Legal

Privacy Policy

Last updated: June 6, 2026

1. Who we are

PracticeLien is a software service operated by Seven Seas LLC ("PracticeLien", "we", "us"). We provide a case-and-lien management application for personal-injury medical practices that sits on top of their existing electronic health record (EHR) system.

2. What this policy covers

This policy describes how we handle information on the practicelien.com marketing website and how we handle protected health information (PHI) inside the PracticeLien application.

3. Information we collect on the marketing site

We aim to collect as little as possible.

4. Information processed inside the application

The PracticeLien application processes patient, case, billing, and lien data on behalf of the medical practice. This may include PHI as defined by HIPAA. We act strictly as a business associate.

5. Subprocessors

We use a small set of vendors to operate the service. Where PHI is involved, we maintain a BAA with the vendor.

VendorPurposeBAA
Google Cloud PlatformApplication hosting, database, storageYes
ClerkAuthentication, multi-factor loginYes
StripeSubscription billingYes
Postmark / ResendTransactional emailYes
SentryError monitoring (PHI scrubbed)Yes
DocuSealDocument e-signatureYes
VercelMarketing site only (no PHI)N/A

We update this list when our subprocessors change. Customers can request the current list at any time.

6. Your rights

If you are a patient of a practice that uses PracticeLien, your rights to access, correct, or restrict use of your health information come from HIPAA and apply to the medical practice that treats you. Please contact that practice directly. We will support the practice in fulfilling your request.

If you are a visitor to practicelien.com in a jurisdiction with general privacy rights (e.g., California's CCPA/CPRA, the EU/UK GDPR), you can ask us to confirm what information we hold about you, correct it, or delete it. Email info@sevenseasstrategies.com.

7. Security

We follow industry-standard administrative, technical, and physical safeguards. A more detailed description of our security program is on the Security page.

8. Children

The marketing site is not directed to children under 13. Patient data inside the application may include minors and is handled under HIPAA, governed by the customer's BAA.

9. Changes to this policy

We will post material changes to this page and update the "Last updated" date above. Continued use of the service after a change constitutes acceptance of the revised policy.

10. Contact

Questions about this policy or our handling of your information:

Seven Seas LLC · info@sevenseasstrategies.com

Note. This is the v1 published policy. Customers under a signed BAA should treat the BAA as the controlling document for the handling of PHI; this policy is a plain-English summary, not a substitute.