1. Introduction
Northeast Family Care ("we," "us," or "our") is committed to protecting your privacy and ensuring the security of your personal and protected health information (PHI). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website (https://northeastfamilycare.com), account access tools, and related services (collectively, the "Services").
By accessing or using our Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.
2. HIPAA Compliance
As a healthcare provider, we comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and all applicable federal and state laws regarding the privacy and security of your Protected Health Information (PHI).
- We implement administrative, physical, and technical safeguards to protect PHI
- All electronic PHI is encrypted in transit and at rest using industry-standard encryption
- Access to PHI is restricted to authorized personnel on a need-to-know basis
- We conduct regular security assessments and staff training
3. Information We Collect
Personal Information
When you register for our Services, we collect:
- Full name, date of birth, and gender
- Email address and phone number
- Mailing address
- Insurance information
- Emergency contact information
Protected Health Information (PHI)
To provide clinical Services, we collect:
- Medical history and current symptoms
- Medications and allergies
- Family health history
- Treatment records, lab results, and prescriptions
Technical Information
We automatically collect:
- Device information (type, operating system, browser)
- IP address and approximate location
- Usage data and interaction with our Services
- Cookies and similar tracking technologies
4. SMS/Text Message Communications
If you opt in to SMS messaging, we may send transactional and service-related text messages related to your care. These messages are essential to providing you with quality healthcare services.
Types of Messages You May Receive:
- One-Time Passcodes (OTP): For secure account verification and login
- Appointment Notifications: Reminders and scheduling updates
- Results Available: Notifications when lab or test results are ready
- Provider Updates: Messages from your healthcare provider regarding your care
- Care Coordination: Follow-up requests and care instructions
- Prescription Updates: Medication and pharmacy notifications
Message Frequency: Varies based on your account activity and healthcare needs. Carrier Fees: Message and data rates may apply based on your carrier plan.
Opt-Out Instructions
You may opt out of receiving SMS messages at any time by replying STOP to any message. For assistance, reply HELP or contact us at contact@northeastfamilycare.com. Please note that opting out may affect our ability to send you important healthcare notifications.
5. How We Use Your Information
We use your information for the following purposes:
- Healthcare Services: To provide, manage, and improve your care, including diagnosis, treatment, and care coordination
- Communications: To send appointment reminders, test results, care instructions, and other healthcare-related notifications
- Security: To verify your identity, prevent fraud, and maintain the security of your account
- Legal Compliance: To comply with legal obligations, including HIPAA, state healthcare laws, and regulatory requirements
6. Information Sharing & Disclosure
We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:
- Healthcare Providers: With other providers involved in your care, as permitted by HIPAA
- Service Providers: With trusted vendors who help us operate our Services (under strict confidentiality agreements)
- Legal Requirements: When required by law, court order, or government request
- With Your Consent: When you have given us explicit permission
- Insurance & Payment: With your insurance company for billing purposes (if applicable)
7. Data Security
We implement industry-leading security measures to protect your information:
- Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
- Access Controls: Role-based access with multi-factor authentication for all staff
- Secure Infrastructure: HIPAA-compliant cloud hosting with SOC 2 Type II certification
- Regular Audits: Ongoing security assessments and penetration testing
8. Your Rights
Under HIPAA and applicable state laws, you have the right to:
- Access: Request copies of your medical records and health information
- Amendment: Request corrections to inaccurate or incomplete information
- Disclosure Accounting: Receive a list of disclosures we have made of your PHI
- Restriction: Request restrictions on certain uses and disclosures
- Confidential Communications: Request communications through specific means or locations
- Complaint: File a complaint if you believe your privacy rights have been violated
9. Data Retention
We retain your medical records and personal information in accordance with applicable federal and state laws. Medical records are typically retained for a minimum of 7 years from the last date of service, or longer as required by law. Upon request, we can provide information about our specific retention policies.
10. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this Privacy Policy periodically.
11. Contact Us
If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:
For detailed information about how your Protected Health Information (PHI) is used and your rights under HIPAA, please see our Notice of Privacy Practices.