BRILL.health

Terms of Use

BrilLiquid LLC · Published v2.0 · 2026-04-22

Effective Date: to be determined

Pre-publication draft This document is a working draft under counsel review. It is published at this URL so that identity-verification partners and regulators may review the terms during BRILL.health's build phase; the final counsel-reviewed version will replace it before real patient data is served beyond closed pilots.

These are the plain-English Terms of Use for BRILL.health. A more detailed counsel-reviewed version is maintained internally and available on request; substantive commitments are identical between the two.

1. Agreeing to these Terms

By creating an account or using BRILL.health, you agree to these Terms. If you don't agree, don't use the service. These Terms form a binding contract between you and BrilLiquid LLC, a New Jersey limited liability company.

2. Who can use BRILL.health

You must:

Be at least 18 years old, or be a minor whose parent, legal guardian, or Personal Representative has accepted these Terms on your behalf and enrolled you.
Have the legal capacity to enter a binding contract in your jurisdiction.
Not be on a U.S. government sanctions list (OFAC Specially Designated Nationals) or present in a country under comprehensive U.S. sanctions.

There is no citizenship, residency, or immigration-status requirement to use BRILL.health.

3. Your account and security

You're responsible for:

Keeping your account credentials private.
Maintaining the security of your devices and backups (e.g., iCloud Keychain, Google Password Manager).
Telling us promptly if you suspect unauthorized use.
Providing accurate information and updating it when it changes.

We require multi-factor authentication and recommend Passkeys (Face ID, Touch ID, device PIN) as your primary method.

4. What BRILL.health is

BRILL.health is a patient-agent platform — we work for you. We help you:

Keep copies of your own health records, under your control, on your devices.
Communicate with people in your care circle — family, clinicians, caregivers — through standards-based secure channels.
Track health information over time (your entries and data from devices you connect).
Enroll in optional programs (testing, research, clinical trials, insurance channels) with granular consent.
Read content with clear provenance so you can judge credibility.

What BRILL.health is not:

We're not a treatment provider. We don't diagnose, treat, or prescribe.
We don't provide medical advice. Clinical decisions should be made with your licensed healthcare providers.
We're not a substitute for emergency services. If you're experiencing a medical emergency, call 911 (in the U.S.) or go to the nearest emergency department.
We're not your health insurer, pharmacy benefit manager, or healthcare clearinghouse.

↑ Back to top

5. Two levels of platform access

Everyone gets access to the full platform except one feature — Direct Secure Messaging (a standards-based secure channel to licensed providers). Federal law and industry rules require stronger identity verification to issue Direct Secure Messaging addresses.

Without Direct Secure Messaging: patient-held records, family health history, health tracking, educational content, program enrollment, care-team coordination through platform-internal secure channels, consent management. All standard platform features.
With Direct Secure Messaging: everything above, plus the ability to send and receive messages directly with providers who participate in the standards-based healthcare network.

Direct Secure Messaging is a feature upgrade, not a platform-admission gate. You can use BRILL.health without it indefinitely. You can upgrade whenever you want.

The minimum we need to give you any service is your name, date of birth, and a way to contact you (email or phone). Everything else — SSN/ITIN, address, insurance card, government ID — is optional. Each optional element unlocks additional capabilities but isn't required for core platform access.

6. Direct Secure Messaging (for users who enable it)

If you enable Direct Secure Messaging:

We act as a Registering Agent for the standards-based healthcare-messaging network. We verify your identity, retain audit records, and can issue you a Direct Secure Messaging address.
Your address is portable within the healthcare-messaging network — you can use it beyond BRILL.health. Its validity depends on our continuing relationship with our messaging partner; if you close your account, the address may be revoked.
Acceptable use: lawful healthcare-related communication only. No spam, harassment, illegal content, or content that violates others' rights.
Revocation: your address can be revoked if you misuse it, if industry rules require it, or if you request revocation.

