HIPAA Compliance

At Prompted, we take the privacy and security of our users' protected health information (PHI) seriously. As a covered entity under the Health Insurance Portability and Accountability Act (HIPAA), we are committed to complying with all applicable HIPAA rules and regulations.

  1. PHI Collection and Use: We collect and use PHI only as necessary to provide our services to our users. We do not disclose PHI to any third party without the user's express consent, except as required by law.

  2. PHI Security: We maintain physical, technical, and administrative safeguards to protect the confidentiality, integrity, and availability of PHI. These safeguards include access controls, encryption, and regular security risk assessments.

  3. Business Associate: Agreements We enter into HIPAA-compliant business associate agreements with any third-party service providers who may have access to PHI in order to provide our services.

  4. User Rights: We respect the rights of our users to access, amend, and receive a copy of their PHI. We also provide an avenue for users to file complaints about our handling of their PHI.

  5. Breach Notification: In the event of a breach of PHI, we will promptly notify affected users, the Department of Health and Human Services, and any other required parties in accordance with HIPAA rules.

  6. HIPAA Training: All employees and contractors who handle PHI receive regular HIPAA training to ensure they are aware of their obligations and responsibilities under HIPAA.

  7. HIPAA Compliance Officer: We have appointed a HIPAA compliance officer who is responsible for overseeing our compliance with HIPAA regulations.

At Prompted, we are committed to protecting the privacy and security of our users' PHI. If you have any questions or concerns about our HIPAA compliance practices, please contact our HIPAA compliance officer at ops@titus.one.