Data Retention and Lifecycle Practices
Clara Rx retains information for periods necessary to provide services, support healthcare and pharmacy operations, maintain security and audit records, comply with contractual and legal obligations, resolve disputes, enforce agreements, and satisfy legitimate business and operational requirements.
Retention periods may vary depending on the nature of the information, customer requirements, healthcare compliance obligations, operational considerations, legal requirements, and security practices.
This page provides a general overview of Clara Rx data retention and lifecycle practices.
General Retention Principles
Clara Rx may retain information for purposes including:
- Healthcare operational workflows
- Prescription and dispensing records
- Audit and compliance requirements
- Security monitoring and investigations
- Operational continuity
- Backup and disaster recovery
- Customer support and troubleshooting
- Legal and contractual obligations
When information is no longer required, Clara Rx may delete, anonymize, archive, or otherwise dispose of information in accordance with applicable legal, operational, and security requirements.
| Data Category | General Retention Approach |
|---|---|
| Customer account information | Retained while services remain active and as necessary thereafter |
| Authentication and audit logs | Retained for security, audit, operational, and compliance purposes |
| Prescription and dispensing records | Retained in accordance with customer requirements, operational needs, and applicable healthcare obligations |
| Operational support records | Retained as necessary for support, troubleshooting, and operational continuity |
| Backup data | Retained according to operational backup and disaster recovery practices |
| Messaging and communications records | Retained as necessary for operational and compliance purposes |
Customer Responsibilities
Customers are responsible for determining whether their use of the services satisfies their own legal, regulatory, contractual, and healthcare retention obligations.
Customers remain responsible for retention obligations associated with their own records, workflows, policies, and regulatory requirements.
Operational and Security Considerations
Retention periods may be extended where necessary to:
- Detect or prevent fraud or abuse
- Investigate security incidents
- Comply with legal obligations
- Enforce agreements
- Maintain business continuity
- Protect the integrity and security of the services
Changes to Retention Practices
Clara Rx may revise retention practices periodically to reflect operational, legal, security, or business changes.
Questions regarding data retention practices may be directed to: support@clararx.com