How does Bond Health connect to EHR data?

Bond Health integrates with major EHRs (including Epic and Cerner) using secure APIs and healthcare interoperability standards (FHIR and HL7, as applicable). Bond Health's implementation team handles the integration end-to-end, and full EHR integration typically completes in 4-6 weeks depending on site IT review and interface method.

How does Bond Health validate trial eligibility logic?

Bond Health configures study-specific inclusion and exclusion criteria with your team, then validates the eligibility logic against real-world patient records before go-live. Bond Health provides traceable match rationale (criteria-to-evidence) and runs pre-launch QA to confirm accuracy and reduce screen failures.

How does Bond Health's voice agent handle PHI?

Bond Health's voice agents follow HIPAA-ready practices: encryption in transit, access controls, and audit logging. Patients are informed when AI assistance is used and can request a human callback at any time. Bond Health designs workflows to minimize PHI exposure and support compliant operations.

What is Bond Health's implementation timeline?

Bond Health typically implements in 4-6 weeks for full EHR integration. Implementation includes EHR connection, eligibility configuration, voice agent setup, analytics dashboards, and staff onboarding. Bond Health provides dedicated support throughout integration and launch.

What is Bond Health's security posture?

Bond Health uses encryption at rest and in transit (AES-256 where applicable), role-based access controls, comprehensive audit logging, and routine security testing. Bond Health can sign BAAs and is designed to support HIPAA-ready workflows for PHI.

What outcomes does Bond Health measure for research sites?

Bond Health reports site-relevant outcomes including patients matched, patients contacted and pre-screened, patients consented, patients randomized (when available), time-to-enrollment, matching accuracy, screen failure rate signals, and coordinator hours saved. Bond Health provides real-time dashboards plus regular reporting for sponsors, CROs, and sites as needed.

Legal

Privacy Policy

Bond Health, Inc. — bondtrials.com

Effective Date: April 1, 2026Last Reviewed: April 1, 2026

Bond Health, Inc. (“Bond Health,” “we,” “us,” or “our”) is committed to protecting the privacy and security of personal information entrusted to us. Bond Health operates an AI-powered clinical trial patient recruitment platform (the “Platform”) accessible at bondtrials.com (the “Site”). This Privacy Policy describes how we collect, use, disclose, and safeguard information when you visit our Site, use our Platform, or otherwise interact with our services.

By accessing or using our Site and services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the practices described herein, please do not use our Site or services.

1. Information We Collect

We collect information in the following categories:

1.1 Personal Information

Personal information you provide directly to us may include:

Contact Information: Name, email address, phone number, and mailing address.
Account Information: Login credentials and account preferences.
Health-Related Information: When voluntarily provided in connection with clinical trial matching, this may include demographic information, medical history, diagnoses, medications, and other health-related data relevant to determining clinical trial eligibility. We treat all health-related information with heightened security controls.
Professional Information: For clinical research site personnel, sponsors, and partners: job title, institutional affiliation, and professional credentials.
Communications: Records of correspondence when you contact us for support, inquiries, or feedback.

1.2 Usage and Technical Data

We automatically collect certain technical information when you interact with our Site and Platform:

Device and Browser Information: IP address, browser type and version, operating system, device identifiers, and screen resolution.
Usage Data: Pages viewed, features used, access times, session duration, referring URLs, and clickstream data.
Log Data: Server logs that record requests made to our systems, including timestamps and error information.

1.3 Cookies and Tracking Technologies

We use cookies, web beacons, and similar tracking technologies to enhance your experience and gather analytical data. These may include:

Essential Cookies: Required for Site functionality, such as session management and security.
Analytics Cookies: Help us understand how visitors interact with our Site to improve performance and usability.
Preference Cookies: Store your settings and preferences for future visits.

You may manage cookie preferences through your browser settings. Disabling certain cookies may limit the functionality of our Site.

1.4 Information from Third Parties

We may receive information from third-party sources, including clinical research organizations, healthcare providers, electronic health record (EHR) systems (such as Epic, Cerner, AthenaHealth, Meditech, and eClinicalWorks) with appropriate authorizations, and publicly available databases, solely for the purpose of facilitating clinical trial matching.

2. How We Use Your Information

We use the information we collect for the following purposes:

Clinical Trial Matching: To evaluate eligibility for clinical trials using our AI-powered matching engine and to facilitate connections between patients and research sites.
Platform Operations: To provide, maintain, and improve the functionality and performance of our Site and Platform.
Communications: To respond to your inquiries, send service-related notices, and provide updates about our services or relevant clinical trial opportunities.
Analytics and Improvement: To analyze usage patterns, monitor performance, and develop new features and services.
Security and Compliance: To detect, prevent, and address security incidents, fraud, and technical issues, and to comply with applicable legal and regulatory obligations.
Legal Obligations: To comply with applicable laws, regulations, legal processes, or enforceable governmental requests.

We do not use personal information for automated decision-making that produces legal or similarly significant effects without appropriate safeguards and human oversight.

