Washington. Washington residents: please see our separate Consumer Health Data Privacy Policy, linked from our homepage, which describes how we handle consumer health data under the My Health My Data Act.

Other states. Residents of other states with comprehensive privacy laws have the rights described in Section 11. We process sensitive information, where any, only as needed to provide the service or with your consent, and not for targeted advertising or sale.

13. International users

Ward is operated from, and stores data in, the United States. We do not currently direct our services to people in the European Economic Area or the United Kingdom. If we process personal data of individuals there, we act as a controller for the data covered by this Policy and as a processor for patient data, rely on an appropriate lawful basis (such as performance of a contract or our legitimate interests), honor data-subject rights, and use Standard Contractual Clauses or another valid mechanism for transfers to the United States.

14. Children's privacy

Ward is a tool for healthcare professionals and is not directed to children. We do not knowingly collect personal information directly from children through our websites or app. Patient information, including information about minors where a facility serves them, is processed only on behalf of the facility as described in Section 2 and is governed by the facility's obligations and our Business Associate Agreement.

15. Changes to this Policy

We may update this Policy from time to time. We will post the updated version with a new effective date and, where appropriate, provide additional notice.

16. Contact us

Questions or requests about this Policy or your personal information:

Email: privacy@ward.health

General inquiries: hello@ward.health