Last updated: April 28, 2026
TeleVerify ("we," "our," or "the Service") is a telehealth compliance verification tool that helps healthcare providers confirm location-based regulatory compliance during virtual visits. This Privacy Policy explains how we collect, use, store, and protect your information.
Provider Information: National Provider Identifier (NPI), name, credentials, licensed states, email address, and hashed password for account authentication.
Patient Information: Approximate geographic location (state-level only) determined via IP address geolocation or voluntary self-report. We do not collect patient names, medical records, or health information.
Session Data: Compliance check results, session timestamps, provider and patient state codes, and exception flags (emergency consultation, established patient). Raw session data (temporary connection data) expires after 4 hours. Compliance verification records — including timestamps, compliance status, verification method, and provider/patient state codes — are retained for a minimum of 7 years to meet CMS and state regulatory audit requirements.
Zoom Integration Data: When you connect your Zoom account, we store encrypted OAuth access and refresh tokens, your Zoom user ID, and Zoom email address. We access meeting context (meeting ID, participant role) only when the app is actively used during a meeting.
We use the information collected to: verify that healthcare providers are authorized to treat patients across state lines; generate compliance check results and audit logs; maintain your account and authentication; and integrate with Zoom for in-meeting compliance verification.
TeleVerify integrates with the following external services:
Zoom Video Communications: OAuth authentication and meeting context via the Zoom Apps SDK. Subject to Zoom's Privacy Policy.
IP-API: IP-based geolocation to approximate provider and patient state. Only IP addresses are transmitted; no personal information is shared.
NPI Registry (CMS): National provider lookup via the NPPES API to verify provider credentials. This is a public government database.
OpenStreetMap / Nominatim: Reverse geocoding for GPS coordinates when available. No personal data is transmitted.
Stripe, Inc.: Payment processing for subscription billing. Your payment information (credit card number, billing address) is collected and processed directly by Stripe. TeleVerify does not receive or store your full credit card number. We receive only a token identifier, the last four digits, card brand, and expiration date for display purposes. Stripe is PCI DSS Level 1 certified. Subject to Stripe's Privacy Policy.
IPQualityScore (IPQS): IP-based geolocation for patient location verification. When a patient's location is verified via IP address, the IP address may be transmitted to IPQS for state-level geolocation. No personal health information, patient names, or other identifying information is shared.
Resend: Transactional email delivery for account verification, password reset, organization invitations, and compliance notifications. Resend receives recipient email addresses and message content. Email content does not include protected health information.
Data is stored in PostgreSQL databases hosted on Railway, a SOC 2 Type II compliant platform-as-a-service provider, with SSL encryption for all database connections. Zoom OAuth tokens are encrypted at rest using AES-256-GCM with dedicated encryption keys managed through environment-level secrets. Provider passwords are hashed using bcrypt with appropriate work factors and are never stored in plaintext. All connections use HTTPS with HTTP Strict Transport Security (HSTS) enforcement. JSON Web Tokens (JWT) are used for session authentication with configurable expiration periods. Rate limiting is enforced on all API endpoints to prevent abuse. Tamper-evident audit logs with cryptographic hash-chain integrity verification are maintained for all compliance verification activities.
Raw session data (temporary connection data such as IP addresses) expires after 4 hours and is not retained. Compliance verification records — including session timestamps, compliance status, verification method, and state codes — are retained for a minimum of 7 years to meet CMS record-keeping requirements and state regulatory audit standards. Provider accounts persist until manually deleted. When you disconnect TeleVerify from Zoom (uninstall the app), associated OAuth tokens are automatically deleted; compliance records are preserved per the retention policy.
You may request access to, correction of, or deletion of your personal data by contacting us. Providers can delete their accounts through the application. When you revoke TeleVerify's access through Zoom, we automatically delete your Zoom-related data.
TeleVerify is intended for use by licensed healthcare professionals and is not directed at children under 13. We do not knowingly collect information from children.
We may update this Privacy Policy from time to time. We will notify users of material changes by updating the "Last updated" date at the top of this page.
The TeleVerify Chrome extension injects a compliance verification panel into video session pages on supported telehealth platforms (Doxy.me and SimplePractice). Its purpose is to let providers run a license check during a live session.
The extension collects location data (GPS coordinates if shared, or IP-based geolocation as a fallback) solely for compliance verification. All data collected by the extension is transmitted only to televerify.org servers over HTTPS. No browsing history, page content, keystrokes, video, audio, or personal health information is collected or transmitted, and no third parties receive any data from the extension.
When you use TeleVerify to run a compliance check, the following data processing occurs: (a) your NPI is used to query the publicly available NPPES registry to verify credentials and licensure; (b) the patient’s approximate state-level location is determined via IP address geolocation or voluntary self-report; (c) the patient’s state is evaluated against your licensed states, applicable interstate compact memberships, and state-specific telehealth registration requirements; (d) a compliance determination is generated and stored as a compliance verification record; and (e) the event is recorded in the audit log. At no point during this process does TeleVerify access, view, or store any clinical information about the patient, including the reason for the visit, diagnoses, treatment notes, or any content of the telehealth session.
For privacy-related inquiries, contact us at: support@televerify.org