Longitude Wellness Find Your True North

Retention Policy

What this website keeps, and what it does not.

This policy explains the practical retention model for the public Longitude Wellness website. It separates public website data from clinical records and secure patient systems.

Static website content

Public page content, code, brand assets, and deployment history may be retained indefinitely for business continuity, audit history, and rollback.

Operational logs

Hosting and deployment logs may be retained by service providers according to their platform settings and policies. They are used for security, uptime, and troubleshooting.

Contact requests

Basic non-PHI contact messages should be reviewed, routed into Spruce or another approved business system, and deleted from temporary channels when no longer needed.

Current Reality

The public site does not store form submissions.

The current public website is a static informational site. It does not run a website database, does not create patient accounts, does not store public intake submissions, and does not collect payment information.

Phone calls and secure patient messages are intended to be handled through Spruce once configuration is complete. Email messages are handled by the sender's and practice's email systems and should remain basic contact only. Public website forms should not be used for PHI unless the form, account, retention, access controls, and business associate requirements have been reviewed and approved.

Suggested Retention Rules

Public website records should stay lean.

  • Public website source, deployed assets, and change history: retained for business continuity and audit history.
  • Operational hosting logs: retained only as long as needed for security, troubleshooting, and platform operations.
  • General non-patient inquiries: routed into Spruce or the approved business system, then deleted after response or retained no longer than 12 months unless needed for business records.
  • Spruce communications: retained according to the practice's Spruce configuration, patient communication policy, and applicable clinical record requirements.
  • Patient care records: retained only in the approved clinical record system according to applicable medical record retention requirements.
  • Accidental PHI sent through a public channel: moved into the approved secure workflow if needed, then removed from the public channel where practical.

No Tracking Policy

No marketing cookies or hidden lead tracking.

The website is designed without ad pixels, cross-site retargeting scripts, analytics cookies, embedded chat trackers, or newsletter automation. That keeps the public site simpler, faster, and easier to audit.

If analytics are added later, they should be privacy-preserving, documented here, and reviewed before launch.

Review Cadence

Retention should be reviewed as systems change.

This policy should be reviewed whenever Longitude Wellness adds a patient portal, online scheduling, payment processing, secure messaging, analytics, advertising, Spruce workflows, or any system that may handle patient information.

Last updated: May 25, 2026.