Privacy Policy

Last updated: March 30, 2026

Summary: CodeRx does not collect personal information, does not require an account, and does not sell any data. Clinical text sent for AI analysis is not stored on our servers.

What CodeRx Does

CodeRx is a Chrome Extension that helps medical coders and billers look up CPT, HCPCS, and ICD-10 codes. It provides AI-powered code suggestions from clinical text and checks for NCCI bundling conflicts.

Data We Collect

We do not collect personal information. Specifically:

  • No account required — no email, name, or login
  • No tracking or analytics — no cookies, no fingerprinting, no user behavior tracking
  • No data sold or shared — ever

How the Extension Works

Local Code Search

When you search for CPT or ICD-10 codes, the search happens entirely on your device using a local database stored in your browser. No data is sent to any server for search queries.

AI Code Suggestions

When you use the "Suggest Codes" feature, the clinical text you enter is sent to our server to generate code suggestions:

  • Your text is sent to a secure server (hosted on Supabase) via HTTPS
  • The server forwards the text to OpenAI's GPT-4o-mini model for analysis
  • Suggested codes are returned to your browser
  • We do not store the clinical text — it is processed in real-time and discarded
  • We do not log or retain any clinical notes, patient information, or PHI

NCCI Bundling Checks

When the extension checks for NCCI bundling conflicts, only CPT code numbers (not clinical text) are sent to our server. No patient information is transmitted.

Lookup History

Your search and suggestion history is stored locally in your browser only. It is never sent to our servers. You can clear your history at any time from the History tab.

Data Storage

  • Local data: CPT codes, ICD-10 codes, and your lookup history are stored in your browser's IndexedDB. This data stays on your device.
  • Server data: Our server stores the CPT/ICD-10 code database and NCCI edit rules. No user data is stored on our servers.
  • Anonymous client ID: A random, anonymous identifier is generated locally to manage rate limiting. This ID cannot be used to identify you.

Third-Party Services

  • Supabase — hosts our code database and server functions
  • OpenAI — processes clinical text for AI suggestions. Per OpenAI's API data usage policy, data sent via their API is not used to train their models.

HIPAA Disclaimer

CodeRx is designed as a coding reference and suggestion tool. While we take reasonable measures to protect data in transit (HTTPS encryption) and do not store clinical text, CodeRx is not a HIPAA-covered entity and does not claim HIPAA compliance. Users should follow their organization's policies regarding the use of external tools with clinical documentation.

Children's Privacy

CodeRx is a professional tool designed for medical coding professionals. It is not directed at children under 13 and we do not knowingly collect information from children.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected in the "Last updated" date above.

Contact

If you have questions about this privacy policy, please contact us at: support@coderx.app