Privacy Policy

Effective May 27, 2026
The short version: We collect only what's needed to send you what you asked for, we never sell your information, we never store the full text of a denial letter, and we ask you not to paste your child's identifying medical information into the free tools. This page explains the details in plain English.
Important — Don't paste PHI into the free tools

The free tools on this site (Denial Decoder, Appeal Letter Starter, Deadline Tracker) are designed to work with the language of a denial, not your child's identifying medical information. Before you paste a denial letter into a free tool, please redact:

  • Your child's name and date of birth
  • Member ID, policy number, claim number
  • Social Security number or any other government ID
  • Specific provider names and addresses
  • Medical record numbers (MRN)
  • Any other information that identifies your child specifically

The tools work just as well with this information redacted. If you have something genuinely sensitive that needs Jen's eyes — a full denial letter, a chart, a treatment plan — book a 1:1 consult and we'll arrange a secure channel for the exchange. We never want your child's identifying medical information sitting in our systems if it can be avoided.

Who we are

The Prior Auth Nurse is a service of Morris Capital Consultants LLC, operating in Virginia under the trade name "The Prior Auth Nurse." We provide plain-English tools, guides, and consultation services to help parents understand and appeal pediatric insurance denials. Jennifer Morris, LPN, is the clinical voice behind the brand.

What we collect, and why

We collect only what's necessary to do the thing you're asking us to do.

Free tools (Denial Decoder, Appeal Letter Starter, Deadline Tracker)

When you use one of our free tools, you provide your email address and (optionally) your first name. The tools then process your inputs in our backend and email the result to you. We store:

  • Your email and first name, so we can send the result and (if you consent) our occasional newsletter
  • The fact that you used the tool and the date, so we can understand usage
  • Anonymized denial patterns (for example, "Anthem denied ABA for medical necessity") — aggregate data that contains no information identifying you or your child, used to understand what denials are happening across the country so we can make our products better
  • A one-way hash of your IP address, used to detect and block automated abuse

We do not store the full text of your denial letter or appeal request. The text is sent to our AI processing partner, the response is generated, and the text is discarded.

Purchases

When you buy a guide, pack, or 1:1 consult, our checkout partner (SamCart) collects your name, email, and billing information. Payment is processed by Stripe; we never see your credit card details. SamCart shares your name, email, and order details with us so we can deliver the product.

Consult bookings

When you book a 1:1 consult, Calendly collects the scheduling information needed to set up the call. We don't take any health information in the booking flow itself — health information is exchanged later through HIPAA-compliant channels we arrange for paying consult clients.

Newsletter

If you sign up for our newsletter, we store your email in our email marketing platform (MailerLite). You can unsubscribe at any time using the link in any email we send.

Website analytics

Like most websites, this site uses basic, aggregate analytics through Squarespace to understand how visitors use the site — pages visited, time on site, general geographic region. This information does not identify you personally.

What we don't collect

  • We don't collect your child's medical records, insurance card photos, or other Protected Health Information through the free tools — and we ask that you don't submit them. See the warning at the top of this page.
  • We don't sell your information to anyone, ever.
  • We don't share your information with advertisers or marketing partners.
  • We don't use behavioral tracking to profile you across other websites.
  • We don't ask for your Social Security number, government ID, or any other identifier we don't need.

Who we share information with (service providers)

To run the operation, we rely on these sub-processors. Each has their own privacy practices that govern the information we send them; we've chosen partners with strong privacy practices, but you're welcome to investigate them as well:

  • Squarespace — website hosting and basic analytics
  • SamCart — checkout, order processing, and product delivery
  • Stripe — payment processing (we never see your card data)
  • Google Cloud / Firebase — backend infrastructure for the free tools and storage of your email and (anonymized) denial-pattern data
  • Anthropic — AI processing for the Denial Decoder and Appeal Letter Starter (your inputs are processed by Anthropic's Claude API; under Anthropic's API terms, this data is not retained for training)
  • MailerLite — email marketing for our newsletter
  • Google Workspace — transactional email delivery, covered by a Business Associate Agreement for any HIPAA-relevant exchanges
  • Calendly — consult booking and scheduling

How long we keep information

  • Newsletter and free-tool emails: until you unsubscribe. After you unsubscribe, we remove you from our active mailing list within 30 days.
  • Anonymized denial patterns: retained indefinitely (this data does not identify you).
  • Order records: as long as needed for tax and accounting purposes, generally 7 years.
  • Consult-related communications: retained securely so we can support ongoing clients. You can request deletion at any time.

Your rights

You have the right to:

  • Request a copy of the information we have about you
  • Ask us to correct or delete your information
  • Unsubscribe from our newsletter at any time
  • Withdraw consent for any optional processing

To exercise these rights, email contact@thepriorauthnurse.com. We respond within 30 days.

Children's privacy

The Prior Auth Nurse is a service for parents and guardians. We don't knowingly collect information directly from children under 13. The information parents provide is about themselves (the parent or guardian), not about their child — we don't ask for the child's name, date of birth, or other personal identifiers through any of our tools or forms. If you believe we've inadvertently collected information from a child, please contact us and we'll delete it.

Information security

We take reasonable measures to protect the information we collect:

  • All site traffic is encrypted with HTTPS
  • Backend data lives in Google Cloud and Firebase, which provide industry-standard security
  • Payment processing happens directly between you and Stripe; we never see card data
  • For sensitive health-information exchanges with paying consult clients, we use HIPAA-compliant channels

No system is perfectly secure. If we ever discover a breach affecting your information, we'll notify you promptly and take steps to address it.

Changes to this policy

We may update this policy as our service evolves. The Effective date at the top will reflect the most recent update. Material changes will be communicated by email to active subscribers.

A note on legal advice

This Privacy Policy explains our information-handling practices. It is not legal advice. The Prior Auth Nurse provides clinical and procedural guidance from a pediatric nurse; we are not attorneys. If you need legal advice about a specific situation — an appeal, a regulatory question, or anything that depends on the law of your state — consult a licensed attorney.

Contact

Questions, concerns, or requests about this Privacy Policy or your information? Email contact@thepriorauthnurse.com. We respond within 2 business days.