Caliper Data-Use Addendum

Caliper is the practice-side product operated by Scriptlane, a service of BID Partners LLC. This addendum applies to every practice that installs Caliper through any supported EHR partner channel (athenahealth, Canvas Medical, NextGen, Elation, Veradigm, and successor channels) and complements Scriptlane's general Terms of Service and Privacy Policy.

What Caliper reads from your EHR

Caliper requests and receives aggregate counts only. The reads we perform on behalf of an installed practice are scoped to the practice's own panel and do not contain individually identifying patient information.

• Aggregate patient counts by age band, diagnosis category, and payer category.
• Specialty distribution of clinicians associated with the practice (NPI-level for the clinicians, never patients).
• Population-level adherence rates by drug class, expressed as percentages with a cell-size-floored at-risk count.
• Trailing twelve-month rolling totals for active patients, new patients, and return visits.

What Caliper never reads, requests, or stores

• Patient identifiers (medical record number, name, date of birth, SSN, address, phone, email).
• Per-patient clinical records, lab values, imaging results, or chart text.
• Payment-card data, financial records, or anything outside the aggregate-counts surface above.
• Any field appearing on Caliper's PHI deny-list at the API boundary. A response containing a denied field is rejected before persistence and the read fails closed.

Cell-size floor

Every count Caliper surfaces is floored at eleven (11) - any smaller bucket is reported as zero. This mirrors the privacy commitments your practice already makes to its patients and prevents indirect re-identification through small-cohort leakage.

Cross-product firewall

Caliper data does not flow into Scriptlane's pharma-broker product (“Scope”). The two products run in the same platform but in separate data namespaces. We do not aggregate, anonymize, or otherwise re-purpose Caliper reads for Scope without explicit, separate, per-practice opt-in via a future addendum that is not in force today.

Business Associate posture

Caliper is architected so that Protected Health Information (“PHI”), as defined at 45 CFR § 160.103, never enters our systems. Because Caliper does not receive, create, maintain, or transmit PHI on behalf of a Covered Entity, we are generally not a Business Associate under HIPAA in connection with the Caliper product. Where a counterparty determines in good faith that a BAA is operationally required, we will execute one on first review on the same terms as our general BAA Statement.

Audit and traceability

Every read Caliper performs against your practice is logged in the Activity Log shown on your settings page. Logs record the action, the entity, and the timestamp; we never log patient data. Logs are retained for the life of the subscription plus twelve months for compliance review.

Sub-processors

Caliper relies on the same sub-processors as the rest of Scriptlane: Vercel (hosting), Supabase (managed Postgres + auth), Stripe (billing), Resend (transactional email), and AWS (KMS for any future encrypted artifacts). The list is published on our trust page and updated when a sub-processor changes.

Termination and data return

On termination of your Caliper subscription, we delete the practice's aggregate read cache and audit log within thirty (30) days, except where retention is required by law. Because Caliper holds no PHI, there is no separate data-return obligation under HIPAA; aggregate counts can be re-derived from your EHR on reinstatement.

Changes to this addendum

We will provide at least thirty (30) days' notice before any material change to this addendum. Continued use of Caliper after the effective date of a change constitutes acceptance.