CaseBridge LLC (“CaseBridge,” “Company,” “we,” “us,” or “our”) is committed to respecting and protecting your privacy. CaseBridge provides a cloud-based practice management platform (the “Platform” or “Services”) built exclusively for personal injury medical clinics. The Platform enables CaseBridge subscribers (“Subscribers”) to manage leads, cases, scheduling, partner relationships, medical records, and related clinical and administrative workflows. Subscribers may, in turn, make portions of the Services available to their employees, independent contractors, law firm partners, and other authorized third parties (“End Users”), as permitted by the CaseBridge Terms of Service.
This Privacy Policy (“Policy”) explains the types of personal data we collect from visitors to our website at https://www.casebridge.com (the “Site”) and from individuals with whom we communicate and interact in the course of providing the Site and Services. This Policy also describes how we use personal data, the purposes for sharing personal data and the recipients thereof, your rights and choices, and how you can contact us about our privacy practices.
This Policy applies to CaseBridge’s Site and Services, including the CaseBridge Attorney Portal. It does not apply to websites, products, or services of third parties, which are subject to their own privacy policies.
Please read this Policy carefully to understand our policies and practices regarding your personal data and how we will process it.
Personal Data We Collect
1. Personal Data You Provide
Personal data is any information that relates to an identified or identifiable individual. We collect several types of personal data from and about users of our Site and Services. In many cases, the personal data that you provide directly to us through our Services will be apparent from the context in which you provide it.
Account Information. When you register for a CaseBridge account, we collect your full name, email address, phone number, organization name, role or title, and other related information such as account login credentials.
Profile Information. You may choose to add information to your profile within the Services. Please do not upload any profile information you would not want to be accessible to other authorized users within your organization.
Patient and Case Information. Subscribers and their Authorized Users may enter patient demographics, case details, treatment information, appointment records, medical records, billing data, and other information related to personal injury cases into the Platform. This information may include Protected Health Information (PHI) as defined under HIPAA.
Partner and Referral Information. Subscribers may enter information about their law firm partners, medical clinic partners, and other referral relationships, including organization names, contact information for key contacts, and referral activity data.
Attorney Portal Information. Law firm users who access the CaseBridge Attorney Portal provide their name, email address, and authentication credentials. Their access to patient case data is limited to their own firm’s clients and is controlled by the subscribing clinic.
Inquiry Information. When you fill in our online forms to contact our sales team or request a demo, we collect your name, contact information, organization name, and other information about your interest in our Services.
Billing and Payment Information. If you are a Subscriber, you will provide your contact information and financial information (such as credit card or bank account details) as part of your business relationship with us. Payment processing is handled by third-party payment processors; we do not store full payment card numbers on our systems.
Communications. When you communicate with us or other users through the Site and Services, or otherwise communicate with us by email, phone, or text, we collect information about the communication and any information you provide in your correspondence.
2. Information Collected Automatically
As you navigate through and interact with the Site and Services, we may use cookies and similar tracking technologies that automatically collect certain information about you, including:
Browser and Device Data. Your IP address, device type, operating system and Internet browser type, operating system name and version, device manufacturer and model, language, plug-ins, add-ons, and the language version of the Site you are visiting.
Usage Data. Time spent on the Site and Services, pages visited, features used, links clicked, language preferences, and the pages that led or referred you to our Site.
How We Use Personal Data
We rely on a number of legal grounds to enable our use of your personal data. We use personal data to pursue our legitimate business interests, to enter into and perform contractual obligations with our Subscribers, and to comply with our legal obligations. We also use personal data with your consent where required. More specifically, we use personal data for the following purposes:
To provide, operate, and maintain the Site and Services, including the Attorney Portal;
To process and manage Subscriber accounts, including authentication, billing, and account administration;
To facilitate the management of patient leads, cases, appointments, treatment records, and related clinical workflows within the Platform;
To enable law firm partners to access case and treatment information for their clients through the Attorney Portal, as authorized by the subscribing clinic;
To provide customer support and respond to inquiries, questions, and feedback;
To help us improve and personalize the functionality of the Site and Services;
To help us understand usage patterns of the Site and Services in order to improve them;
To provide you with notices about your account, including billing and service notifications;
To carry out our obligations and enforce our rights arising from any agreement entered into between you and us, including for billing and collections;
To notify you about changes to our Site, Services, or any products or services we offer;
To inform you about products, services, offers, and events we sponsor, and to provide news and other information that may be of interest to you;
To communicate technical and administrative messages regarding the Site and Services, including technology updates and security notices;
To comply with applicable laws, regulations, legal processes, or enforceable governmental requests, including HIPAA; and
For any other purpose to which you consent at the time the personal data is collected.
