1. Introduction
Med Inc ("we," "us," "our") respects your privacy. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your information when you use medhha.com or our services.
2. Information We Collect
Personal Information You Provide
- Patient care requests: Your name, phone, email, relationship to patient, patient demographics, care needs, and insurance information.
- Job applications: Your name, contact info, address, work history, certifications, references, and uploaded resume.
- Employment onboarding: If you accept a position, we collect taxpayer identification (SSN/EIN) on IRS Form W-9, banking information for direct deposit, emergency contacts, and required compliance documents.
Automatically Collected Information
- IP address, browser type, device type, and pages visited.
- Cookies and session identifiers used to keep you logged in and remember your language preference.
Health Information (Protected Health Information / PHI)
If you become a Med Inc patient, we collect health information necessary to provide care under our separate HIPAA Notice of Privacy Practices.
3. How We Use Your Information
- To respond to care requests and coordinate services.
- To evaluate job applications and complete background screening.
- To process payroll and meet IRS reporting obligations (1099-NEC).
- To comply with Florida AHCA regulations and federal law.
- To send you appointment reminders, billing notices, and service updates.
4. How We Share Your Information
We never sell your personal information. We share information only when:
- Required for care coordination (with assigned caregivers, case managers, physicians).
- Required by law (subpoena, court order, AHCA inspection, IRS reporting).
- Required to process payments (Mercury Bank for ACH transfers, IRS for tax filings).
- You give us explicit written consent.
5. Data Security
We use industry-standard safeguards including:
- HTTPS encryption for all web traffic.
- AES-256 encryption for taxpayer identification numbers (SSN/EIN) at rest.
- HIPAA-compliant audit logging of all access to patient health information.
- Role-based access controls β only authorized staff can view your records.
- Regular security reviews and staff training.
No system is 100% secure. If we discover a breach affecting your information, we will notify you within 60 days as required by HIPAA and Florida law.
6. Your Rights
You have the right to:
- Access a copy of personal information we hold about you.
- Correct inaccurate information.
- Request deletion of information we are not legally required to retain.
- Opt out of marketing communications at any time.
- File a complaint with the U.S. Department of Health & Human Services if you believe your HIPAA rights have been violated.
To exercise these rights, contact us at privacy@medhha.com.
7. Retention
We retain records as required by law: medical records for 6 years after last service date (HIPAA), payroll/tax records for 7 years (IRS), and applications for 1 year if not hired.
8. Cookies
We use only essential session cookies (login session, language preference). We do not use third-party advertising or tracking cookies.
9. Children
Our services are not directed to children under 13. We do not knowingly collect information from children.
10. Changes to This Policy
We may update this policy periodically. The "Last updated" date at the top of this page reflects the most recent revision. Material changes will be announced via email to patients and staff.
11. Contact Us
Med Inc β Privacy Officer
Email: privacy@medhha.com
Address: Naples, Florida
For HIPAA-specific concerns, see our HIPAA Notice of Privacy Practices.