Privacy Policy

NeuroEndo CaseLog · Last updated: April 6, 2026 · Effective date: April 6, 2026

  Summary: NeuroEndo CaseLog does not collect, store, or transmit any patient information or Protected Health Information (PHI). The app is a personal procedural training log for medical fellows and contains no patient identifiers of any kind.

1. About This Policy

This Privacy Policy describes how Mohamed Elfil ("we," "us," or "our") collects, uses, and protects information when you use the NeuroEndo CaseLog mobile application ("the App"). By using the App, you agree to the practices described in this policy.

2. What We Collect

We collect only the minimum information necessary to operate the App:

Account information: Your email address and password (used solely for authentication via Google Firebase).
Profile information: Your name, institution, clinical background (Neurology, Neurosurgery, or Radiology), fellowship year, and fellowship dates — entered voluntarily by you.
Procedural case log data: De-identified procedure details including procedure type, technique, vessel catheterized, role (primary/assisted), attending initials, fluoroscopy time, findings, and notes. No patient identifiers are collected.

3. What We Do NOT Collect

The App is designed to be PHI-free. We do not collect, and our systems are not designed to receive, any of the following:

Patient names, dates of birth, or ages
Medical record numbers (MRNs)
Social Security numbers or government IDs
Patient addresses, phone numbers, or email addresses
Dates of service linked to patient identity
Any other information that could identify a specific patient

A mandatory acknowledgment screen is presented to every user upon account creation requiring them to confirm they will not enter any PHI. Users are solely responsible for ensuring that no patient-identifying information is entered into the App.

4. How We Use Your Information

The information you provide is used exclusively to:

Authenticate your account and maintain your session securely
Display your case log, analytics, and CAST progress tracker
Generate PDF reports for sharing with your Program Director
Sync your data across devices via Google Firebase

We do not use your information for advertising, marketing, or any commercial purpose. We do not sell, rent, or share your personal information with third parties, except as described in Section 6 below.

5. Data Storage and Security

Your data is stored securely using Google Firebase (Firestore), a cloud database service provided by Google LLC. Data is encrypted in transit using TLS and at rest using AES-256 encryption. Access to your data is protected by Firebase security rules that restrict access to your authenticated user account only.

While we take reasonable measures to protect your information, no system is completely secure. You are responsible for maintaining the confidentiality of your account credentials.

6. Third-Party Services

The App uses the following third-party services:

Google Firebase (Authentication and Firestore database) — Firebase Privacy Policy
Google Sign-In (optional authentication method) — Google Privacy Policy
Expo / EAS (app distribution platform) — Expo Privacy Policy

These services may collect certain technical information (such as device identifiers and IP addresses) in accordance with their own privacy policies.

7. HIPAA Notice

NeuroEndo CaseLog is not a covered entity or business associate under the Health Insurance Portability and Accountability Act (HIPAA). The App is designed as a personal training log and is not intended to be used as a medical record system, electronic health record, or any system covered by HIPAA. Users must not enter any Protected Health Information into the App. Entering PHI may violate HIPAA regulations and your institution's privacy policies, for which you are solely responsible.

8. Children's Privacy

The App is intended for use by licensed medical professionals and medical fellows only. We do not knowingly collect information from individuals under the age of 18. If you believe a minor has created an account, please contact us immediately at mohamedelfil90@gmail.com.

9. Data Retention and Deletion

Your data is retained for as long as your account is active. You may request deletion of your account and all associated data at any time by contacting us at mohamedelfil90@gmail.com. Upon verification, we will delete your account and all associated data within 30 days.

10. Your Rights

You have the right to:

Access the personal information we hold about you
Correct inaccurate information in your account
Request deletion of your account and data
Export your case log data (via the CSV export feature in the App)

To exercise any of these rights, contact us at mohamedelfil90@gmail.com.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the App after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please contact us at:

Mohamed Elfil
Email: mohamedelfil90@gmail.com