HIPAA Policy

HIPAA Policy

Effective Date: August 11, 2024 Last Updated: December 28, 2024

1. Introduction

This HIPAA Privacy Notice ("Notice") describes how BirthBridge, LLC ("BirthBridge," "we," "us," "our") collects, uses, and protects your Protected Health Information ("PHI") in compliance with the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and applicable state law.

This Notice applies to:

  • Birth Professionals

    who provide services through our platform.

  • Customers

    who use our platform, accessible at

    mybirthbridge.com

By using the BirthBridge platform, you agree to the terms outlined in this Notice.

2. Your Health Information Rights

As a user of the BirthBridge platform, you have the following rights regarding your PHI:

  • Right to Access: Request access to and obtain a copy of your PHI maintained by BirthBridge, subject to exceptions permitted by law.

  • Right to Amend: Request that we amend your PHI if you believe it is inaccurate or incomplete.

  • Right to an Accounting of Disclosures: Request an accounting of certain disclosures of your PHI made by BirthBridge.

  • Right to Request Restrictions: Request restrictions on how we use or disclose your PHI for communications or platform-related purposes.

  • Right to Confidential Communications: Request that we communicate with you about your PHI in a specific way or at a specific location.

  • Right to a Paper Copy of This Notice: Request a paper copy of this Notice at any time.

3. How We May Use and Disclose Your PHI

We may use and disclose your PHI exclusively for purposes related to messaging on the BirthBridge platform:

  • Messaging Security: Messages exchanged on the BirthBridge platform are encrypted to safeguard the confidentiality of PHI during transmission. BirthBridge does not access or monitor message content unless required for compliance, security, or troubleshooting purposes.

  • As Required by Law: To comply with applicable laws, regulations, or legal processes, such as subpoenas or court orders.

  • Public Health and Safety: To report abuse, neglect, domestic violence, or other instances required by law for the protection of public health and safety.

  • Business Associates: To share PHI with third-party service providers ("Business Associates") who support messaging operations on our platform, provided they agree to protect PHI in compliance with HIPAA.

4. Messaging and Communication Protections

  • Encrypted Messaging: All messages exchanged through the BirthBridge platform are encrypted using advanced encryption protocols.

  • User Responsibility: Users (both Birth Professionals and Customers) are prohibited from discussing PHI outside of the BirthBridge messaging system to ensure security.

  • Content Liability: BirthBridge is not responsible for PHI shared outside the encrypted messaging system or via non-secure third-party platforms (e.g., email, social media).

5. Responsibilities of Birth Professionals

As a Birth Professional using the BirthBridge platform, you are responsible for ensuring compliance with HIPAA and any applicable state laws. This includes:

  • Protecting PHI: Implementing reasonable safeguards to protect the privacy and security of PHI, including using only the encrypted messaging tools provided by BirthBridge for any communication involving PHI.

  • Obtaining Authorization: Securing appropriate authorizations from Customers before using or disclosing their PHI for purposes not permitted by HIPAA.

  • Compliance with Business Associate Agreements: Ensuring third-party service providers handling PHI on your behalf sign and comply with Business Associate Agreements.

6. Responsibilities of Customers

As a Customer using the BirthBridge platform, you should be aware of the following:

  • Sharing PHI: You are responsible for sharing your PHI with Birth Professionals through the platform’s encrypted messaging feature. Avoid sharing PHI via non-secure communication methods.

  • Reviewing Privacy Practices: Birth Professionals may have their own privacy policies. We encourage you to review these policies and address any concerns directly with your chosen professional.

7. Safeguarding Your Information

BirthBridge takes reasonable steps to protect your PHI from unauthorized access, use, or disclosure, including:

  • Encrypted Messaging: All messages exchanged through the BirthBridge platform are encrypted using advanced encryption protocols.

  • Data Encryption Standards: Electronic PHI stored on and transmitted by our platform is encrypted using AES-256 or similar advanced standards.

  • Access Controls: Access to PHI is limited to authorized individuals and systems.

  • Training: We provide HIPAA compliance training to staff and Birth Professionals to ensure the confidentiality of PHI.

8. Breach Notification

In the event of a breach involving your PHI, BirthBridge will notify you as required by HIPAA. This notification will include:

  • A description of what occurred.

  • Details about the information involved.

  • Steps you can take to protect yourself.

  • Actions we are taking to address the breach.

9. Changes to This Notice

We may update this Notice to reflect changes in our practices or applicable laws. Updates will be posted on our platform, and we will notify you of significant changes. Your continued use of the platform constitutes acceptance of the revised Notice.

10. Contact Information

If you have questions or concerns about this Notice or your HIPAA rights, please contact us:

  • Email: hello@mybirthbridge.com

Acknowledgment of Receipt

By using the BirthBridge platform, you acknowledge that you have received, read, and understand this HIPAA Privacy Notice.

Tags:
BirthBridge
HIPAA