↑ Back to top

7. Your designated contacts

HIPAA recognizes three distinct kinds of people in your care, each with different legal standing. You can designate any, all, or none of these:

Emergency Contact — someone to reach in an emergency. No access to records, no decision-making authority.
Personal Representative — someone formally authorized (via healthcare power of attorney, advance directive, legal guardianship) to make healthcare decisions for you when you can't. Has full HIPAA authority.
Records-Access Proxy — someone you want to receive copies of your records. No decision-making authority.

Same person can have multiple roles, different people can have different roles, or you can designate nobody. Changes are allowed anytime.

Designating a Personal Representative through BRILL.health doesn't by itself create the legal authority — the underlying legal instrument must exist under your state's law. We provide optional tools (including online notarization) to help you create such instruments, but the legal validity depends on your jurisdiction's rules.

8. Consent

BRILL.health operates on granular, revocable consent. For any specific program or data-sharing arrangement, you encounter a distinct consent decision. In our initial programs you may see up to three:

Testing lab consent (e.g., for specific clinical tests)
Optional research consent
Data-sharing consent (how BRILL.health itself may transmit data on your behalf)

You can accept or decline any of these independently. You can revoke a consent at any time.

How revocation works: effect within 30 days (often faster). It stops future uses. It can't retract data already transmitted or research already completed — but where possible we'll notify downstream recipients.

Research risks worth knowing: De-identification reduces but doesn't eliminate privacy risk. Re-identification from published results is possible though uncommon; a breach could implicate biological relatives sharing your genetic material; new techniques might introduce risks we can't currently anticipate. See our Privacy Policy §5 for details.

↑ Back to top

9. Your records and key management

BRILL.health is designed around patient-held data. Your clinical records live on your device, encrypted under keys you control in our target architecture.

Currently: we encrypt your data with industry-standard protections and AWS-managed key storage. Some keys are server-held under strict controls.

Target architecture: device-held encryption keys bound to your Passkey; our servers wouldn't have the ability to decrypt. We're implementing this in phases.

When patient-held keys are active for your account:

You're responsible for device and backup access (iCloud Keychain, Google Password Manager, or equivalent).
If you lose access to all your devices and backups, we can't recover your records. This is an intentional security feature.
We'll give you clear backup guidance before activating.

10. Connecting to other services

You can connect BRILL.health to services where you already keep health data: Apple Health, Google Health Connect, your hospital's patient portal, your insurer's Patient Access feature, device/wearable manufacturers.

For each, you authorize us at the service's own consent screen — we're a "receiving app." The third party's terms govern their side; our Privacy Policy governs ours once data reaches us.

On HealthKit and Health Connect data specifically:

We never use it for advertising.
We never sell it to advertising platforms, data brokers, or information resellers.
We share it with a third party only with your express permission, and only where that third party also provides a health or fitness service (or where you've given specific research consent for medical research).
OS-level permissions are your primary control. Revoking at the OS stops future flow; use our in-app deletion controls to remove data we've already received.

See Privacy Policy §4 for details on each integration.

↑ Back to top

11. Acceptable use

You agree not to:

Upload content you don't have the right to share, including others' protected health information without their authorization.
Use the platform to harass, threaten, impersonate, or defraud.
Reverse engineer, decompile, or bypass security.
Scrape, bulk-export, or resell platform content or other users' data.
Send unsolicited commercial messages.
Interfere with the platform's operation for other users.
Violate any applicable law.

We may suspend or terminate accounts for serious or repeated violations. Where possible we'll give notice and a chance to correct, except where immediate action is necessary to protect others or comply with law.

12. Minors

A parent, legal guardian, or Personal Representative may enroll a minor (under 18) subject to applicable state law. State law may give the minor independent rights (for example, in reproductive health, mental health, or substance-use care) that override the Personal Representative's. Where state law gives the minor independent rights, we honor them to the extent technically feasible.

When a minor reaches the age of majority in their state, the Personal Representative relationship through BRILL.health ends automatically unless renewed under a new legal instrument.

13. No discrimination in platform access

BRILL.health does not condition platform admission on:

U.S. citizenship
Country of birth (we don't collect this)
Immigration status (we don't collect this, and we won't serve as a channel for its collection or reporting)
Insurance coverage

Stronger identity verification (for Direct Secure Messaging) may rely on documents more readily available to some than to others. We offer multiple verification paths, including paths that accept foreign government-issued identification and trusted-referee verification. If you can't complete stronger verification through any available path, you retain full access to all other platform features.

↑ Back to top

14. Patients with international ties

BRILL.health's architecture supports patients whose care crosses borders.

Your data travels with you. Clinical records on your device are yours to take wherever you have a lawful right to travel.
Applicable law follows residence and citizenship. EU, UK, Canadian, Australian, or other international data-protection rights apply to residents of those jurisdictions.
Sub-processor access. Our sub-processors are principally U.S.-based. Your data may be processed in the U.S.
Governing law. These Terms are governed by New Jersey law, but mandatory consumer-protection statutes of your residence continue to apply where they give greater protection.

15. Liability

To the maximum extent permitted by law:

We're not a treatment provider; we're not liable for health outcomes, treatment decisions, or the actions of your healthcare providers, insurers, or other third parties.
We're not liable for loss of records due to your loss of device or backup access when the platform is operating as designed.
We're not liable for the actions or privacy practices of third-party services you connect (Apple, Google, providers, insurers, device manufacturers).
Our aggregate liability to you for any claim is limited to the greater of (a) fees you've paid us in the prior twelve months, or (b) one hundred U.S. dollars ($100).

Nothing limits liability for willful misconduct, gross negligence, or anything that can't be excluded under applicable law.

16. Intellectual property

Content on BRILL.health — text, graphics, logos, software, designs — is ours (or our licensors'). You may use the platform only as these Terms permit.

You retain all rights in your own content (records, messages, entries). You grant us only the rights necessary to operate the platform for you.

17. Indemnification

You agree to indemnify BrilLiquid from any claim, loss, or expense arising out of your breach of these Terms, your misuse of the platform, your violation of law, or your violation of another person's rights.

↑ Back to top

18. Governing law and disputes

These Terms are governed by New Jersey law. Exclusive jurisdiction for disputes is in the state and federal courts located in Morris County, New Jersey — unless mandatory consumer-protection law of your residence requires otherwise, or you have a small-claims right in your jurisdiction.

19. Changes to these Terms

For material changes, we'll notify you at least 30 days in advance (by in-app notice, email, or both). Non-material changes (typos, cross-references) may take effect immediately with the new Effective Date above.

Your continued use after the effective date of a material change means you accept it. If you don't accept, you can close your account; we'll preserve your records and export capabilities for a reasonable period.

20. Closing your account

By you: close your account anytime. We delete platform account information; we retain only what law requires (e.g., audit logs). Your records on your device remain yours.
By us: we can suspend or terminate for violation of these Terms, legal compliance, or if we stop running the platform. Except for serious violations or legal requirements, we'll give reasonable notice.

21. Contact

BrilLiquid LLC (a New Jersey limited liability company)
Florham Park, NJ 07932
General inquiries (email): am@brilliquid.com
Direct Secure Messaging (for healthcare correspondence): am@brill.health
Business continuity: +1-201-637-1765

Note on email: brilliquid.com is our corporate email. brill.health is a Direct Secure Messaging address — a standards-based secure channel reserved for healthcare correspondence, not a regular email inbox. A healthcare corporate email on brilliquid.health will activate later; we'll update these Terms when it does.

Acknowledgment for Users Who Enable Direct Secure Messaging

If you enable Direct Secure Messaging, you also acknowledge and agree to the following:

You are the certificate subject. Your Direct Secure Messaging credential is issued individually to you, not to BrilLiquid as an organization.
You will use your address only for yourself (or authorized representatives you've designated under §7 and applicable law).
You'll protect your credential by maintaining device security.
You'll tell us promptly if you suspect your address has been compromised.
Lawful healthcare use only.
Your address can be revoked by us, by our messaging partner, or by industry rules, under circumstances described in the governing industry policies.
We retain identity-verification records for audit purposes as required by industry rules.

The governing industry policies are available on request; in the event of any conflict, those policies control for matters they address.