HIPAA authorization and health information privacy policy

boober Inc. (“boober”, the “Company”, “we” or “us”) is a platform that offers access to on-demand lactation support providers, prenatal care providers, postpartum care providers, and other maternity related consultation services (collectively, the “Services”) by connecting you to prenatal, childbirth, breastfeeding, and newborn care providers (collectively, “Care Providers”).

In order to provide the Services, we may collect, use, share, and exchange your personal, health and health-related information and your child’s personal, health and health-related information. Some or all of the health and health-related information we collect may be considered protected health information (“PHI”) which is protected under the Health Insurance Portability and Accountability Act (“HIPAA”).

HIPAA protects the privacy and security of your PHI by limiting the uses and disclosures of PHI by most healthcare providers and by health plans (called “Covered Entities”), as well as companies, such as boober, that provide certain types of assistance to Covered Entities (called “Business Associates”). This HIPAA Authorization describes how boober uses and manage this information, and requests your permission to use and share your PHI in specific ways necessary to provide the Services to you. If your Care Provider(s) are considered “Covered Entities” under HIPAA they may have adopted their own HIPAA policies describing how they will use and disclose your PHI.

I. HIPAA Authorization

By agreeing to the terms of this HIPAA Authorization you grant boober permission to use and disclose your PHI in the following ways;

  • To assess and determine which Care Providers are qualified to provide Services to you, and connect you to such Care Providers;
  • To share PHI with your Care Providers so they can deliver appropriate care to you;
  • To conduct analysis for boober’s business purposes;
  • To support development of the Services;
  • To communicate within our organization for treatment, payment, or healthcare operations;
  • To create de-identified information and then use and disclose this information in any way permitted by law, including to third parties in connection with their commercial and marketing efforts and clinical research studies; and
  • To comply with federal, state or local laws that require disclosure.

Such use and disclosure may be to the following individuals/ entities:

  • Third parties assisting boober with any of the uses described above;
  • A third party as part of a potential merger, sale or acquisition of boober;
  • Our business partners who assist us by performing core services (such as hosting, billing, fulfillment, or data storage and security) related to the operation or provision of our services; and
  • A provider of medical services, in the event of an emergency

In addition, you authorize boober:

  • To share information with you regarding services, products or resources about which we think you may be interested in learning more;
  • To provide you with updates and information about the Services;
  • To market to you about boober and third-party products and services;

Additionally, you authorize that all aforementioned disclosure and communications, may be conducted via channels such as email, text message, sms, google voice, google voice text, and video conferencing platforms that may or may not be considered secure under the security guidelines of HIPAA.

YOU MAY REVOKE YOUR AUTHORIZATION AT ANY TIME; however, this will not affect prior uses and disclosures. In some cases, state law may require that we apply extra protections to some of your health information.

II. Redisclosure

If boober discloses your PHI, boober will require that the person or entity receiving your PHI agrees to only use and disclose your PHI to carry out its specific business obligations to boober or for the permitted purpose of the disclosure (as described above). boober cannot, however, guarantee that any such person or entity to which boober discloses your PHI or other information will not re-disclose it in ways that you or we did not intend or permit.

III. Non-Protected Health Information

As a condition of using the Services, you are required to read and agree to boober’s Privacy Policy which explains how we process and share information received from you that is not covered by HIPAA.

IV. Our Responsibilities

  • We are required by law to maintain the privacy and security of your protected health information.
  • We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
  • We must follow the duties and privacy practices described in this notice and give you a copy of it.
  • We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.

For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.

V. Your Health Information Rights

The law entitles you to:

  • Obtain a Copy of Your Health Information

You can ask to see or obtain a copy of your health information we have about you. We may charge a reasonable, cost-based fee for providing you with a copy or summary of your health information.

  • Ask Us to Correct Health and Claims Records

You can request an amendment of your health information if you feel the health information is incorrect or incomplete. However, under certain circumstances we may deny your request.

  • Request Confidential Communications
  • Ask us to Limit what we Use or Share

You may ask that we restrict how we use or disclose your health information. However, we are not required to agree with your requests if it would affect your care.

  • Get a List of Those With Whom We Have Shared Information

You may ask to receive an accounting of certain disclosures of your health information made for the prior six (6) years, although this excludes disclosures for treatment, payment, and health care operations. We may charge a reasonable, cost-based fee for providing you with a copy or summary of this accounting.

  • Get a Copy of this Privacy Notice

You may ask to obtain a paper copy of this notice even if you receive it electronically.

  • File a Complaint if you Feel your Rights are Violated

If you believe that your privacy has been violated, you may file a complaint with us or with the Secretary of Health and Human Services in Washington, D.C. We will not retaliate or penalize you for filing a complaint with the facility or the Secretary.

VI. Contact Us

If you have any questions about this HIPAA Authorization, please email [email protected]

VII. Changes to policy

We may modify this policy from time to time, and if we make material changes to it, we will notify you through the Website, or by other means so that you may review the changes before you continue to use the Website. Continuing to use the Website after we publish or communicate a notice about any changes to this HIPAA Authorization means that you are consenting to the changes.