Privacy Policy
Grasshopper Health, Inc. – Privacy Policy
Effective Date: April 1, 2026
Last Updated: April 7, 2026
1. Introduction
Grasshopper Health, Inc. (“Grasshopper Health,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your information.
This Privacy Policy describes how we collect, use, disclose, and safeguard information when you:
-
Visit our website
-
Use our Axis Patch™ wearable device
-
Access or interact with the Motus Platform™
-
Participate in clinical research or monitoring programs
-
Receive care supported by our technologies
Our technologies are designed to support:
-
Early detection and diagnosis of disease
-
Monitoring of disease progression
-
Monitoring response to therapy
-
Fall risk detection and fall notification
-
Clinical research and real-world evidence generation
-
Integration with healthcare provider systems, including Electronic Medical Records (“EMRs”)
We also use cookies to allow us to provide our products and services. If you continue to use our website, then we will assume that you agree to our collection and use of your personal data as described in this policy. You may review the Privacy Policy in its entirety below.
2. Scope of This Policy
This Privacy Policy applies to:
-
Website visitors
-
Consumers and patients
-
Healthcare providers and care teams
-
Clinical research participants
-
Caregivers and authorized representatives
Depending on how you interact with Grasshopper Health, your information may also be governed by:
-
The Health Insurance Portability and Accountability Act (HIPAA)
-
Medicare and other payer program requirements (including Remote Therapeutic Monitoring (RTM))
-
Clinical trial consent forms
-
Agreements with healthcare providers, payers, or research sponsors
3. Information We Collect
A. Personal Information
We may collect:
-
Name, email, phone number
-
Date of birth, gender, demographic data
-
Account credentials
-
Communication preferences
B. Health and Biometric Data
When you use the Axis Patch™ or Motus Platform™, we may collect:
-
Movement and gait data
-
Activity levels and functional mobility metrics
-
Physiological signals (as enabled by device capabilities)
-
Fall events and fall risk indicators
-
Disease-specific biomarkers (where applicable and subject to appropriate regulatory authorization, including FDA clearance or approval, as required)
This data may be used for:
-
Detection and diagnosis support
-
Monitoring disease progression
-
Assessing response to therapy
-
Clinical decision support
C. Remote Therapeutic Monitoring (RTM) Data
In connection with Remote Therapeutic Monitoring services (including CPT codes 98975–98981), we may collect and process:
-
Device setup and patient onboarding data
-
Therapy adherence and engagement data
-
Non-physiological therapeutic response data (e.g., mobility, activity patterns)
-
Provider interaction and communication records
-
Time-based monitoring data used to support billing and reimbursement
This data may be used to:
-
Support provider billing and documentation requirements
-
Generate reports for submission to Medicare and other payers
-
Facilitate care management and therapy optimization
D. Device and Technical Data
-
Device identifiers and sensor data
-
IP address, browser type, operating system
-
App usage and interaction data
-
Log files and diagnostics
E. Clinical and Research Data
If you participate in clinical research:
-
Study identifiers and protocol data
-
Outcomes and assessments
-
Data collected under Institutional Review Board (IRB)-approved protocols
F. Data from Healthcare Providers and EMRs
Through integrations with Electronic Medical Record systems, we may receive:
-
Medical history and diagnoses
-
Medications and treatment plans
-
Clinical notes and outcomes
-
Provider-entered observations
4. How We Use Information
We use information to:
A. Provide and Improve Services
-
Operate the Axis Patch™ and Motus Platform™
-
Deliver insights, alerts, and reports
-
Improve device performance and algorithms
B. Clinical and Healthcare Use
-
Support detection, diagnosis, and monitoring
-
Provide data to healthcare providers for clinical decision-making
-
Enable remote patient monitoring and care coordination
C. Remote Therapeutic Monitoring (RTM) and Reimbursement
-
Support provider documentation for CPT 98975–98981
-
Generate reports for billing to Medicare and other payers
-
Facilitate compliance with payer requirements
-
Support audits, reimbursement validation, and program integrity
D. Fall Detection and Safety Monitoring
-
Detect fall events and fall risk
-
Notify designated caregivers, providers, or emergency contacts
E. Research and Development
-
Conduct clinical research and validation studies
-
Develop and validate new disease-specific applications
-
Generate real-world evidence
F. Regulatory and Compliance
-
Support FDA regulatory submissions, including Class I and 510(k) pathways
-
Maintain required records for safety, effectiveness, and quality systems