Protected Health Information (PHI) and HIPAA
CaseBridge processes Protected Health Information (PHI) on behalf of its Subscribers in connection with the Services. With respect to PHI, CaseBridge acts as a Business Associate of its Subscribers, as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.
The handling of PHI is governed by the Business Associate Agreement (BAA) executed between CaseBridge and each Subscriber. In the event of a conflict between this Privacy Policy and the BAA with respect to the handling of PHI, the terms of the BAA shall control.
CaseBridge implements administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of PHI, including encryption in transit (TLS 1.2+) and at rest (AWS KMS), role-based access controls, audit logging, and multi-factor authentication for portal users.
CaseBridge does not use PHI for marketing purposes, does not sell PHI, and does not disclose PHI except as permitted or required by the BAA and applicable law.
How We Disclose Personal Data
We do not sell or rent personal data to marketers or unaffiliated third parties. We may share your personal data with third parties only as described in this Policy:
Service Providers. To contractors, service providers, and other third parties we use to support our business, such as cloud infrastructure providers (Amazon Web Services), website hosting, data analysis, customer service, email delivery, payment processing, and auditing services. All service providers who process PHI on our behalf are required to execute Business Associate Agreements.
Attorney Portal Access. When a Subscriber enables Attorney Portal access for a law firm partner, the law firm’s authorized users may view case and treatment information for their own clients only. Document access is controlled at the individual document level by the subscribing clinic. All portal activity is logged in an immutable audit trail.
Corporate Transactions. In connection with an actual or proposed merger, acquisition, reorganization, divestiture, or sale of some or all of CaseBridge’s assets. In these circumstances, CaseBridge will require the parties with whom personal data is shared to process personal data in accordance with this Privacy Policy and applicable law.
Compliance and Harm Prevention. To comply with any court order, law, or legal process, including responding to any government or regulatory request; to enforce or apply our Terms of Service and other agreements, including for billing and collection purposes; if we believe disclosure is necessary or appropriate to protect our rights, property, or safety, our Subscribers, or others.
With Your Consent. For any other purpose we disclose when you provide the information, or with your explicit consent.
Your Rights and Choices
1. Opting Out of Marketing Communications
If you no longer want to receive marketing-related emails from us, you may opt out via the unsubscribe link included in such emails. We will comply with your request as soon as reasonably practicable. Please note that if you opt out of marketing emails, we may still send you transactional and service-related messages in connection with providing our Services.
If you no longer want to receive marketing-related SMS communications from us, you may opt out by replying STOP or UNSUBSCRIBE at any time. Text messaging originator opt-in data and consent will not be shared, excluding aggregators and providers of text messaging services.
2. Accessing and Updating Your Personal Data
To access or update your personal data in your CaseBridge account, log into the Platform and navigate to Settings to make your changes. If you are an End User who does not have direct account access (such as a patient or Attorney Portal user), please direct your request to the CaseBridge Subscriber who manages your information.
3. Account Deletion
If you would like to delete your CaseBridge account, you may contact your organization’s CaseBridge administrator. If you are the account administrator and would like to delete your CaseBridge account, please contact us at [email protected]. Please note that certain data may be retained as required by law (including HIPAA retention requirements) or for legitimate business purposes.
4. Your California Privacy Rights
If you are a California resident, you have the following rights under the California Consumer Privacy Act (“CCPA”):
The right to know what personal information we collect, use, disclose, and sell about you, including the categories and specific pieces of personal information, the sources from which it was collected, the business purpose for collection, and the categories of third parties with whom it was shared.
The right to request deletion of personal information we have collected about you, subject to certain exceptions provided by law.
The right to opt out of the sale of your personal information. CaseBridge does not sell personal information.
The right not to receive discriminatory treatment for exercising your privacy rights.
