Privacy Policy | Go Live Command

Privacy for operational launch support.

Go Live Command collects the minimum operational context needed to route, resolve, report, and audit support work while keeping patient, customer, payment, and secret data out of the product.

Last updated: May 21, 2026

1. What Go Live Command Collects

Go Live Command collects operational launch and support data such as account identity, role, organization, project assignment, site or area, request category, urgency, callback point, device or workstation identifier, routing status, acknowledgements, interactions, audit events, and approved knowledge activity.

The platform is designed for operational support. It must not be used to submit patient identifiers, payment data, passwords, badge secrets, clinical details, or other private identifiers.

2. How Data Is Used

We use operational data to route support requests, staff command-center queues, send approved notifications, generate no-PHI reports, maintain audit logs, improve launch readiness, and administer customer accounts.

AI-assisted features are used only for operational classification, summarization, suggested routing, issue clustering, training gap detection, and draft guidance. Human approval is required before staff-facing Answer Hub guidance is pushed to users or the knowledge base.

3. No-PHI Product Boundary

Go Live Command is no-PHI by design. Intake copy, validation, audit scrubbing, and reporting controls are built to avoid patient-identifying information and clinical decision support.

If a customer requires Go Live Command to operate under HIPAA obligations, a signed Business Associate Agreement and approved subprocessor posture must be in place before production use.

4. Integrations and Processors

Customers may configure optional integrations such as SSO, Microsoft Teams, Microsoft Forms, Microsoft Excel exports, GroupMe-style room bridges, email, SMS, workflow automation, workforce systems, ticketing systems, object storage, and SIEM monitoring.

Integration data is scoped to the customer's approved project configuration. Credentials are stored encrypted, access is audited, and integrations can be disabled without deleting historical audit records.

5. Retention and Deletion

Operational records are retained according to the customer's contract, launch policy, audit requirements, and configured retention settings. Audit logs may be retained longer where legally or contractually required.

Project offboarding deactivates access while preserving historical audit and reporting evidence unless the contract or legal obligation requires a different retention action.

6. Security

Go Live Command uses role-based access control, signed sessions, CSRF protection, security headers, encrypted secrets, audit logging, production readiness gates, provider health checks, and no-PHI validation around staff intake and communications.

Customers should configure SSO, MFA/passkeys where available, least-privilege project roles, approved provider accounts, and network or device policies before broad production launch.

7. Contact

Privacy, security, and data requests should be routed to the customer administrator or Go Live Command account owner identified in the customer agreement.

This policy is a product template and operational disclosure. Final customer contracts, BAAs, and data-processing terms control where they differ.