Home › Account & Data Deletion

Account & Data Deletion

How to delete your LEMR account, how to request deletion of associated data, and what healthcare recordkeeping law requires us to retain.

Last updated: May 25, 2026

This page explains how to delete an account on the LEMR platform (the LEMR web application and the LEMR mobile apps for iPhone and Android) and how to request deletion of data associated with that account. Because LEMR is a clinical and billing system, some information is subject to legal retention requirements — this page explains what can be deleted and what must be kept, and why.

The fastest way to make a request: email support@lemrsystems.com with the subject line "Account & Data Deletion Request." We will confirm receipt and verify your identity before acting on the request.

Important Context: Who Controls the Data

LEMR is used by home health and home care agencies. Each agency is the owner and controller ("covered entity") of the patient and operational records in its workspace; LEMR processes that information on the agency's behalf as a "business associate" under HIPAA. This affects deletion:

  • An individual user (a clinician, staff member, or patient-portal user) can have their account deactivated and deleted.
  • The clinical and billing records within an agency's workspace are controlled by the agency. LEMR cannot unilaterally delete a patient's medical or billing record at the request of an individual; such requests are directed to, and decided by, the agency, consistent with HIPAA and applicable retention law.
  • An agency can request deletion of its entire workspace when its subscription ends, subject to the retention terms in its Business Associate Agreement.

How to Delete Your Account

Agency Staff & Clinician Accounts

Staff accounts are managed by your agency. To delete a staff or clinician account:

  1. Ask your agency administrator to deactivate and remove your account from the agency's user management screen. This is the normal path and takes effect immediately.
  2. Or email us at support@lemrsystems.com from the email address on the account, with the subject "Account & Data Deletion Request." We will verify your identity and coordinate with your agency.

Patient Portal Accounts

If you use the LEMR patient portal, you can request deletion of your portal account by emailing support@lemrsystems.com from the email address associated with the portal, or by contacting the agency that provides your care. Deleting your portal account removes your ability to sign in; it does not by itself delete the medical record your agency maintains about your care — that record is controlled by the agency.

Deleting the Mobile App

Removing the LEMR app from your device removes the app but does not delete your account or your data from the LEMR platform. To delete the account itself, follow the steps above.

How to Request Data Deletion Without Deleting Your Account

If you want certain personal data deleted but wish to keep your account active, email support@lemrsystems.com describing what you would like removed. We will review the request, tell you what can be deleted, and explain anything we are required to retain. Requests that involve patient health records are directed to the controlling agency.

What Is Deleted

When an account is deleted, we remove or de-identify, within the timeframe below:

  • The account profile — name, email, phone, job title, and login credentials;
  • Authentication data, including any stored biometric sign-in credential on associated devices;
  • Notification tokens and device associations for that account; and
  • Personal preferences and settings tied to the account.

What Is Retained, and Why

Some information cannot be immediately or fully deleted, because LEMR and the agencies it serves are bound by law and by contract:

  • Clinical and billing records. Patient medical records, visit documentation, OASIS data, claims, and related records are subject to retention periods set by federal and state law and by Medicare and Medicaid requirements. These are retained by the agency for the legally required period.
  • Audit and security logs. Records that an action occurred — required for HIPAA audit and security purposes — are retained for the period required by law and policy. Where possible these are de-identified.
  • Financial and payroll records. Invoices, payroll, and tax-related records are retained as required by tax and employment law.
  • Information needed to resolve disputes or enforce agreements, retained only as long as necessary for that purpose.

Information that LEMR is required to retain is kept secure, access-restricted, and used only for the purpose that requires its retention. When a retention period ends, the information is deleted or de-identified.

How Long Deletion Takes

We acknowledge deletion requests within 5 business days and complete eligible deletions within 30 days of verifying the request, except for information subject to a legal retention requirement as described above. Deleted data may persist in secure encrypted backups for a limited additional period before those backups are rotated and overwritten.

Agency Workspace Deletion

When an agency ends its subscription, it may request deletion of its entire workspace. Before deletion, the agency is given an opportunity to export its records to meet its own recordkeeping obligations. Handling of protected health information after termination — including return or destruction — is governed by the agency's Business Associate Agreement with LEMR.

Need Help?

If you have any question about deleting an account or your data, contact us — we're glad to walk you through it.

Asheville Home Health Inc.
Account & data requests: support@lemrsystems.com
Privacy questions: info@lemrsystems.com
Mailing address: 5 Doctors Park, Suite D, Asheville, NC 28801

See also our Privacy Policy and Terms of Service.