HIPAA Compliance

1 What is Protected Health Information (PHI)?

Protected Health Information (PHI) includes any individually identifiable health information that we create, receive, maintain, or transmit. This includes:

• Your name, address, date of birth, and Social Security number
• Medical history, diagnoses, and treatment information
• Medications, allergies, and lab results
• Vital signs and health monitoring data from humanoid nurses
• Care plans and nursing notes
• Billing and insurance information
• Communications between you and our care team
• Any other information that could identify you and relates to your health

2 How We Use and Disclose PHI

We may use and disclose your PHI for the following purposes:

Without Your Authorization

• Treatment: To provide nursing care, coordinate with physicians, and manage your care plan
• Payment: To bill insurance companies and process payments
• Healthcare Operations: For quality improvement, training, and compliance activities
• Legal Requirements: When required by law, public health authorities, or court orders
• Emergency Situations: To prevent serious threats to health or safety

With Your Authorization

• Sharing information with family members or caregivers you designate
• Marketing communications (if any)
• Sale of PHI (we do not sell PHI)
• Most uses of psychotherapy notes (if applicable)
• Research purposes (with proper consent)

3 Security Measures

We implement comprehensive administrative, physical, and technical safeguards to protect your PHI:

4 Humanoid Nurse Data Security

Security measures specific to our humanoid nurse units:

• On-Device Encryption: All health data collected by humanoid nurses is encrypted immediately
• Secure Transmission: Data is transmitted to our servers via encrypted, HIPAA-compliant channels
• No Local Storage: PHI is not stored permanently on humanoid units; data syncs to secure servers
• Access Controls: Humanoid nurses require authentication to access patient information
• Audit Trails: All data access and interactions are logged for compliance
• Secure Disposal: Memory is securely wiped when units are decommissioned or reassigned
• Physical Security: Tamper-resistant hardware with alert systems

5 Your Rights Under HIPAA

As a patient, you have the following rights regarding your PHI:

6 Breach Notification

In the unlikely event of a breach of unsecured PHI, we will:

• Notify affected individuals within 60 days of discovery
• Provide details about what information was involved
• Explain steps we are taking to investigate and mitigate the breach
• Offer guidance on how you can protect yourself
• Report to the Department of Health and Human Services as required
• Notify media outlets if the breach affects more than 500 residents of a state

7 Business Associates

We work with trusted partners who may have access to PHI in the course of providing services to us. All business associates must:

• Sign HIPAA-compliant Business Associate Agreements (BAAs)
• Implement appropriate safeguards for PHI
• Report any security incidents or breaches
• Return or destroy PHI upon termination of the agreement
• Comply with all applicable HIPAA requirements

8 Staff Training and Compliance

All NoidNurse.com staff members are required to:

• Complete HIPAA training upon hiring and annually thereafter
• Sign confidentiality agreements
• Follow our privacy and security policies
• Report any suspected violations or breaches immediately
• Access only the minimum necessary PHI to perform their duties

Violations of our HIPAA policies result in disciplinary action up to and including termination.

9 How to File a Complaint

If you believe your privacy rights have been violated, you have the right to file a complaint:

You will not be retaliated against for filing a complaint.

10 Contact Our Privacy Officer

For questions about HIPAA compliance or to exercise your rights, contact: