Terms of Service

By accessing or using QR Rx ("the Service"), you agree to be bound by these Terms of Service ("Terms"). If you are using the Service on behalf of a healthcare practice, clinic, hospital, or other organization, you represent and warrant that you have the authority to bind that entity to these Terms. If you do not agree to these Terms, please do not use the Service. Your use of the Service is also governed by our Privacy Policy, available at qrrx.io/privacy.

QR Rx is a digital aftercare management platform where healthcare providers create, distribute, and monitor personalized care plans, medication schedules, patient communications, and follow-up workflows for their patients after a procedure. The Service includes:

• Care plan creation with procedure-specific templates and custom instructions
• QR code generation for easy patient access to their care plans
• Medication tracking, dose reminders, and adherence monitoring
• Recovery milestone tracking and symptom logging
• Symptom check-in logging and recovery tracking
• Analytics and outcome reporting for providers
• Team management with role-based access controls

QR Rx serves two primary user categories with different access models:

Providers include healthcare professionals, practice administrators, and authorized team members who create and manage care plans. Providers access the Service through authenticated accounts with email verification or Google sign-in.

Patients are individuals who receive care plans from their healthcare providers. Patients access their care plans by scanning a QR code and verifying their identity with their date of birth and a secure access PIN. Patients do not need to create an account.

As a provider using QR Rx, you are responsible for:

• Care plan accuracy: Ensuring that all care plan content, including instructions, medications, and milestones, is accurate, appropriate, and within your scope of practice.
• HIPAA compliance: Maintaining compliance with HIPAA and all other applicable healthcare regulations, including training your staff on proper use of the platform and ensuring appropriate safeguards are in place at your practice.
• Team access management: Managing team member invitations, roles, and permissions, and promptly removing access for team members who leave your practice or no longer require access.
• Patient communication: Ensuring that messages sent through the platform are professional, appropriate, and compliant with applicable regulations.
• Obtaining consent: Obtaining any required patient consent for treatment, communication, and data collection as required by applicable law.

Patient access to care plans is protected by a multi-step verification process. Patients must scan a valid QR code and verify their identity using their date of birth and a unique access PIN provided by their healthcare provider. Patient sessions remain valid for the duration of the recovery window (typically the procedure date plus the recovery period plus seven days) and are then automatically retired.

QR Rx is a communication and tracking tool. It does not provide medical advice, diagnosis, or treatment. All care plan content is created by your healthcare provider and reflects their professional clinical judgment. QR Rx does not independently verify, endorse, or modify any care plan content.

If you are a patient experiencing a medical emergency, call 911 or your local emergency number immediately. Do not rely on QR Rx for emergency medical guidance.

Always consult your healthcare provider with questions about your care, medications, or recovery.

Provider accounts require email verification or authentication through Google sign-in. You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account. You must notify us immediately at security@qrrx.io if you suspect any unauthorized access to your account.

We reserve the right to suspend or terminate accounts that we reasonably believe have been compromised or are being used in violation of these Terms.

By providing a phone number or enabling push notifications through QR Rx, you consent to receive care-related communications including:

• Medication reminders and dose alerts
• Appointment reminders
• Recovery milestone notifications
• Messages from your healthcare provider

Push notifications can be disabled through your device settings. Opting out of notifications will not affect your access to your care plan.

We will never send marketing or promotional messages to patient phone numbers. All communications are care-related and initiated by your healthcare provider.

You agree not to:

• Use the Service for any unlawful purpose or in violation of any applicable regulation
• Attempt to access care plans, accounts, or data belonging to others without authorization
• Transmit malicious code, viruses, or any material that could damage or interfere with the Service
• Use automated tools to scrape, crawl, or extract data from the Service
• Impersonate any person or entity, or misrepresent your affiliation with any person or entity
• Use the Service to transmit unsolicited communications or spam

The QR Rx platform, including its design, code, features, documentation, and branding, is the property of QR Rx and is protected by copyright, trademark, and other intellectual property laws. You may not copy, modify, distribute, or create derivative works based on the Service without our prior written consent.

Care plan content created by providers remains the intellectual property of the creating provider. QR Rx claims no ownership over provider-created content. We retain a limited license to host, display, and transmit your content solely for the purpose of operating the Service.

When QR Rx processes Protected Health Information (PHI) on behalf of a healthcare provider, we act as a Business Associate under HIPAA. All provider accounts are required to accept our Business Associate Agreement (BAA) during registration.

The BAA is presented during account creation and must be accepted before accessing the platform. A copy is available at qrrx.io/baa at any time. Our BAA outlines the permitted uses and disclosures of PHI, our security obligations, breach notification procedures, and termination provisions.

Current pricing is available on our website and within the application. We reserve the right to modify pricing with at least 30 days advance notice. Price changes will not apply retroactively to any active billing period. If you do not agree with a price change, you may cancel your subscription before the new pricing takes effect.

We believe your data belongs to you. Providers may export their patient data, care plans, and analytics at any time through the platform or by contacting support. Patients may request a copy of their care plan data in a portable format by contacting their provider or by reaching out to us at privacy@qrrx.io. We will fulfill data export requests within 30 days.

We strive to maintain high availability of the Service but do not guarantee uninterrupted access. The Service may be temporarily unavailable due to maintenance, updates, or circumstances beyond our control. We will make reasonable efforts to provide advance notice of scheduled maintenance. Critical care plan data accessed by patients is designed to remain available even during routine maintenance windows.

By you: You may terminate your account at any time by contacting support. Upon termination, your access to the provider portal will be revoked.

By us: We may suspend or terminate your access if you violate these Terms, engage in activity that harms the Service or other users, or fail to pay applicable fees. We will provide reasonable notice before termination except in cases of serious violation.

Data retention: Patient care plan data is retained for the duration of the provider's active subscription. Upon account termination, providers have 30 days to export their data, after which all data is permanently deleted. Providers are responsible for maintaining their own medical records in accordance with applicable state and federal retention requirements.

To the maximum extent permitted by law, QR Rx and its officers, directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages arising from your use of or inability to use the Service. This includes, without limitation, damages for loss of data, loss of revenue, or interruption of service.

Our total aggregate liability for any claims arising from or related to the Service shall not exceed the total amount you paid to QR Rx in the twelve months preceding the claim.

Nothing in these Terms limits liability for death or personal injury caused by negligence, fraud, or any other liability that cannot be excluded by law.

You agree to indemnify, defend, and hold harmless QR Rx and its officers, directors, employees, and agents from any claims, damages, losses, or expenses (including reasonable attorneys' fees) arising from: (a) your use of the Service, (b) your violation of these Terms, (c) your violation of any applicable law or regulation, or (d) care plan content you create or distribute through the Service.

These Terms are governed by the laws of the State of New York, without regard to conflict of law principles. Any disputes arising from these Terms or the Service shall first be addressed through good-faith negotiation. If a resolution cannot be reached within 30 days, either party may pursue binding arbitration administered by the American Arbitration Association under its Commercial Arbitration Rules. Arbitration will take place in New York or remotely, at the election of the complaining party.

Nothing in this section prevents either party from seeking injunctive or other equitable relief in a court of competent jurisdiction to prevent irreparable harm.

We may update these Terms from time to time. If we make material changes, we will notify you by posting a prominent notice within the application or by email at least 30 days before the changes take effect. Your continued use of the Service after changes are posted constitutes your acceptance of the updated Terms.

The Service may use AI-powered tools for features such as language translation of care plans and automated brand color extraction. AI-generated content is provided as a convenience but may contain errors. Providers are responsible for reviewing and verifying translated care plan content before distributing it to patients. AI features do not involve clinical decision-making and are not used to generate, modify, or recommend medical treatment or care plan instructions.

QR Rx offers an optional AI care plan assistant called Cura that answers patient questions using care plan content created and approved by the patient's healthcare provider, plus a verified cross-clinic knowledge base of procedure-specific aftercare answers reviewed by multiple clinical teams. Cura does not constitute medical advice, diagnosis, or treatment. It does not replace the judgment of a licensed healthcare professional. The assistant cannot answer questions outside the scope of the patient's care plan. For medical emergencies, call 911. For urgent concerns or questions not addressed by the assistant, contact your healthcare provider directly. Healthcare providers may enable or disable Cura at their discretion and may curate verified responses through the provider dashboard.

Cura is designed so that patient identifiers never reach a third-party AI service and so that knowledge shared across clinics is never tied to an individual clinic, an individual patient, or the original asking patient's question text. The full mechanics, including the Cura Knowledge Base disclosure and the provider opt-out, are described in our Privacy Policy and our Business Associate Agreement.

Your privacy is important to us. Our Privacy Policy, available at qrrx.io/privacy, describes how we collect, use, store, and protect your information. By using the Service, you agree to the collection and use of information as described in our Privacy Policy.

For questions about these Terms, please reach out to us:

Email: legal@qrrx.io
Subject line: Terms Inquiry

We aim to respond to all inquiries within 10 business days.