Privacy & Security Tips
Practical steps to protect your privacy and keep your account secure.
Manage your privacy and data sharing
Choose what data mhico uses and what leaves the app.
Review your consent settings
Go to Settings → Privacy & Consent to see how your data is used. Here is how consent works today:
- ›Core service consent covers AI analysis, plan comparison, and claims insights. It stays active for as long as you have an account, since it is what lets mhico work. To withdraw it, delete your account, which removes your data.
- ›Marketing communications are not available yet. We currently do not send marketing messages.
- ›Questions about your data or consent? Contact julia@mhico.ai.
Manage sensitive health data categories
Certain claims fall under special federal legal protections, including substance use and addiction treatment records (42 CFR Part 2), mental and behavioral health, HIV/AIDS, sexually transmitted infections, reproductive health, genetic information, and domestic violence. mhico does not import or store these claims by default. You can choose to enable specific categories so those claims are imported and accessible to the AI companion.
- ›Go to Settings → Sensitive health data to see which protected categories appear in your insurer’s data and to enable or disable each one.
- ›After enabling a category, sync your insurer again on the Link Insurer page to import the previously skipped claims.
- ›Important: disabling a category permanently deletes all insurer-imported claims in that category, right away and with no undo. You will see a confirmation prompt first. Claims you uploaded or entered yourself are never put in a sensitive category, so they are not affected.
The Sensitive health data section only appears in Settings if your insurer’s data contains claims in a protected category, either already imported (with prior consent) or detected and suppressed during a previous sync. If an insurer sends a family member’s data, any protected-category claim that is not yours is rejected and never stored.
Control what is shared when checking marketplace plan coverage
When you shop for an ACA marketplace plan - in the Open Enrollment plan finder or by asking the AI chat - mhico can check which plans cover your specific medications and doctors. To do that, it asks the public federal CMS Marketplace plan finder (HealthCare.gov), which means the medication and doctor names you provide are sent to CMS. For an employer or COBRA comparison, your medication names instead go to our AI assistant (AWS Bedrock, under our HIPAA agreement) to estimate your drug costs. This is always your choice.
- ›It is off until you turn it on. In the plan finder, your medications and doctors are sent only if you tick the consent box. In chat, the AI confirms with you first. If you skip it, plan searches use only price and benefit details - no medication or doctor names leave mhico.
- ›What is sent: only the medication and doctor names you enter, plus your ZIP, age, income, and household used to price plans. CMS uses them to return coverage results; mhico does not log the names. Your age, income, and household are used only to run the search and are not saved to your account.
- ›2FA required: the plan finder and AI chat both require two-factor authentication to protect your health information.
See the CMS Marketplace API row in Section 6 of the Privacy Policy for details.
Limit ad-click tracking with Do Not Track
mhico uses cookies only to keep you logged in and protect your account. We never use analytics, tracking, or advertising cookies, and we load no ad pixels or scripts on any page. The one piece of ad-related data we handle is a click ID that Google or Reddit adds to your link if you arrive from one of their ads. We use it only to tell whether the ad led to a signup, and you can opt out.
- ›Turn on “Do Not Track” (DNT) in your browser settings. Most browsers offer it under privacy or security options.
- ›What it does: when your browser sends a DNT signal, mhico will not record the ad click identifier from your link and will not report your signup to Google or Reddit as a conversion, even if you came from one of their ads.
- ›What it does not affect: everything else works normally. Your login cookie is not changed by DNT, since it is required to keep you signed in.
How mhico’s AI works
What the AI features do and how they handle your health data.
See every AI feature and the data it uses
mhico uses Anthropic’s Claude models (through Amazon Bedrock) to power the features below. Each one uses only the data described.
- ›Ask Mhico chat. Answers coverage, cost, and claims questions in plain language. It can search the web, look up drug formularies and in-network providers, estimate out-of-pocket costs, and compare ACA, Medicare, Medicaid, and employer plans. If you have linked an insurer, it uses your saved plan details and recent claims to personalize answers - remove your insurer on the Link Insurer page to turn that off.
- ›Claims analysis. On the Claims page, upload an EOB or bill, or pick a claim already imported, and the AI explains what was billed, allowed, and owed, and flags possible errors such as duplicate charges, upcoding, or unbundling.
- ›Claims file import. The AI reads a claims file you downloaded from your insurer (CSV, Excel, or PDF) and pulls out each claim to store in your account. It is used only to parse the file. An imported file is stored as-is and is not screened for sensitive categories, so import only claims you are comfortable storing.
