This Cookie Policy explains how FollowMyDoctor.com, operated by United Valuecare, Inc. ("FollowMyDoctor", "we", "us", or "our"), uses cookies and similar tracking technologies on followmydoctor.com and its sub-domains, including the FollowMyDoctor mobile application.
We are committed to being transparent about the technologies we use. This policy is written in plain language and is intended to be fully understandable to all visitors, regardless of technical knowledge. For information about how we handle personal and health data more broadly, please read our Privacy Policy and HIPAA Notice of Privacy Practices.
This policy applies to all users of our website and platform, and is compliant with the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), the EU General Data Protection Regulation (GDPR), and applicable state privacy laws.
Quick summary: We use cookies to keep our platform secure and working correctly, to remember your preferences, and — only with your consent — to understand how our site is used. We never sell your cookie data. We never use cookies to identify or track your patients.
1 What are cookies?
Cookies are small text files placed on your device — computer, smartphone, or tablet — by a website when you visit it. They are widely used to make websites work more efficiently, to remember your preferences, and to provide information about how their site is being used.
A cookie typically contains:
- The name of the cookie (an identifier)
- A value — the information the cookie stores
- A domain — the website the cookie belongs to
- An expiry date — when the cookie will be deleted automatically
- A path — the part of the website the cookie applies to
Cookies are not programs and cannot carry viruses or install software on your device. They are simply small data files stored in your browser.
Types of cookies by duration
- Session cookies — Temporary; deleted when you close your browser. They allow our platform to link your actions during a session, such as keeping you logged in while navigating between pages.
- Persistent cookies — Remain on your device for a set period. Used to remember your login preferences, consent choices, and platform settings on return visits.
Types of cookies by origin
- First-party cookies — Set directly by FollowMyDoctor on followmydoctor.com. Only followmydoctor.com can read these cookies.
- Third-party cookies — Set by third-party services we use, such as analytics tools. These services may track usage across multiple websites.
Similar technologies — including web beacons (tracking pixels), local storage, and session storage — can serve similar functions to cookies and are also covered by this policy wherever applicable.
2 Why we use cookies
FollowMyDoctor uses cookies for the following purposes:
- To make our platform work correctly — certain cookies are strictly necessary to allow you to navigate the site, stay logged in, and use core features such as the AI query interface and clinical note tools.
- To remember your preferences — functional cookies allow us to remember your specialty, preferred AI models, and session settings so you do not need to re-enter them on each visit.
- To understand how clinicians use our platform — analytics cookies tell us which features are used most, where errors occur, and how we can improve the experience for healthcare professionals.
- To maintain security and prevent fraud — some cookies help us detect and prevent unauthorised access to clinician accounts and patient data.
- To ensure HIPAA compliance — certain cookies log access events and session activity as part of our audit trail obligations under HIPAA.
Important: FollowMyDoctor never uses cookies to collect, store, or transmit Protected Health Information (PHI). Clinical queries submitted to our AI platform are processed in encrypted memory and are never logged to cookies or browser storage.
3 Types of cookies we use
We classify our cookies into four categories, consistent with guidance from the UK Information Commissioner's Office (ICO) and the EU's ePrivacy Directive. Categories 2, 3, and 4 require your explicit, informed consent before we set them.
Consent requirements: Strictly necessary cookies do not require consent — they are essential for the platform to function. All other categories require your explicit consent. You can update your preferences at any time using the panel in Section 6.
