Privacy Policy for Positive Check

1. Introduction

Positive Check ("we," "our," or "us") is committed to protecting the privacy and security of all users' personal information. This Privacy Policy describes how we collect, use, and safeguard information when families and healthcare providers use our caregiver support services.

Our practices comply with the Health Insurance Portability and Accountability Act (HIPAA) to ensure the confidentiality and security of Protected Health Information (PHI). For families, this includes information about loved ones receiving daily wellness calls. For providers, this includes information about multiple clients or patients.

Because Positive Check integrates with OpenAI's ChatGPT platform to support AI-driven conversations, we also incorporate OpenAI's privacy practices as relevant to our services.

2. Information We Collect

We may collect the following categories of information:

• Personal Identification Information (PII): Names, addresses, email address, phone number, and other identifiers that can be used to contact or identify you.
• Protected Health Information (PHI): Health information provided by you or generated through our services, such as daily check-in responses, health status updates, or caregiver notes.
• Usage Data: Information about how you interact with our services, including login times, dashboard access, and feature usage.
• Provider Data: For healthcare providers, account details and PHI related to multiple clients or patients as submitted through the Admin Console.

3. How We Use Your Information

We use the information collected to:

• Provide and maintain our wellness check-in and caregiver support services.
• Communicate with you regarding your account, service updates, and alerts.
• Deliver email notifications confirming call status and alerts as alerts.
• Provide dashboards and reports for ongoing monitoring of wellness and activity.
• Ensure compliance with legal and regulatory requirements.
• Improve, personalize, and enhance your experience with our services.
• Generate de-identified, aggregated data for analytics, service improvement, and quality reporting.

4. Data Ownership

• Families and Providers retain ownership of their data, including PHI.
• Positive Check processes data solely to provide the contracted services.
• We may use de-identified or aggregated data to improve services and reporting but will never sell identifiable user data without consent.

5. Data Retention and Deletion

• We retain PHI and account information only as long as necessary to provide services and meet regulatory requirements.
• Families may request deletion of their account and data at any time.
• Providers may request deletion of client data, subject to applicable healthcare record retention laws.
• Backup copies may persist for a limited period as part of our disaster recovery procedures.

6. HIPAA Compliance

Positive Check is committed to maintaining the confidentiality, integrity, and security of PHI in compliance with HIPAA. Our safeguards include:

• Encryption of data in transit and at rest.
• Role-based access controls and user authentication.
• Audit logging and monitoring of system access.
• Business Associate Agreements (BAA) with Providers where required by law.

Providers remain responsible for HIPAA compliance within their organizations, including proper management of staff access to the Admin Console.

7. Security Measures

We implement industry-standard administrative, technical, and physical safeguards to protect information. These measures include encryption, firewalls, secure hosting, restricted access, and ongoing monitoring. While we strive for robust protection, no system is completely immune to risk, and users must remain vigilant.

8. Access Controls for Providers

Providers are responsible for managing staff access within their organization. This includes assigning appropriate roles, terminating access for former staff, and ensuring that employees only use the Services for authorized purposes.

9. Use of OpenAI's ChatGPT Platform

Positive Check utilizes OpenAI's ChatGPT platform to facilitate AI-driven conversations. OpenAI may process limited interaction data in order to enable these conversations. OpenAI does not retain PHI beyond the immediate processing session. Positive Check takes additional steps to ensure HIPAA compliance and alignment with our own data protection standards.

For details about OpenAI's privacy practices, please review OpenAI's Privacy Policy.

10. Children's Privacy

Positive Check is not intended for children under the age of 18. We do not knowingly collect or maintain information about individuals under 18.

11. International Use

At present, Positive Check services are only available to users located in the United States.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us at: