RxShield
powered by Scanbo AI
Company

Built for clinical trust

RxShield is engineered to meet the security and compliance expectations of health systems, hospital procurement teams, and individual clinicians.

[+]
Non-Device Clinical Decision Support
Classified under FDA 21st Century Cures Act Section 520(o)(1)(E) - no SaMD designation required
FDA 520(o)(1)(E)
HIPAA CompatibleSOC 2 Type II (in progress)TLS 1.3 EncryptionNo PHI StoredImmutable Audit TrailUS and Canada Compliant
Data Architecture
RxShield is designed as a reference-lookup engine. Drug queries are processed in-session and no PHI is retained beyond the active authenticated session.
L
End-to-End Encryption
TLS 1.3 in transit, AES-256 at rest on all infrastructure.
D
No PHI Retention
Drug queries not linked to patient identifiers. Session data cleared on logout.
ID
Immutable Audit Trail
Every check generates a tamper-proof Decision ID with full source attribution.
GL
Regional Data Residency
US queries on US infrastructure. Canadian queries on Canadian-region servers.
H
HIPAA-Compatible Design
Architecture reviewed for HIPAA technical safeguard alignment. BAA available for enterprise.
SSO
SSO and MFA Ready
Enterprise integrations support SAML 2.0 SSO. MFA enforced for all clinician accounts.
Regulatory Classification
RxShield meets all four FDA Non-Device CDS criteria under Section 520(o)(1)(E).
All 4 FDA 520(o)(1)(E) Criteria Met
OK
Not for image/signal acquisition - Does not acquire, process, or analyze medical images or physiological signals.
OK
Displays published information only - All findings sourced from FDA labels, Health Canada monographs, and peer-reviewed literature.
OK
Does not replace clinical judgment - Every output is marked "Supporting Context (informational only). System action: None."
OK
Enables independent clinician review - Full source citations, evidence IDs, and audit trails for independent verification.
Penetration Testing
RxShield undergoes regular third-party penetration testing. Critical vulnerabilities are remediated within 72 hours.
Report vulnerabilities to [email protected]. We acknowledge all reports within 24 hours.
Enterprise and Hospital Procurement
For health systems and hospital procurement, RxShield offers enterprise agreements including HIPAA BAAs, custom SLA, dedicated infrastructure, and audit log exports. Contact [email protected].
Company

Get in touch

Clinician, health system, or developer - we would love to hear from you.

Send a message
Direct contacts
EH
Enterprise and Hospital
[email protected]
BAA, procurement, SLA inquiries
API
Developer API
[email protected]
API keys, integration support
SEC
Security
[email protected]
Vulnerability reports
PR
Press and Media
[email protected]
Press kit available on request
Legal

Legal documents

All the policies and terms governing your use of RxShield and Scanbo AI's platform.

RxShield is a Non-Device CDS tool under FDA Section 520(o)(1)(E). It does not constitute medical advice and does not replace clinical judgment.
DOC
Terms of Use
Rules governing your access and use of RxShield, including permitted use by licensed clinicians.
Read Terms ->
LOCK
Privacy Policy
How we collect, process, and protect your data. HIPAA-compatible design and data retention practices.
Read Privacy ->
VH
Telehealth Policy
Terms for use of RxShield in telehealth settings across US and Canadian jurisdictions.
Read Telehealth ->
Regulatory Classification
Regulatory Status - Updated March 2026
OK
FDA: Non-Device CDS under Section 520(o)(1)(E). Not a Software as a Medical Device (SaMD).
OK
Canada: Reference information tool. Not a licensed medical device under Health Canada's Medical Devices Regulations.
OK
Intended Users: Licensed US and Canadian HCPs only. Not for patient self-use.
OK
Not Medical Advice: System action is always None. Clinical decisions remain the sole responsibility of the treating clinician.
Legal

Terms of Use

By accessing RxShield, you agree to be bound by these terms.

Contents
Last updated: March 1, 2026 - Version 2.1 - Effective immediately
1. Acceptance of Terms
By accessing or using RxShield, operated by Scanbo AI Inc., you agree to be bound by these Terms. If you do not agree, you may not use the Platform.
2. Eligibility
RxShield is exclusively for licensed healthcare professionals in the US and Canada. You must hold a valid clinical license, have a valid NPI (US) or provincial college registration (Canada), and be 18 or older.
Not for patients or the general public. Use by non-licensed individuals is prohibited.
3. Permitted Use
You may use RxShield solely to review published drug interaction information to support your clinical decision-making, generate audit trail Decision IDs for personal documentation, and access FDA and Health Canada referenced prescribing information. Commercial reuse requires a separate written agreement.
4. Clinical Disclaimer
RxShield is a Non-Device CDS tool under FDA Section 520(o)(1)(E). It provides published reference information only, not medical advice, diagnosis, or treatment. System action is always "None." All clinical decisions remain the sole responsibility of the treating clinician.
5. User Accounts
You are responsible for maintaining the confidentiality of your account credentials. Accounts are non-transferable and may not be shared. Notify [email protected] immediately of any unauthorized use.
6. Prohibited Use
  • Providing clinical recommendations to patients without appropriate professional judgment
  • Reproducing, distributing, or commercializing Platform outputs without written authorization
  • Reverse-engineering or systematically extracting the drug interaction database
  • Using automated bots or scripts outside of the authorized Developer API
  • Uploading or transmitting patient-identifiable information to the Platform
7. Intellectual Property
All Platform content, technology, design, and branding, including the RxShield name, Scanbo AI decision engine, evidence-scoring framework, and audit trail architecture, are the exclusive property of Scanbo AI Inc., protected by copyright, trademark, and trade secret laws.
8. Indemnification
You agree to indemnify and hold harmless Scanbo AI Inc. from any claims, damages, and expenses arising from your use of the Platform, violation of these Terms, or any clinical decision made in connection with Platform outputs.
9. Limitation of Liability
To the maximum extent permitted by law, Scanbo AI Inc. shall not be liable for any indirect, incidental, or consequential damages, including clinical outcomes or patient harm. Total liability shall not exceed the greater of fees paid in the preceding 12 months or 100 CAD.
Platform provided "as is" without warranties of any kind.
10. Governing Law
These Terms are governed by the laws of the Province of Ontario, Canada. Disputes shall be resolved by binding arbitration in Ontario, except where applicable law mandates otherwise.
11. Contact
Scanbo AI Inc. - Legal Team
Email: [email protected]
Legal

Privacy Policy

What we collect, what we do not, and exactly how your data is handled.

Contents
Last updated: March 1, 2026 - Version 2.0
1. Overview
RxShield is a no-PHI platform. We do not collect, store, or process patient health information. Drug queries are processed to generate interaction references only.
2. What We Collect
Account Information
  • Name, email address, professional designation
  • NPI (US) or provincial college registration (Canada) - for verification only
  • Specialty and practice setting (optional)
Usage Data
  • Drug names entered into interaction checks (not linked to patients)
  • Session timestamps, feature usage, and in-app events
  • Device type, browser version, and general region (not precise location)
3. What We Do Not Collect
  • No patient names, dates of birth, MRN numbers, or patient identifiers
  • No clinical notes, diagnoses, or patient-specific context
  • No biometric or health data of any kind
  • No insurance information or billing data
  • No precise geolocation data
Uploading patient-identifiable information to RxShield is prohibited. The system is not designed to handle PHI.
4. How We Use Data
  • Verify HCP credentials and maintain your account
  • Deliver drug interaction results and generate Decision IDs
  • Improve the accuracy of our drug interaction engine
  • Send transactional emails (account verification, security notices)
  • Detect and prevent fraud and unauthorized access
We do not use your data for advertising and we do not sell your data.
5. Data Sharing
We do not sell, rent, or trade your personal information. Data is shared only with service providers under strict data processing agreements, legal authorities when required by law, and successors in a merger under equivalent privacy protections.
6. Data Retention
Account data is retained while active, plus 12 months after deletion. Usage logs retained for 90 days. Request deletion at [email protected].
7. Your Rights
  • Access a copy of the personal data we hold
  • Correct inaccurate personal data
  • Request deletion (right to be forgotten)
  • Data portability in machine-readable format
  • Withdraw consent at any time
Contact [email protected]. We respond within 30 days.
8. HIPAA (United States)
RxShield is HIPAA-compatible by design - we do not collect PHI. Enterprise customers requiring a Business Associate Agreement (BAA) should contact [email protected].
9. PIPEDA / PHIPA (Canada)
Canadian users are protected under PIPEDA and applicable provincial legislation including Ontario's PHIPA. We collect only the minimum information necessary, with your knowledge and consent.
10. Cookies
We use strictly necessary cookies for authentication and session management, and optional analytics cookies. No advertising or cross-site tracking cookies. Contact [email protected] with questions.
Legal

Telehealth Policy

Guidelines for using RxShield in telehealth and virtual care settings across the US and Canada.

Contents
Last updated: March 1, 2026
1. Scope
RxShield is a reference tool, not a telehealth platform. It does not facilitate patient communication, video consultations, electronic prescribing, or any patient-facing service.
This policy applies to licensed healthcare professionals using RxShield in connection with telehealth or virtual care services in the US and Canada.
2. Appropriate Use in Telehealth
  • Review published drug interaction data during a virtual consultation to support a prescribing decision
  • Generate a Decision ID documenting evidence consulted during a virtual visit
  • Access FDA label or Health Canada monograph summaries for drugs being considered
  • Support pharmacist medication reviews conducted via telehealth channels
3. Limitations in Telehealth Settings
  • RxShield does not have access to the patient's complete medication list unless manually entered. Interactions may be missed if medication reconciliation is incomplete.
  • The Platform does not account for allergies, renal or hepatic impairment, pregnancy status, or other patient-specific factors.
  • The database may not reflect newly issued Health Canada Dear HCP letters or FDA Drug Safety Communications in real time.
In emergency scenarios, always prioritize direct patient assessment and established emergency protocols. RxShield is not designed for emergency decision support.
4. Jurisdictional Requirements
United States
Telehealth prescribing is governed by state-specific laws and the Ryan Haight Act for controlled substances. Clinicians must comply with licensing and prescribing obligations in the state where the patient is located.
Canada
Virtual care prescribing is governed by the clinician's provincial licensing body. Clinicians must comply with provincial College guidelines on virtual prescribing.
5. Standard of Care
The standard of care applicable to a telehealth encounter is the same as, or may be higher than, an in-person visit. The use of RxShield does not modify this standard.
6. Documentation
RxShield generates an immutable Decision ID for every interaction check. Clinicians may export this ID for incorporation into their EMR/EHR to evidence that published interaction data was consulted prior to prescribing.
Decision IDs are ISO 8601 time-stamped and exportable as PDF, Word, or plain text.
7. EMR / Platform Integration
Health systems wishing to integrate RxShield via the Developer API should contact [email protected]. Any integration must preserve the Supporting Context (informational only) - System action: None disclaimer in all user-facing outputs.
8. Contact
Scanbo AI Inc. - Legal Team
Email: [email protected] | Telehealth integration: [email protected]