3.1 Strictly Necessary Cookies
These cookies are essential for followmydoctor.com to operate. They allow you to navigate the platform, stay logged in to your clinician account, use the AI query interface, and record your consent choices. They cannot be disabled, and no personal data collected by them is used for marketing or analytics.
| Cookie name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| fmd_session | followmydoctor.com | Maintains your authenticated clinician session while you navigate between pages. Deleted when you close your browser. | Session | First-party |
| fmd_auth_token | followmydoctor.com | Encrypted authentication token set on login. Enables "stay logged in" functionality. Stored as an HTTP-only secure cookie — inaccessible to JavaScript. | 30 days | First-party |
| fmd_csrf | followmydoctor.com | Cross-site request forgery protection. Prevents malicious sites from submitting requests on your behalf. Required for account security. | Session | First-party |
| fmd_cookie_consent | followmydoctor.com | Records your cookie consent preferences so we do not ask again on every visit. Required under CCPA and GDPR to record consent decisions. | 13 months | First-party |
| fmd_hipaa_ack | followmydoctor.com | Records that you have acknowledged our HIPAA Notice of Privacy Practices, as required under 45 CFR §164.520. | 12 months | First-party |
| __cf_bm | Cloudflare | Bot management and DDoS protection. Cloudflare uses this cookie to distinguish humans from automated bots to protect patient data and platform integrity. | 30 minutes | Third-party |
| __cflb | Cloudflare | Load balancing. Routes your requests to the most appropriate server for performance. Does not collect personal data. | Session | Third-party |
3.2 Functional Cookies
Functional cookies remember your preferences and settings to personalise your experience. For example, they remember your chosen AI models, specialty, and display preferences. If you do not accept functional cookies, some features may not work as expected on return visits.
| Cookie name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| fmd_specialty | followmydoctor.com | Remembers your clinical specialty (e.g., Cardiology, Pediatrics) so the platform surfaces the most relevant AI models and content on return visits. | 12 months | First-party |
| fmd_model_pref | followmydoctor.com | Stores your preferred AI model selections (e.g., Claude, Meditron-70B) so you do not need to reconfigure on each visit. | 6 months | First-party |
| fmd_ui_prefs | followmydoctor.com | Saves display settings such as font size, dark/light mode preference, and sidebar state. | 24 months | First-party |
| fmd_locale | followmydoctor.com | Stores your preferred language and regional settings. | 12 months | First-party |
| intercom-session-* | Intercom | Powers our clinician support chat. Allows support agents to maintain conversation context so you do not repeat information. Data stored on Intercom servers (US/EU). | 7 days | Third-party |
3.3 Analytics & Performance Cookies
Analytics cookies help us understand how clinicians use our platform — which features are used most, where errors occur, and how we can improve the experience. All analytics data is aggregated and anonymised before we access it. We do not sell this data to any third party, and it is never linked to patient information.
| Cookie name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| _ga | Google Analytics 4 | Main Google Analytics identifier. Assigns a pseudonymous Client ID to distinguish unique users. IP anonymisation is enabled. Not shared with other Google products or advertising systems. | 2 years | Third-party |
| _ga_[ID] | Google Analytics 4 | Used by GA4 to persist session state and measure engagement across page views. | 2 years | Third-party |
| _gid | Google Analytics 4 | Distinguishes unique users. Expires after 24 hours. | 24 hours | Third-party |
| fmd_perf | followmydoctor.com | Internal performance monitoring. Records page load times, API response times, and error rates to help our engineering team identify and resolve performance issues. | Session | First-party |
| _hjSessionUser_* | Hotjar | Used to record user sessions (with consent) so we can watch anonymised session replays to identify usability issues in the clinical interface. No PHI is ever captured. | 365 days | Third-party |
3.4 Marketing & Targeting Cookies
With your consent, we use marketing cookies to measure the effectiveness of our outreach to healthcare professionals — understanding which channels reach clinicians who are interested in our platform. We do not use marketing cookies to target patients or to build profiles using health data.
| Cookie name | Provider | Purpose | Duration | Type |
|---|---|---|---|---|
| _fbp | Meta (Facebook) | Used to measure the effectiveness of our Facebook and Instagram advertising campaigns targeting healthcare professionals. Does not collect health data. | 90 days | Third-party |
| _gcl_au | Google Ads | Measures advertising effectiveness and conversion tracking for our Google Ads campaigns targeted at clinicians. | 90 days | Third-party |
| li_fat_id | LinkedIn Insight Tag. Tracks conversions from LinkedIn campaigns targeting healthcare professionals and medical institutions. | 30 days | Third-party |
4 Cookies & Health Data
FollowMyDoctor is a HIPAA-regulated platform. We take the intersection of cookies and health data extremely seriously.
