PRIVACY POLICY

1. Introduction
HomeTeams Integrated Health (“HomeTeams,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our “Immediate Care” services, website, web app and mobile application, or any other interaction with us (collectively, the “Services”).
By using the Services, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Services.

2. Information We Collect
Personal Information: This includes your name, address, phone number, email address, date of birth, payment information, and other identifiable information you provide when you sign up for a membership or use our Services.
Health Information: When you use our telehealth services, nurse triage, or AI tools, we may collect health-related information, such as medical history, symptoms, diagnoses, prescriptions, and treatment recommendations. This information may be protected health information (“PHI”) under applicable laws like HIPAA.
HomeTeams is dedicated to maintaining the privacy and security of Protected Health Information (“PHI”) as required under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Health Information Technology for Economic and Clinical Health (“HITECH”) Act, and their implementing regulations (collectively, “HIPAA”). This section explains how we safeguard your PHI, and how we use and disclose it in connection with our healthcare services (“Services”).
Definition of Protected Health Information (PHI): Under HIPAA, PHI includes any individually identifiable health information that relates to your past, present, or future physical or mental health condition, the provision of healthcare to you, or payment for the provision of healthcare, and that either identifies you or provides a reasonable basis to believe it can be used to identify you.
Our Obligations as a HIPAA-Covered Entity (or Business Associate):
Privacy of PHI: We are required by law to maintain the privacy of your PHI and to provide you with a notice of our legal duties and privacy practices with respect to PHI.
Security of PHI: We implement administrative, physical, and technical safeguards to protect your PHI from unauthorized access, alteration, or disclosure.
Breach Notification: We follow HIIPAA’s breach notification rules. In the event of an unauthorized use or disclosure of your PHI that meets HIPAA’s definition of a “breach,” we will notify you (and potentially government authorities and/or the media) within the timeframes required by law.
Uses and Disclosers of PHI: We may use and disclose your PHI to healthcare providers (including nurses, physicians, and specialists) to facilitate diagnosis, treatment, or the coordination of care. We may use or disclose your PHI to obtain payment for healthcare services, verify coverage, and process reimbursement claims. We may use and disclose your PHI for our legitimate healthcare operations, such as quality assessment, staff training, compliance activities, and accreditation. We may disclose PHI to third parties known as Business Associates (e.g., telehealth technology vendors, call center services, AI platforms) who perform services on our behalf. Our Business Associates are contractually obligated to protect PHI under Business Associate Agreements (BAAs) that meet HIPAA standards. We may disclose PHI when required to do so by federal, state, or local law, including reporting abuse or neglect or responding to court orders and subpoenas. Under specific circumstances, HIPAA permits or requires us to use or disclose PHI for public health activities, law enforcement purposes, and other specialized government functions.
Your HIPAA Rights: Under HIPAA, you have certain rights with respect to your PHI, including the right to:
Inspect and Obtain Copies: You can request access to your PHI and obtain a copy of it. We may charge a reasonable fee for copying or postage.
Request Amendments: You can ask us to amend PHI that you believe is incorrect or incomplete. We may decline your request in certain circumstances, but we will provide you with a written explanation of the denial.
Request Restrictions: You can request restrictions on how we use or disclose your PHI for treatment, payment, or healthcare operations. While we will consider your request, we are not always required to agree to it (except in specific scenarios involving self-paid services).
Request Confidential Communication: You can request that we send PHI via alternative means or to alternative locations if disclosure through normal channels could endanger you.
Accounting of Disclosures: You can request a list of certain disclosures of your PHI that we made during a specified period, subject to certain exceptions.
File a Complaint: If you believe your privacy rights have been violated, you have the right to file a complaint with us or with the Secretary of the U.S. Department of Health and Human Services. We will not retaliate against your for filing a complaint.
Business Associate Agreements (BAAs): We require all third-party service providers, contractors, or partners (“Business Associates”) who handle PHI on our behalf to enter into a BAA with us. Under these agreements, Business Associates commit to i.) use or disclose PHI only for the purposes defined by our contract and HIPAA regulations, ii.) implement reasonable and appropriate safeguards to protect PHI, iii.) report any unauthorized uses or disclosures of PHI to us in a timely manner, iv) return or destroy PHI when the Business Associate relationship ends, if feasible.
Safeguards and Security Measures: We conduct regular risk assessments, implement privacy and security training for employees, and maintain policies and procedures for handling PHI. We secure our physical premises and limit access to areas where PHI may be stored or accessed. We use encryption, secure servers, firewalls, and secure user authentication protocols to protect electronic PHI. Access to PHI is restricted to authorized personnel on a need-to-know basis.
Breach Notification: In the event of a breach of unsecured PHI, we will notify affected individuals, the Secretary of Health and Human Services, and, if applicable, the media in accordance with HIPAA regulations. Notifications will describe: i.) the nature of the breach, ii.) the type of information involved, iii.) steps individuals should take to protect themselves, iv.) what we are doing to investigate and mitigate the breach, v.) and how individuals can contact us for more information.
Changes to This HIPAA Provision: We may revise this HIPAA Provision to comply with changes in federal or state laws or regulations. The revised version will be posted on our website with a “Last Updated” date. Continued use of our Services after such changes are posted constitutes your acceptance of the revised terms.

Usage Data: We may automatically collect information about how you access and use our Services, such as device identifiers, browser type, IP address, pages visited, and time spent on our platform.
Cookies and Similar Technologies: We may use cookies, web beacons, and similar tracking technologies to enhance user experience, gather usage statistics, and improve our Services.

3. How We Use Your Information
Service Delivery: We use your information to provide telehealth services, schedule appointments, process payments, send appointment reminders, and deliver membership benefits.
Communication: We may contact you via email, phone, or text messages for administrative purposes, such as confirming appointments, providing policy updates, or responding to inquiries.
AI-Assisted Services: We use AI tools to offer medication reminders, symptom tracking, follow-ups, and other proactive engagement features. Any data used by AI is subject to strict access controls and confidentiality requirements.
Analytics and Improvements: We may analyze usage data to troubleshoot technical issues, improve our user interface, and develop new features and services.
Legal Compliance: We may use or disclose your personal information to comply with legal obligations, respond to lawful requests, or protect our rights and interests.

4. How We Share Your Information
Third-Party Service Providers: We share personal and health information with partners like 24/7 nurse call centers, AI platforms, and telehealth technology providers who perform services on our behalf. These providers are contractually obligated to protect your information in compliance with applicable laws.
Affiliates and Subsidiaries: We may share information with our affiliated entities under common ownership or control to provide integrated healthcare services.
Legal Requirements: We may disclose your information if required by law, court order, or governmental regulation.
Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction.

5. Data Security
We implement administrative, technical, and physical safeguards designed to protect your personal and health information from unauthorized access, alteration, disclosure, or destruction. Despite these measures, no system can be guaranteed 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

6. Data Retention
We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, comply with legal obligations, or resolve disputes. The specific retention period may vary depending on legal and regulatory requirements.

7. Your Rights and Choices
Access and Correction: You have the right to request access to and correction of the personal information we hold about you.
Opt-Out: You may opt out of receiving certain promotional communications from us. However, you may still receive transactional or administrative messages regarding the Services.
Account Deletion: If you wish to close your account or request deletion of your information, please contact us. We will honor such requests unless we need to retain certain data for legal or regulatory obligations.

8. Children’s Privacy
Our Services are not intended for children under 13 years of age without parental or guardian supervision. If we learn that we have inadvertently collected personal information from a child under 13 without parental consent, we will take steps to delete it.

9. International Users
If you are accessing our Services from outside the United States, be aware that your information may be transferred to and stored in servers located in the United States. By using our Services, you consent to the transfer of your information to the U.S. and to the processing of your information in accordance with this Privacy Policy.

10. Updates to This Policy
We may revise this Privacy Policy from time to time. The updated version will be posted on our website with the “Last Updated” date. Your continued use of the Services after any modifications constitutes your acceptance of the updated policy.

11. Contact Us
For any questions or concerns regarding this Privacy Policy, please contact us at:
Email: contact@hometeams.io
Phone: 509-572-8990
Address: [HomeTeams Integrated Health, 1350 N. Grant St. Kennewick, WA 99336

Data Retention & Protection
We take your privacy seriously. All data collected through our services will be securely stored and retained only for as long as necessary to provide the requested services. Your data will never be sold, and access is restricted to authorized personnel only.