therapyBOSS Privacy Policy

Effective May 23, 2022 | Effective previously

Download PDF

By using our services, you’re trusting us with your information. A paramount part of earning that trust means being clear about what information we collect and how we use it. Our privacy policy is intended to help you understand those aspects. It describes how Pragma-IT, LLC (“we,” “us,” or “our”) processes personal information in relation to your use of the website, the therapyBOSS medical records and billing software and the therapyBOSS patient portal (collectively, the “therapyBOSS platform”, “service”, or “services”). We encourage you to review our privacy policy whenever you use our services to stay informed about our related practices. By subscribing to our services or accessing our sites, you agree to the collection and use of your information as described in the privacy policy and may be amended from time to time.



Questions or concerns

Any questions about this privacy policy should be addressed by email to or by mail to Pragma-IT, LLC, 5811 Dempster Street, Morton Grove, IL 60053.

Information collected

We collect information to provide services to our users and visitors. Specifically, to allow our clients to create accounts and maintain their business and personal profiles, to contact us for assistance pre-registration or afterward, to analyze how our services are utilized and as otherwise outlined in this privacy policy.

Information we receive from you

Creating an account. We collect information when you sign up for an account and maintain your profile. For example, we collect personal information such as your name, email address, phone number and login credentials. We may collect your organization’s demographic information. We may also collect via secure payment processing services your payment information, such as credit card or bank account, to pay for our services.

Creating user logins. We collect information for additional user logins that you create in your accounts including names, email addresses and login credentials.

Additional profile information. Such as your date of birth, gender, postal address and professional license identification. Other professional identification such as tax ID, NPI and taxonomy code to facilitate your use of therapyBOSS billing features. Additionally, if you choose to supply, profile photo and your own about-yourself which may be visible to other users on the therapyBOSS platform, however, only at your direction.

Content you provide through our features. We collect and store content that you post, send, receive and share while using the therapyBOSS platform. This content includes any information about you that you may choose to provide. For example, scheduling a callback or asking a question via, posting in our forums, the messages you send to other users via our messaging feature.

Information collected automatically

Your use of our services. We keep track of certain information about you when you visit and interact with our services. This information includes the pages you viewed, the services and features you used or interacted with, your browser type and details about any links or communications with which you interacted.

Log data and device information. When you use our services, our servers automatically record certain information referred to as “log data” or “logs”. It may include your device’s IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data and the pages and/or features you’ve engaged with.

Location information. The visit verification feature of the therapyBOSS medical records software may collect your precise location information and device motion information. You will be notified when visit verification activates.

Cookies and other tracking technologies. Whenever you visit and interact with our services, you accept that a “cookie” may be placed on your computer or mobile device. Cookies are small text files that websites send to your device to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. They also help us provide a customized experience and facilitate better understanding of website traffic patterns. We use two types of cookies: “session cookies” and “persistent cookies.” Session cookies normally expire when you close your browser, while persistent cookies remain on your device after you close your browser and can be used again the next time you access the therapyBOSS platform. We use a third-party tracking service that employs cookies and other tracking technologies to track non-personally identifiable information about visitors to our website. This data is collected and used only in an aggregate form and not in a manner that would identify you personally directly or indirectly. You may be able to change the preferences in your browser to prevent or limit acceptance of cookies, but this may result in not being able to take full advantage of some of our features.

Payment transaction information. When you pay for our services, we record payment transaction details such as payment method used, date and time, payment amount, payment method expiration date and billing zip code, ACH information, your address and other related transaction details.

Use of information collected

To provide service. We use information we collect to provide the services to you including authenticating you when you log in, allowing you to utilize the features and functionality that you choose to and operating and maintaining our services.

To process payments. We use your payment method on file to charge it for your use of our services.

For security. We use information about you and your use of our services to screen and verify accounts and activity, to monitor suspicious or fraudulent activity and to identify violations of our terms of use.

For research and development. We continually work to improve our services. We use collected information about how people interact with our services to identify trends and usage patterns.

To communicate with you about our services. We will send you strictly service-related messages when necessary to do so. For instance, automatic notifications as a result of events within our services triggered by your actions or actions of other users that you interact with. If we plan service maintenance, we may send you an email. We may also send you communications as you onboard to our services to help you become more proficient in using them. These communications are part of our services and in most cases you cannot opt out of them. If an opt-out is available, you will find that option within the communication itself or in your settings.

Technical support. We use your information to resolve technical issues you experience, to respond to your requests for assistance and to repair and improve our services.

To promote our services. We use third-party ad services to either display advertising on our website or to manage our advertising on other companies’ websites and applications. These services use cookies and other tracking technologies to collect information about your activities on this and other websites to provide you targeted advertising based upon your interests. They generally have a mechanism to opt out of their services. For example, you can opt out of personalized ads served by Google as explained here. Many advertisers participate in a consortium called the Digital Advertising Alliance. DAA offers the WebChoices Tool to help control advertising. In addition, some advertisers may be members of an association called the Network Advertising Initiative. NAI also provides for opting out.

To protect our legal rights. Where required by law or where we believe it is necessary to protect our legal rights, interests and the interests of others, we use information about you in connection with legal claims, compliance, regulatory, and audit functions, and disclosures in connection with the acquisition, merger or sale of a business.

With your consent. We use information about you where you have given us consent to do so for a specific purpose not listed above. For example, with your permission, we may write down and publish user case stories to promote our services.

Third party personal information

You may provide personal information about other organizations and people, such as their name, email address, phone number and demographic information. It is your responsibility to get permission from anyone whose personal information you provide to us. We will only use that personal information for the purpose of completing your request.