- No PHI in cookies — Protected Health Information (PHI) is never stored in cookies, local storage, or any browser-accessible storage mechanism.
- No patient tracking — We never use cookies to identify, track, or profile patients. Cookies on our platform track clinician sessions only.
- Clinical queries are not logged — AI queries submitted through our platform are processed in encrypted, ephemeral memory. They are never written to cookies, logs, or persistent storage.
- Audit trails are separate — Our HIPAA audit log system operates server-side and is entirely separate from browser cookies. These logs are never accessible to third-party analytics tools.
- Third-party isolation — All third-party scripts (analytics, support, advertising) are loaded in a sandboxed context that prevents them from accessing clinical interface elements or query content.
If you believe any cookie on followmydoctor.com may be handling health data inappropriately, please contact our Privacy Officer immediately at privacy@followmydoctor.com.
5 Third-Party Cookies
Some cookies on followmydoctor.com are set by third-party services that we use to operate the platform. These third parties have their own privacy and cookie policies, which we encourage you to review:
- Cloudflare — Security and performance infrastructure. Privacy Policy
- Google Analytics 4 — Web analytics. Privacy Policy
- Google Ads — Advertising measurement. Privacy Policy
- Hotjar — Session replay and usability research. Privacy Policy
- Intercom — Clinician support chat. Privacy Policy
- Meta (Facebook) — Advertising measurement. Privacy Policy
- LinkedIn — Advertising measurement. Privacy Policy
All third-party partners with access to non-essential analytics or support data have signed Data Processing Agreements (DPAs) with United Valuecare, Inc. No third party has access to PHI or clinical query content.
6 Managing Your Cookie Preferences
You can update your cookie preferences at any time using the panel below. Changes take effect immediately. Withdrawing consent for a category does not affect the lawfulness of processing carried out before withdrawal.
Cookie Preference Centre
7 Browser-Level Cookie Controls
In addition to the preference centre above, you can control cookies directly through your browser settings. Instructions for the most common browsers:
- Google Chrome — Settings → Privacy and security → Cookies and other site data
- Apple Safari — Preferences → Privacy → Manage Website Data
- Mozilla Firefox — Options → Privacy & Security → Cookies and Site Data
- Microsoft Edge — Settings → Site permissions → Cookies and site data
Please note that disabling cookies at the browser level may prevent you from logging in to your FollowMyDoctor account or using core platform features. We recommend using the preference centre above rather than browser-level blocking for a better experience.
You can also opt out of Google Analytics across all websites by installing the Google Analytics Opt-out Browser Add-on.
8 Changes to This Policy
We may update this Cookie Policy from time to time to reflect changes in our technology, legal requirements, or business practices. When we make material changes, we will:
- Update the "Last reviewed" date at the top of this page
- Display an in-platform notification to logged-in clinicians
- Request fresh consent where required by applicable law
We encourage you to review this policy periodically. Continued use of followmydoctor.com after any changes constitutes acceptance of the revised policy.
9 Contact Us
If you have questions about this Cookie Policy, wish to exercise your privacy rights, or want to report a concern, please contact us:
Privacy Officer — FollowMyDoctor
United Valuecare, Inc.
Chantilly, VA & Rockville, MD
🌐 followmydoctor.com
✉ privacy@followmydoctor.com
Regulatory & Supervisory Authorities
HIPAA / HHS:
Office for Civil Rights, 200 Independence Ave SW, Washington DC 20201
📞 1-800-368-1019
CCPA / California:
California Privacy Protection Agency
cppa.ca.gov