G. Communication
-
Provide service updates and support
-
Send alerts, notifications, and reminders
-
Respond to inquiries
5. How We Share Information
A. Healthcare Providers and Care Teams
We share information with:
-
Physicians, clinicians, and care coordinators
-
Health systems and provider organizations
For:
-
Diagnosis and treatment
-
Monitoring and clinical decision-making
-
RTM billing and documentation support
B. Electronic Medical Record (EMR) Systems
We integrate with EMRs to transmit data securely for:
-
Inclusion in the medical record
-
Clinical workflows
-
Longitudinal patient monitoring
C. Payers and Reimbursement Entities (RTM)
In connection with RTM services, we may share relevant data with:
-
Medicare
-
Medicaid (where applicable)
-
Commercial payers
This may include:
-
Documentation supporting billed services
-
Monitoring data required for reimbursement validation
-
Audit-related disclosures as required by law
D. Research Partners
We may share data with:
-
Academic institutions
-
Clinical research organizations (CROs)
-
Pharmaceutical and life sciences partners
Data Handling Standards:
-
Data is de-identified or limited in accordance with applicable law
-
De-identification is performed consistent with:
-
HIPAA Safe Harbor standards, or
-
HIPAA Expert Determination methods
-
E. Caregivers and Authorized Individuals
-
Family members or caregivers you designate
-
Senior living facilities or monitoring services
F. Service Providers
-
Cloud infrastructure providers
-
Data processing and analytics vendors
-
Security and compliance vendors
All vendors are contractually required to safeguard your data.
G. Legal and Regulatory Authorities
We may disclose information:
-
To comply with laws and regulations
-
To respond to legal requests
-
To support FDA or other regulatory audits
-
To comply with Medicare and payer program requirements
6. HIPAA and Protected Health Information (PHI)
When Grasshopper Health acts as a Business Associate under HIPAA:
-
We handle PHI on behalf of covered entities
-
Use and disclosure is governed by Business Associate Agreements (BAAs)
-
We implement administrative, physical, and technical safeguards
7. Data Security
We implement industry-standard safeguards, including:
-
End-to-end encryption (data in transit and at rest)
-
Role-based access controls
-
Audit logging and monitoring
-
Secure cloud infrastructure
-
Compliance with HIPAA and applicable FDA cybersecurity guidance
8. Data Retention
We retain data:
-
As long as necessary to provide services
-
As required for clinical, RTM billing, regulatory, and research purposes
-
In accordance with applicable laws and contractual obligations
9. Your Rights and Choices
You may have rights to:
-
Access your data
-
Correct inaccuracies
-
Request deletion (subject to legal and regulatory limits, including RTM and Medicare requirements)
-
Restrict or object to certain processing
Contact: info@grasshopperhealth.com
10. Consumer Health and Non-Medical Use
Some offerings may be used directly by consumers.
We clearly distinguish between:
-
FDA-cleared or approved features
-
Research-use features
-
General wellness features
11. International Data Transfers
We implement appropriate safeguards for cross-border data transfers.
12. Children’s Privacy
Not intended for children under 13 unless part of a regulated program with appropriate consent.
13. Changes to This Policy
We may update this policy periodically.
14. Contact Us
Grasshopper Health, Inc.
3513 Brighton Blvd, Suite 400, Denver, CO 80201
15. Additional Disclosures
Includes rights under:
-
CCPA/CPRA
-
Other applicable state laws
16. Medical Device and Regulatory Data Use
Grasshopper Health products may:
-
Be regulated as medical devices (Class I and 510(k))
-
Collect data required for safety monitoring and compliance
We may use data to:
-
Monitor device safety and performance
-
Detect adverse events
-
Improve algorithms and clinical accuracy
17. Use of Cookies
We use “cookies,” a small text file transferred to your device, along with similar technologies (e.g., internet tag technologies, web beacons, embedded scripts), to help provide you a better, more personalized user experience. These technologies are used to:
-
Make the user experience more user-friendly;
-
Remember your preferences (e.g., browsing language, account login information);
-
Help us understand and improve how visitors use our website, including which of our pages and products are viewed most frequently.
The Options/Settings section of most internet browsers will tell you how to manage cookies and other technologies that may be transferred to your device, including how to disable such technologies. You can disable our cookies or all cookies through your browser settings. Please be advised that disabling cookies through either method may impact many of our website’s features. Instructions for blocking or allowing cookies in common internet browsers are provided at the links below: