Legal
Upstream Subprocessor List
Version: 1.0
Effective date: 2026-07-10
Last updated: 2026-07-11
This list identifies providers ByteWorthy LLC uses to deliver the Upstream service. A provider may process only the data needed for its function. Protected Health Information ("PHI") may be sent to a provider only when the Upstream Business Associate Agreement permits the processing, the required written protection is in force, and the production egress gate is enabled.
| Provider | Function | Data scope | PHI scope |
|---|---|---|---|
| Google Cloud Platform | Application hosting, databases, storage, networking, secrets, logging, and managed operations | Customer Data, account data, security data, and service content | Permitted only after applicable written protections are verified and configured PHI controls are enabled |
| Google Vertex AI | AI-assisted processing in the designated PHI lane | Minimum-necessary task content | Permitted only after required written protections are verified and the designated PHI lane is allowlisted and enabled |
| Stedi | Eligibility, claim, claim-status, remittance, attachment, and supported healthcare transactions | Customer-directed transaction and enrollment data | Permitted only after written protection, configured BAA confirmation, and customer/provider enrollment gates pass |
| Availity | Customer-approved eligibility, claim-status, configuration, payer-list, and Service Reviews transactions | Minimum-necessary customer, provider, payer, and transaction data | Permitted only after written protection, Standard Plan, production credential, customer, payer-contract, and enrollment gates pass |
| Retell AI | Customer-approved automated payer-call transport and status follow-up | Minimum-necessary call plan and patient or authorization facts approved for the call | Permitted only after written protection, recording-authority, disclosure, destination, and production egress gates pass; raw transcripts are not retained by Upstream |
| Vercel | Public website, static application delivery, and demo-intake processing | Website telemetry, account-device data, and PHI-free lead information | Not authorized for PHI |
| Stripe | Stripe-hosted checkout, billing portal, invoices, and payment processing | Account, billing, usage, and tokenized payment references | Not authorized for PHI |
| Resend | Transactional account email | Recipient email and PHI-free account message content | Not authorized for PHI |
| PostHog | Product and website analytics | PHI-free usage and device events | Not authorized for PHI |
Customer-directed systems, including athenahealth, Epic, Oracle Health (Cerner), eClinicalWorks, other EHRs, payers, portals, or clearinghouse accounts, are not Upstream Subprocessors when Upstream connects to them solely on Customer's instruction and they act independently under Customer's agreement. They remain subject to the Customer's configuration, the receiving system's terms, and the Upstream Services Agreement. Listing a provider above authorizes no data flow by itself; the applicable contract, data scope, tenant configuration, and fail-closed production gate must all be verified before processing begins.
Upstream will update this list before a new provider begins materially different processing of Customer Personal Data and will provide notice as required by the Data Processing Addendum. Questions or objections may be sent to privacy@upstream.cx.
End of Subprocessor List version 1.0.