logo

Privacy Policy

Your privacy and security are our highest priorities. Learn how we protect your information.

HIPAA Compliant

Our Privacy Principles

Anonymous Analytics

We collect anonymous statistics to improve service, but never link data to your identity.

Safe Harbor Compliant

We follow HIPAA Safe Harbor de-identification rules strictly.

Email Separation

Your email is never linked to health searches or diagnosis information.

Information Collection

What We Collect (Anonymous Analytics):

  • • Medical diagnosis category (from predefined dropdown only)
  • • Support needs (from predefined categories)
  • • First 3 digits of ZIP code (HIPAA Safe Harbor compliant - ≥20,000 population)
  • • General financial situation category (predefined options)
  • • Insurance status category (predefined options)
  • • Anonymous session IDs (not linked to any individual)
  • • Email addresses (stored separately with NO health data linkage)

Why we collect this: Anonymous analytics help us identify resource gaps, understand trending needs, and improve the tool to serve patients better. This data cannot be traced back to you.

What We DON'T Collect:

  • • Names, addresses, or identifying contact information
  • • Full ZIP codes (only first 3 digits)
  • • Specific medical details, diagnoses, or free-text medical information
  • • Social Security numbers or insurance ID numbers
  • • Any linkage between email addresses and health searches
  • • IP addresses or detailed device information
  • • Treatment history or medication details

HIPAA Compliance

HIPAA Safe Harbor Compliance

Our system follows HIPAA Safe Harbor de-identification rules. We collect only predefined categories and remove all 18 HIPAA identifiers. Anonymous analytics are stored with zero linkage to individual identities.

Technical Safeguards:

  • • End-to-end encryption for all data transmission (TLS)
  • • Secure encrypted database storage
  • • Anonymous session IDs that cannot be traced to individuals
  • • Strict separation between email storage and health data
  • • Only first 3 digits of ZIP codes stored (Safe Harbor compliant)
  • • Regular security audits and compliance reviews

Data Usage & Sharing

How We Use Your Information:

  • • To match you with relevant support resources
  • • To generate personalized recommendations
  • • To improve our matching algorithms (aggregate data only)

We Never Share Your Data

We do not sell, rent, or share your information with third parties. Your responses are used solely for generating your resource matches.

User Rights & Control

Your Rights:

  • • Right to use the service without creating an account
  • • Right to clear your browser data at any time
  • • Right to ask questions about our privacy practices
  • • Right to report privacy concerns

Data Retention:

Anonymous Analytics: Search analytics are retained to help us improve the service and identify resource gaps. This data is fully anonymous and cannot be linked to you.

Email Addresses: If you provide your email, it is stored separately with NO health data linkage. You can unsubscribe anytime, and we will remove your email within 30 days.

Aggregation: For statistical reporting, we use minimum cell sizes (≥5 records) to ensure individual privacy per Safe Harbor guidelines.

Contact & Updates

Questions or Concerns?

If you have any questions about this privacy policy or our data practices, please contact us:

  • • Email: privacy@healthconnect.org
  • • Phone: 1-800-PRIVACY (1-800-774-8229)
  • • Mail: Privacy Officer, HealthConnect, [Address]

Policy Updates:

This privacy policy was last updated on December 2024. We will notify users of any material changes by posting the updated policy on our website with a new effective date.