1. Information We Collect
We collect information you provide directly to us when you use our platform, request a demo, or communicate with us. This may include:
- Contact information such as name, email address, phone number, and organization name
- Professional information such as job title, specialty, and practice details
- Account credentials used to access the ManageCare platform
- Usage data including how you interact with our AI employees and platform features
- Technical data such as IP address, browser type, and device information
- Protected Health Information (PHI) processed on behalf of covered entities under a Business Associate Agreement (BAA)
2. How We Use Your Information
We use the information we collect to provide, maintain, and improve our AI-powered healthcare operations platform. Specifically, we use your information to:
- Deliver and operate our AI employee services including scheduling, care management, and referral coordination
- Process and fulfill your requests, including demo scheduling and account setup
- Send administrative communications about your account or our services
- Analyze usage patterns to improve platform performance and AI accuracy
- Ensure compliance with healthcare regulations including HIPAA, HITECH, and state privacy laws
- Protect against fraud, unauthorized access, and other security threats
3. HIPAA Compliance
ManageCare operates as a Business Associate under HIPAA. We maintain rigorous safeguards for Protected Health Information (PHI):
- All PHI is encrypted at rest using AES-256 encryption and in transit using TLS 1.3
- We execute Business Associate Agreements (BAAs) with all covered entity clients
- Access to PHI is restricted through role-based access controls and multi-factor authentication
- We maintain comprehensive audit logs of all PHI access and modifications
- Our AI employees process PHI only as directed by the covered entity and within the scope of the BAA
- We conduct regular risk assessments and maintain an incident response plan for potential breaches
4. Data Sharing and Disclosure
We do not sell, rent, or trade your personal information or PHI. We may share information only in the following circumstances:
- With healthcare providers and organizations as directed by our platform workflows and your authorization
- With service providers who assist in operating our platform, under strict contractual obligations and BAAs where applicable
- To comply with legal obligations, court orders, or regulatory requirements
- To protect the rights, safety, and property of ManageCare, our users, or the public
- In connection with a merger, acquisition, or sale of assets, with appropriate notice and protections
5. Data Security
We implement industry-leading security measures to protect your data:
- SOC 2 Type II certified infrastructure and processes
- End-to-end encryption for all data in transit and at rest
- Regular penetration testing and vulnerability assessments
- Dedicated security team with 24/7 monitoring and incident response
- Physical security controls at all data center facilities
- Employee background checks and ongoing security training
6. Data Retention
We retain your information for as long as necessary to provide our services, comply with legal obligations, and resolve disputes. PHI is retained in accordance with applicable healthcare regulations and our BAA terms. When data is no longer needed, it is securely deleted or de-identified using industry-standard methods.
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal information:
- Access — Request a copy of the personal information we hold about you
- Correction — Request correction of inaccurate or incomplete information
- Deletion — Request deletion of your personal information, subject to legal retention requirements
- Portability — Request a copy of your data in a portable, machine-readable format
- Restriction — Request that we limit processing of your personal information
- Objection — Object to processing of your personal information for certain purposes
8. Cookies and Tracking
Our platform uses essential cookies to maintain session state and provide core functionality. We use analytics tools to understand how our platform is used and to improve performance. You can control cookie preferences through your browser settings. We do not use tracking technologies for advertising purposes.
9. Children's Privacy
Our platform is designed for use by healthcare professionals and organizations. We do not knowingly collect personal information from individuals under the age of 18. If we learn that we have collected information from a minor, we will take steps to delete it promptly.
10. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify you of material changes by posting the updated policy on our website and, where required, by direct communication. Your continued use of our platform after changes take effect constitutes acceptance of the updated policy.
11. Contact Us
If you have questions about this Privacy Policy, our data practices, or wish to exercise your rights, please contact us at:
- Email: privacy@ManageCare.ai
- Address: ManageCare, Inc.