- ›Appeal and dispute drafts. From a completed analysis, the AI can draft an appeal letter, dispute email, or phone script. These are always marked as starting points and are never sent for you.
- ›Plan autofill. Upload a photo of your insurance card, a benefits summary, or employer plan documents, and the AI reads them to fill in your plan details. You review and confirm before anything is saved.
- ›Marketplace coverage matching. When shopping for ACA plans, the AI can check which plans cover your medications and doctors by asking HealthCare.gov. This sends those names to CMS and is off until you opt in - see “Control what is shared when checking marketplace plan coverage” above for details.
- ›Saving details from chat. If you share plan information in chat (for example by uploading your insurance card), the companion may offer to save it to your profile. You are always asked to confirm first.
Understand how the AI works, its limits, and your privacy
All of mhico’s AI features run on Claude through Amazon Bedrock, under mhico’s HIPAA Business Associate Agreement with AWS. Here is how your data is handled and where the AI falls short.
- ›What the AI sees, and what it never sees. The AI works from service descriptions, dates, financial amounts, and provider names. Personal identifiers such as member IDs, group numbers, and dates of birth are excluded and never sent to the AI or stored. For claims your insurer sends automatically, diagnosis codes, procedure codes, and internal IDs are also stripped first. A document you upload is read once to pull out this information, then the original file is discarded, not kept.
- ›Never used for training. Anthropic and AWS do not use your messages, uploads, or the AI’s answers to train their models, and mhico does not use your data to train any AI. There is nothing to opt out of.
- ›Not logged or shared. Your health context is sent to the AI only to generate your response. Bedrock does not log, store, or share it beyond that.
- ›Chat history is short-lived. Chats are saved to your account encrypted, but only while you are logged in. You are logged out 14 days after signing in, and your chat history is cleared then. You can delete individual chats anytime, and files you attach in chat are processed in memory only, never written to disk. A small metadata record (that a chat happened and which tools ran, but not the message text) is kept 90 days for your Activity Log, then deleted.
- ›Deleting claims and retention. The delete icon on any claim card permanently removes that claim, its document text, its analysis, and any draft letter. Resolved claims are purged automatically 3 years after the date of service; others stay until you delete them or close your account.
- ›The AI can be wrong. Claude is a general-purpose model, not FDA-cleared and not a substitute for professional advice, and it can be inaccurate or out of date. Confirm coverage and cost decisions with your insurer, and any health question with your doctor.
- ›2FA required. The AI chat, claims analysis and import, the plan finder, and other sensitive actions require two-factor authentication to protect your health information.
- ›Report a problem. To flag an inaccurate or harmful answer, or a privacy concern, email julia@mhico.ai. In a medical emergency, call 911.
For the full details, see Section 17 of the Privacy Policy and the linked Anthropic and AWS documentation for what data is shared with the AI and how it is handled.
Keep your account secure
Protect your login, spot scams, and know what happens if something goes wrong.
Secure your account credentials
- ›Set up two-factor authentication (2FA). mhico supports two methods: an authenticator app (TOTP) and SMS OTP (a code sent to your phone). You can enable one or both from Settings → Security. The authenticator app is the stronger choice; SMS is more convenient but weaker, so we recommend an authenticator app if you can use one. 2FA is required to use the AI chat companion, and mhico will re-verify your code before sensitive actions like exporting your data or closing your account. Set it up before you need it.
- ›Save your recovery codes. When you enable the authenticator app, mhico generates one-time recovery codes that let you regain access if you lose your device. Store them somewhere safe: a password manager, printed copy, or secure cloud storage. Recovery codes apply to the authenticator app only; if you use SMS MFA, a new code is always sent on demand.
- ›Use “Continue with Google” if you prefer - Google accounts are managed with enterprise-grade security and your Google password is never shared with mhico. Note that mhico’s own 2FA (above) is still required regardless of how you sign in.
- ›If you use a password, make it unique to mhico and use a password manager to generate and store it securely. Don’t reuse passwords across services.
- ›Review your login history in Settings → Activity Log to spot any unrecognized sign-ins. Accessing the Activity Log requires re-authentication with your 2FA method if 2FA is enabled.
- ›If you believe your account has been compromised, contact julia@mhico.ai immediately.
