HIPAA Notice of Privacy Practices
Understanding how we protect your health information
This Notice describes how PocketProviderAI may use and disclose your Protected Health Information ("PHI") and how you can access that information. Please review it carefully.
1. Our Responsibilities
Under HIPAA, we are required to:
- Maintain the privacy and security of your PHI.
- Notify you if a breach compromises the privacy or security of your information.
- Provide you with this Notice explaining our legal duties and privacy practices.
- Follow the terms of the Notice currently in effect.
2. How We May Use and Disclose Your PHI
We may use and disclose your PHI for:
a. Treatment
To help coordinate or manage your healthcare with providers or other professionals.
b. Payment
To bill and collect payment for healthcare services if applicable.
c. Healthcare Operations
For business operations such as quality improvement, audits, or customer service.
d. As Required by Law
When disclosure is required by federal, state, or local law.
e. Public Health and Safety
To report health issues, prevent disease, or address threats to public safety.
f. Legal Proceedings
In response to a court order, subpoena, or other lawful process.
3. Other Uses and Disclosures Requiring Authorization
Important: For purposes not listed above, we will obtain your written authorization before using or disclosing your PHI.
You may revoke your authorization at any time in writing, except to the extent that we have already acted on it.
4. Your Rights Regarding Your PHI
You have the right to:
Access
Request copies of your PHI.
Amend
Request corrections to your PHI if you believe it is incomplete or inaccurate.
Restrict
Ask us to limit certain uses or disclosures.
Confidential Communications
Request that we communicate with you in a certain way or at a certain location.
Accounting of Disclosures
Request a list of disclosures we have made, excluding those for treatment, payment, and healthcare operations.
Paper Copy
Request a paper copy of this Notice at any time.
5. Our Commitment to Data Security
Security Measures: We implement administrative, technical, and physical safeguards to protect your PHI, including encryption in transit and at rest. While we strive for the highest level of security, no system is completely secure.
Our security measures include:
- End-to-end encryption for all health data
- Secure cloud infrastructure with 24/7 monitoring
- Regular security audits and penetration testing
- Multi-factor authentication and access controls
- Staff training on HIPAA compliance
- Incident response procedures
6. Breach Notification
If a breach of unsecured PHI occurs, we will notify you promptly as required by law, including details about what happened and steps you should take.
Notification Timeline: We will notify affected individuals within 60 days of discovering a breach that affects their PHI.
7. Changes to This Notice
We may change the terms of this Notice at any time. The new Notice will be posted on our website and will apply to all PHI we maintain.
Contact Us
PocketProvider Privacy Officer
Email: [email protected]
For HIPAA-related concerns or to exercise your rights:
Please contact our Privacy Officer using the email above. We will respond to your request within 30 days.