top of page

Privacy Policy

Effective Date: 03/27/2026

Last Updated: 03/30/2026

1. Introduction

Care-Schedule (“we,” “our,” or “us”) is committed to protecting the privacy and security of your information. This Privacy Policy describes how we collect, use, and safeguard your data in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), where applicable.

 

By using Care-Schedule, you agree to the practices described in this policy.

2. Information We Collect

We collect only the minimum necessary information required to provide our services.

a. Personal Information

  • Name

  • Email address

  • Contact details

b. Health Information (Protected Health Information - PHI)

  • If you use Care-Schedule for care-related purposes, we may collect:

  • Appointment and scheduling details

  • Care notes and reminders

  • Health-related information you choose to enter

  • This information may be considered Protected Health Information (PHI) under HIPAA.

c. Technical and Usage Information

  • Device type and operating system

  • Log data (access times, activity for security purposes)

d. SMS and Communication Information

  • ​If you consent to receive text messages from us or from a healthcare

  • provider we represent, we collect:

    • Mobile phone number

    • SMS consent status and timestamp

    • Message delivery records

  • Your mobile phone number and SMS consent information will never be shared with or sold to third parties for marketing or advertising purposes.

 

3. How We Use Your Information

We use your information strictly to:

  • Provide scheduling and care coordination services

  • Store and manage appointments and care-related information

  • Improve functionality, reliability, and security

  • Provide customer support

  • Comply with legal and regulatory obligations

  • Send transactional text messages (such as secure payment links)
      only with your prior verbal or written consent

We follow the “minimum necessary” standard under HIPAA when accessing or using your data.

4. HIPAA Compliance and Safeguards

Care-Schedule implements administrative, physical, and technical safeguards to protect PHI, including:

  • Encryption of data in transit and at rest

  • Secure access controls and authentication

  • Role-based access limitations

  • Regular monitoring and system auditing

  • Secure data storage environments

Where required, we enter into Business Associate Agreements (BAAs) with service providers that may handle PHI.

5. Data Sharing and Disclosure

We do not sell, rent, or share your personal information or PHI with third parties for marketing or advertising purposes.

 

We may disclose information only in the following limited circumstances:

  • As required by law, regulation, or legal process

  • To comply with HIPAA obligations

  • To trusted service providers (e.g., secure cloud hosting), strictly for operational purposes and under binding confidentiality agreements and BAAs

  • To prevent serious threats to health or safety

All disclosures comply with HIPAA requirements.

6. Data Storage and Security

We maintain appropriate safeguards to protect your data, including:

  • Encrypted databases and secure servers

  • Access restrictions and authentication protocols

  • Regular security reviews and updates

Despite these safeguards, no system is completely immune to risk.

 

7. Data Retention

  • We retain your information only as long as necessary to:

  • Provide services

  • Meet legal and regulatory requirements (including HIPAA retention rules)

  • Resolve disputes and enforce agreements

 

8. Your HIPAA Rights

If your data qualifies as PHI, you have the following rights under HIPAA:

  • Right of Access – Request copies of your data

  • Right to Amend – Request corrections to inaccurate information

  • Right to Deletion – Request deletion where legally permitted

  • Right to an Accounting of Disclosures

  • Right to Restrict Certain Uses and Disclosures

To exercise these rights, contact us at: spencer@care-collect.com

 

9. Breach Notification

In the event of a breach involving your unsecured PHI, we will:

Notify affected users without unreasonable delay

Comply with all applicable HIPAA Breach Notification Rule requirements

 

10. Children’s Privacy

Care-Schedule does not knowingly collect personal information from children under 13 without appropriate consent.

 

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. Updates will be posted at this location with a revised effective date.

 

12. Contact Information

If you have questions or concerns about this Privacy Policy or your data, contact us:

Email: spencer@care-collect.com

Website: care-schedule.com

 

13. Summary Statement

Care-Schedule is designed with privacy and security as core principles.We adhere to HIPAA standards where applicable and ensure that:

  • Data is used only for care-related and operational purposes

  • Information is protected with strong safeguards

  • No data is shared or used for marketing or advertising

bottom of page