Privacy Policy
This Privacy Policy describes how PreOpClear, operated by Perioperative Solutions LLC ("PreOpClear", "we", "us") collects, uses, discloses, and protects information in connection with the PreOpClear pre-operative screening platform (the "Service"), including our SMS program. PreOpClear is a product of Perioperative Solutions LLC; all contracts, Business Associate Agreements, and the registered A2P 10DLC brand are held in the name of Perioperative Solutions LLC.
Business identity: Perioperative Solutions LLC operates PreOpClear as a healthcare technology service for licensed surgical facilities and their patients. Public SMS consent details are available at preopclear.net/sms-consent.html. Support is available at support@preopclear.net; privacy questions may be sent to privacy@preopclear.net.
PreOpClear (Perioperative Solutions LLC) is a Business Associate under HIPAA when providing services to covered entities (surgical facilities and their clinicians). Our handling of Protected Health Information ("PHI") is governed by HIPAA, applicable state laws, and the Business Associate Agreement ("BAA") between Perioperative Solutions LLC and the facility.
1. Information we collect
We collect information from two primary sources: (a) the facilities that contract with us, and (b) the patients to whom they refer us.
From facilities: patient demographics (name, date of birth, phone number, medical record number if applicable), procedure details (procedure name, scheduled date, surgeon, facility location), and user account details for clinician access to the provider dashboard.
From patients (via SMS): responses to pre-operative screening questions, which may include current medications, medical conditions, allergies, recent surgeries, smoking and substance use status, and other clinical information relevant to anesthesia planning.
Automatically: standard technical metadata (IP address for audit logs, request timestamps, user agent when clinicians use the dashboard). Message delivery metadata is received from our SMS carrier (Twilio).
2. How we use information
- To conduct the pre-operative screening conversation with the patient via SMS.
- To structure the patient's responses into a clinical summary for the facility's clinicians.
- To apply the facility's configured clinical protocols and surface safety flags, medication holds, and escalations.
- To send message delivery notifications, appointment reminders, and medication instructions.
- To maintain audit logs required by HIPAA and applicable state laws.
- To provide customer support to the facility.
We do not sell patient information, use it for advertising, or share it with third parties for marketing purposes.
3. SMS program
Our SMS messages are sent by PreOpClear, operated by Perioperative Solutions LLC (the registered A2P 10DLC brand and toll-free sender). They are transactional and are sent only to patients who have opted in through their facility by signing a written consent form during in-person surgical scheduling. The consent form identifies the sender as "PreOpClear, operated by Perioperative Solutions LLC."
3.1 Patient consent script (read aloud at scheduling)
Before presenting the written consent form, facility staff read the following script to the patient in person at the surgical scheduling appointment. The patient provides express verbal consent, then signs the written form. Nothing is sent before the patient says "yes" and signs.
"Your surgery at [facility name] is scheduled for [procedure date]. To prepare you for surgery, we use a text-message pre-operative screening service called PreOpClear, which is operated by Perioperative Solutions LLC. If you agree, PreOpClear will send text messages to the phone number you provide today. You will receive approximately 3 to 8 text messages over the 10 days leading up to your procedure. The messages will include identity verification, health intake questions about your medications and medical conditions, medication hold instructions for surgery day, and fasting and arrival reminders. Message and data rates may apply from your wireless carrier. You can stop the messages at any time by replying STOP, and you can reply HELP for help. No promotional or marketing messages will ever be sent, and your phone number will not be shared with anyone other than the service providers required to deliver the messages. Our Privacy Policy is available at preopclear.net/privacy.html. Do you consent to receive these pre-operative text messages from PreOpClear, operated by Perioperative Solutions LLC, at the phone number [patient phone]?"
If the patient answers "yes," staff then hand the patient the written consent form containing the same disclosures, the patient signs and dates it, and the signed form is retained in the patient's file. The patient's phone number is only entered into PreOpClear after the form is signed. No text-keyword, web-form, app-based, or other remote opt-in method is used. The reviewer-verifiable Call to Action and written consent disclosure are also published at preopclear.net/sms-consent.html.
- Message types: pre-operative screening, identity verification, medication instructions, appointment reminders.
- Frequency: typically 3–8 messages per patient across the 10 days preceding surgery. Outside of that window, messages are not sent.
- Opt-out: reply STOP at any time to any message to unsubscribe. Opt-outs are honored immediately and permanently unless the patient re-enrolls through their facility.
- Help: reply HELP for support instructions, or email support@preopclear.net.
- Carrier fees: message and data rates may apply depending on the patient's wireless plan.
- Phone numbers are never shared with third parties for marketing. They are disclosed only to our SMS carrier (Twilio) for the purpose of delivering the messages, under a signed Business Associate Agreement.
4. How we share information
- The patient's facility. Facility staff authorized by the facility see the patient's screening data. This is the purpose for which the data is collected.
- Service providers under BAA. A limited set of subprocessors support the platform, each under a signed BAA: Amazon Web Services (hosting), Twilio (SMS delivery), Anthropic (language processing). None of these parties use PHI for any purpose other than providing services to PreOpClear.
- Legal obligations. We may disclose information if required by law, subpoena, or to protect the rights, safety, or property of any person.
5. How we protect information
- Encryption at rest. All PHI in our database is encrypted using AES-256-GCM with a dedicated, rotated key.
- Encryption in transit. All connections use TLS 1.2 or higher; our SMS webhooks require TLS 1.3.
- Access controls. Clinician access is restricted to the patients of their own facility. Every access is audited at the database level.
- Audit retention. Audit logs are immutable and retained for seven years.
- Incident response. PreOpClear maintains a documented incident response plan and will notify affected facilities in accordance with the BAA and HIPAA Breach Notification Rule.
6. Retention
Clinical records are retained for the period required by the facility's policy and applicable law, typically seven years after the patient's procedure date. Audit logs are retained for seven years. A patient may request deletion through their facility, subject to legal retention requirements.
7. Patient rights
Patients have the rights afforded them under HIPAA and their facility's Notice of Privacy Practices, including the right to access their information, request corrections, and request restrictions on use. Patients exercise these rights through their facility.
8. Children
The Service may be used for patients under the age of 18 when the facility has obtained consent from a parent or legal guardian in accordance with applicable law.
9. Changes to this policy
We may update this policy. Material changes will be posted on this page with a revised effective date. Continued use of the Service after a change constitutes acceptance of the updated policy.
10. Contact
Questions about this policy or our handling of patient information:
PreOpClear, operated by Perioperative Solutions LLC
Privacy & Security
Email: privacy@preopclear.net