If you are an End User of a CaseBridge Subscriber, please direct CCPA requests to the Subscriber, as CaseBridge acts as a service provider under the CCPA with respect to data processed on behalf of Subscribers.
5. Your Data Protection Rights (EU/EEA/UK Residents)
If you are located in the European Union, European Economic Area, or the United Kingdom, you may have the following rights with respect to the personal data we process:
The right to request confirmation that CaseBridge processes personal data relating to you, and if so, to request a copy of that personal data.
The right to request correction of inaccurate, incomplete, or outdated personal data.
The right to request erasure of your personal data in certain circumstances provided by law.
The right to object to the processing of your personal data in certain circumstances provided by law.
The right to request restriction of the use of your personal data in certain circumstances provided by law.
The right to request portability of your personal data.
If we have processed your personal data with your consent, the right to withdraw your consent at any time.
The right to lodge a complaint with a data protection authority about our processing of your personal data.
If you are an End User of a CaseBridge Subscriber, please direct your requests to the Subscriber. We will comply with your request to the extent required by applicable law.
Data Security and Retention
We implement and maintain organizational, technical, and administrative measures designed to protect personal data against unauthorized access, destruction, loss, alteration, or misuse. These measures include:
Encryption of all data in transit using TLS 1.2 or higher.
Encryption of all data at rest using AWS Key Management Service (KMS).
Role-based access controls limiting data access to personnel with a legitimate need.
Multi-factor authentication (MFA) required for Attorney Portal users and recommended for all platform users.
Immutable audit logging of all access to Protected Health Information.
Regular security reviews and penetration testing of our infrastructure and application.
Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at [email protected].
We retain your personal data for as long as we are providing the Services to you or our Subscribers, and thereafter as required by applicable law (including HIPAA, which requires retention of certain records for a minimum of six years). In all cases where we retain data, we do so in accordance with applicable limitation periods and records retention obligations.
International Data Transfers
CaseBridge’s Services are hosted on Amazon Web Services infrastructure located in the United States. Personal data may be stored and processed in the United States. Users located outside the United States should be aware that the United States may have data protection and privacy laws that differ from those of your country.
When transferring data across borders from the European Economic Area, the United Kingdom, or Switzerland, we comply with applicable laws to provide an adequate level of data protection. Where required by applicable law, we use the EU Standard Contractual Clauses or other legal mechanisms available to us under applicable law.
Cookies and Tracking Technologies
We use cookies and similar tracking technologies on our Site to collect usage data, remember your preferences, and improve your experience. You can control or disable cookies through your browser settings. Please note that disabling cookies may affect the functionality of certain features of the Site.
We may use the following categories of cookies:
Strictly Necessary Cookies. Required for the operation of the Site and Services, including authentication, security, and session management.
Analytics Cookies. Help us understand how visitors interact with the Site by collecting and reporting information anonymously.
Functional Cookies. Enable enhanced functionality and personalization, such as remembering your preferences.
Marketing Cookies. Used to deliver relevant advertisements and track the effectiveness of our marketing campaigns. We will obtain your consent before placing marketing cookies where required by applicable law.
Use by Minors
The Site and Services are not directed toward persons under 18. We do not knowingly solicit or collect personal data from children under the age of 18. If you believe we may have collected personal data from a minor without parental or guardian consent, please contact us immediately using the information provided below.
Third-Party Links
The Site and Services may contain links to other sites that are not owned or controlled by CaseBridge. These links are provided solely for your convenience. CaseBridge is not responsible for the privacy practices of such other sites. Please refer to the privacy policies of those sites directly if you have questions or concerns.
Updates to This Policy
When we update this Privacy Policy, we will take appropriate measures to inform you, consistent with the significance of the changes we make. We will post the updated Policy on our Site with a revised “Last Updated” date. We will obtain your consent to material Privacy Policy changes if and where this is required by applicable data protection laws. Your continued use of the Site and Services after the effective date of any updated Policy constitutes your acceptance of the updated terms.
Contact Us
If you have questions or concerns about this Privacy Policy, or if you wish to exercise any of your privacy rights, please contact us:
CaseBridge LLC
420 Technology Pkwy NW 300, Suite 150
Peachtree Corners, GA 30092
[email protected]
For security-related concerns: [email protected]
Last Updated: April 2026