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:

Clinical Research Partners: With clinical research sites, sponsors, and contract research organizations (CROs) as necessary to facilitate your participation in clinical trials, and only with your consent or as authorized.
Service Providers: With third-party vendors who perform services on our behalf (e.g., cloud hosting, data analytics, customer support). These providers are contractually bound to protect your information and may only use it to perform services for us.
EHR Integration Partners: With electronic health record system providers solely to the extent necessary to retrieve authorized health data for clinical trial eligibility matching.
Legal Requirements: When required by law, regulation, subpoena, court order, or other legal process, or to protect the rights, property, or safety of Bond Health, our users, or the public.
Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of the transaction. We will notify you of any such change in ownership or control.
With Your Consent: In any other situation, we will share your personal information only with your explicit consent.

4. Data Security

We implement industry-standard technical and organizational measures to safeguard your personal information, including:

Encryption: Data is encrypted in transit (TLS 1.2+) and at rest using AES-256 or equivalent encryption standards.
Access Controls: Role-based access controls restrict data access to authorized personnel on a need-to-know basis.
Infrastructure Security: Our systems are hosted on SOC 2-compliant cloud infrastructure with network segmentation, intrusion detection, and continuous monitoring.
Security Assessments: We conduct regular vulnerability assessments, penetration testing, and security audits.
Incident Response: We maintain a documented incident response plan to detect, respond to, and recover from security incidents.
Employee Training: All personnel with access to personal data receive regular training on data protection and security best practices.

While we employ robust safeguards, no method of transmission or storage is completely secure. If you have reason to believe your information has been compromised, please contact us immediately at [email protected].

5. Data Retention

We retain personal information only as long as necessary to fulfill the purposes for which it was collected, to comply with legal and regulatory obligations, to resolve disputes, and to enforce our agreements. Specific retention periods depend on the nature of the data and the purpose for its collection. When personal information is no longer required, we securely delete or anonymize it in accordance with our data retention policies.

6. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Right to Access: Request a copy of the personal information we hold about you.
Right to Correction: Request correction of inaccurate or incomplete personal information.
Right to Deletion: Request deletion of your personal information, subject to applicable legal retention requirements.
Right to Data Portability: Request a machine-readable copy of your personal data.
Right to Restrict Processing: Request that we limit how we process your personal information under certain circumstances.
Right to Object: Object to certain types of processing, including processing for direct marketing purposes.
Right to Withdraw Consent: Where processing is based on your consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within the timeframe required by applicable law.

7. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

Right to Know: You may request disclosure of the categories and specific pieces of personal information we have collected about you, the sources of collection, our business purposes for collecting it, and the categories of third parties with whom we share it.
Right to Delete: You may request that we delete personal information we have collected from you, subject to certain exceptions.
Right to Opt-Out: You have the right to opt out of the sale or sharing of your personal information. Bond Health does not sell personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a request, contact us at [email protected] or call +1 (310) 849-1687. We will verify your identity before fulfilling your request.

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) or equivalent legislation. In addition to the rights listed in Section 6, you may lodge a complaint with your local data protection authority if you believe your rights have been violated.

We process personal data under one or more of the following lawful bases: your consent, performance of a contract, compliance with a legal obligation, or our legitimate interests (provided these do not override your fundamental rights and freedoms).

Where we transfer personal data outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

9. Health Information and HIPAA

Bond Health may process protected health information (PHI) in its capacity as a Business Associate to covered entities under the Health Insurance Portability and Accountability Act (HIPAA). In such cases, our handling of PHI is governed by applicable Business Associate Agreements (BAAs) and HIPAA regulations, which impose strict requirements on the use, disclosure, and safeguarding of PHI.

To the extent that health-related data is provided to us outside the scope of a BAA, we treat such data with the same level of care and apply equivalent security controls.

10. Children's Privacy

Our Site and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information without parental consent, please contact us at [email protected] and we will take steps to remove such information from our systems.

Where Bond Health facilitates clinical trial matching for pediatric trials, all data collection and processing is conducted through the child's parent or legal guardian with appropriate consent.

11. Third-Party Links and Services

Our Site may contain links to third-party websites or services that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party site or service before providing personal information.

12. International Data Transfers

Your information may be transferred to, stored, and processed in the United States or other jurisdictions where our service providers operate. By using our Site and services, you acknowledge that your information may be transferred to countries with data protection laws that may differ from those in your jurisdiction. We take appropriate measures to ensure that your personal information remains protected in accordance with this Privacy Policy and applicable law.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. When we make material changes, we will post the updated policy on our Site with a revised effective date and, where appropriate, notify you by email or through our Platform. We encourage you to review this Privacy Policy periodically.

This Privacy Policy is reviewed at least annually to ensure continued accuracy and compliance.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Bond Health, Inc.

50 Brown Circle, Paramus, NJ 07652

Email: [email protected]

Phone: +1 (310) 849-1687

Website: bondtrials.com