Sharing of information collected

We will not sell, share, trade, or rent any personal information to others in ways different from what is disclosed in this privacy policy without first obtaining your authorization and consent. We may provide aggregate information, that is information collected from you that does not allow you to be personally identified or contacted, to third parties without your authorization, such as information about access and use of our services.

Agents/data processors. We may disclose personal information to independent contractors, volunteers, vendors, service providers, or consultants who are engaged by or working with us and who need access to such information to carry out their programs or services. Unless we tell you differently, our agents do not have any right and are not allowed to use the personal information we share with them beyond what is necessary to assist us.

Referrals. When you are referred to us through the therapyBOSS referral program and sign up via the referral link shared with you, the person referring you will be able to see the account’s organizational name, owner’s name and the date of signing up. They will also know the amount of commission they earn based on your use of our services.

Legal compliance. We may be required to disclose personally identifiable information or protected health information under special circumstances, such as to comply with law or court order.

Protection of company and others. We reserve the right to share any information that we reasonably believe is necessary to investigate, prevent, or take action regarding illegal activities or suspected fraud; enforce or apply our terms of use; or protect the rights, property, or safety of the company, our employees, our users, or others.

Business transfers. We may choose to buy or sell assets. In these types of transactions, client information is typically one of the business assets that would be transferred. Also, if we (or our assets) are acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information would be one of the assets transferred to or acquired by a third party.

Other Transfers. Except as set forth above, you will be notified or asked for consent when your personal information may be shared with third parties in a personally identifiable form and will be able to prevent the sharing of this information.

Your rights

You can exercise any of the rights described in this section consistent with applicable law.

The right of access. In some jurisdictions, applicable law may entitle you to request a copy of your personal information undergoing processing if indeed it is.

The right to correction. You have the right to obtain from us without undue delay the correction of inaccurate or incomplete personal information concerning you. We may need to verify the accuracy of the new data you provide to us. We might use any aggregated data derived from or incorporating your personal information after you update it, but not in a manner that would identify you personally directly or indirectly.

The right to erasure. In some jurisdictions, you can request that your personal information be deleted. Please note that if you request deletion:

  • Information about you and information you produce shared by you with others, directly or indirectly, through your contractual relationship with them will continue to be available to them.
  • We may retain your personal information as necessary for our legitimate business interests, such as fraud detection and prevention. For example, if we suspend an account for fraud or safety reasons, we may retain information from that account to prevent the same person from opening a new account in the future.
  • We may retain and use your personal information to the extent necessary to comply with our legal obligations. For example, we may keep information for tax, legal reporting, and auditing obligations.
  • Because we take measures to protect data from system failures, residual copies of your personal information may not be removed from our backup systems for a limited period of time.

Accessing and updating your personal information

You can access and update some of the personal information provided to us through your personal profile and/or account settings. The information you can view and update may change as our services change. If you have any questions about viewing, updating or deleting information we have on file about you, please contact us at We will respond to your request within a reasonable timeframe.

We will retain your information for as long as your account is active or as needed to provide services to you and others. We will further retain your information as necessary to comply with our legal and operational obligations, to resolve disputes, and to enforce our agreements.

Security of your personal information

We are continuously implementing and updating administrative, technical and physical security measures to help secure your information. However, despite these measures, we cannot completely ensure or warrant the security of your information. You can find out more about how we protect it and the steps you can take in our security statement.

Client comments and reviews

You should be aware that any personal information you submit on our blogs and forums as well as those of others can be read, collected, or used by other users who could send you unsolicited messages. We cannot be responsible for the personal information you choose to share in these forums.

Links to other websites

If you click on a link to a third-party website, you will leave our site and go to the site you selected. We do not control the activities of third parties and cannot accept responsibility for any use of your personally identifiable information by such third parties. We also cannot guarantee that they will adhere to the same privacy practices as us. We encourage you to review their privacy policies to make an informed decision.

Data collected by our clients

We may collect information under the direction of our clients and have no direct relationship with the individuals whose personal information our services process. If you are a customer of one of our clients and would no longer like to be contacted by one of our clients using our services, please contact the client that you interact with directly.

Access and retention of data controlled by our clients

A customer of our client who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct his query to the therapyBOSS client. If the customer is a Covered Entity under HIPAA, your rights with respect to your protected health information are governed by HIPAA as well as our Business Associate Agreement with that client. We will retain personal information collected by our clients for as long as needed to provide services to our clients and as necessary to comply with our various obligations.

Data aggregation

We may use Protected Health Information (PHI) collected by our clients from their customers who are Covered Entities under HIPAA to provide data aggregation services (as that term is defined by HIPAA) and to create de-identified data in accordance with 45 CFR 164.514(a)-(c), retaining any and all ownership claims relating to this de-identified information. We may use, during and after this agreement, all aggregate non-identifiable information and de-identified data to improve and enhance our services, technical support and for other business purposes, all in compliance with the HIPAA Privacy Standards, including without limitation the limited data set and de-identification of information regulations.

Our policy towards children

Our services are not intended for children under the age of 18. We will not knowingly collect information from anyone in this age group. If you are under 18, please do not attempt to register for the Services or send any information about yourself to us.

Changes to our privacy policy

We may change this privacy policy from time to time as we assess it against new technologies, business practices and our clients’ and visitors’ needs. We will post any privacy policy changes on this page and, if the changes are significant, we will provide a more prominent notice by sending our registered users an email notification and/or adding an announcement to the appropriate therapyBOSS product website at least thirty (30) days before the effective date. You will be bound by any subsequent changes in the privacy policy, even if you do not become aware of such changes. If you disagree with any changes to this privacy policy, you’ll need to stop using our services.