Recognize phishing and social engineering
Attackers sometimes impersonate health insurance companies or apps like mhico to steal your credentials or health data. Here’s what to watch for:
- ›mhico will never ask for your health plan password. We connect via OAuth: you log in directly on your health plan’s website, not through us.
- ›Check the URL before entering credentials. mhico’s domain is mhico.ai. Health plan login pages should be on your insurer’s own domain.
- ›Be suspicious of unsolicited emails claiming your plan data needs to be re-authorized urgently. Log in to your account directly rather than clicking email links.
- ›mhico emails come from @mhico.ai addresses only. If you receive a suspicious email, forward it to julia@mhico.ai.
Know what happens if there is a data breach
A data breach means your unsecured health data or other personal information was exposed to someone who should not have it. mhico follows all breach notification laws that apply to us, including the FTC Health Breach Notification Rule and state breach laws. Our service providers must do the same, and AWS must tell us about any breach under our HIPAA Business Associate Agreement.
- ›We tell you quickly. If a breach affects you, we notify you without unreasonable delay and no later than 60 calendar days after we discover it. We also notify the Federal Trade Commission, at the same time we notify you when the breach affects 500 or more people.
- ›We explain it in plain language. Our notice tells you when the breach happened, when we found it, what data was involved, what we are doing about it, and how you can protect yourself.
- ›Report a suspected breach. If you think your account or data has been broken into, email julia@mhico.ai right away so we can look into it.
See Section 10.2 of our Privacy Policy for the full breach notification process.
Remove access and delete your data
Disconnect your insurer or erase your data whenever you want.
Revoke health plan data access
When you link a health plan, mhico retrieves your claims and coverage over a secure OAuth connection - you sign in on your insurer's own site, so we never see your password. That access is temporary: with some insurers it renews on its own for up to 90 days, and otherwise mhico shows a Reconnect prompt on the Link Insurer page when it expires. Reconnecting does not affect data you already imported. Access is also cleared when you log out, and you can revoke it entirely at any time.
- ›Go to Settings → Linked Insurer and click Remove next to any health plan. This immediately revokes mhico’s access and deletes the stored token.
- ›You can also revoke access directly through your health plan’s member portal. Look for an “authorized apps” or “linked apps” section. For Medicare connections, manage access at MyMedicare.gov.
- ›Revoking access stops future data retrieval but does not automatically delete claims data already imported. Use the data deletion option below to remove it.
Request data deletion or close your account
You have the right to remove all your personal data and close your account at any time. This is irreversible.
- ›Go to Settings → Danger Zone → Close Account. We remove all your personal data and health information (profile, plan, claims, chat history) right away. We delete any encrypted backup copies within 30 days. A de-identified record with no personal information is retained solely for audit and legal compliance purposes.
- ›You can first export a copy of your data via Settings → Export My Data before closing your account.
- ›Alternatively, email julia@mhico.ai with a deletion request and we will process it within 30 days.
See Section 8 of our Privacy Policy for the limited circumstances where immediate deletion may not be feasible (e.g. legal holds, backup cycles).
Get help and resources
Reach us or learn more about your health data rights.
How to reach us
You can contact mhico any time at julia@mhico.ai. This is the right address for all of the following:
- ›General questions about mhico, your account, or this policy.
- ›Report a wrong or harmful AI answer. If Ask Mhico or a claim analysis gives you a result that looks inaccurate, biased, or harmful, let us know so we can review it.
- ›Privacy concerns, data access, export, correction, or deletion requests, and complaints.
- ›A suspected data breach, or a sign that your account has been broken into.
- ›Updating your consent preferences, or forwarding a suspicious email that claims to be from mhico.
How fast we respond: we reply to privacy questions and complaints within 5 business days and give you a full answer within 30 days. Deletion requests are processed within 30 days. mhico only ever emails you from an @mhico.ai address.
In a medical emergency, call 911 or your local emergency number. Do not use mhico or its AI for emergencies.
External resources
For more on your health data rights, privacy protections, and official coverage resources:
- ›HHS - Your right to get copies of your health records
- ›FTC - Does your health app protect your sensitive info?
- ›FTC IdentityTheft.gov - Report and recover if your information is exposed
- ›HealthCare.gov - The official ACA Health Insurance Marketplace
- ›Medicare.gov - Manage your Medicare and app data access
- ›CARIN Alliance - Consumer health data rights (the code of conduct mhico attests to)
- ›ONC HealthIT.gov - Model Privacy Notice for health apps (the standard mhico follows)