Privacy Policy

Last Updated: March 2024

Our Commitment to Your Privacy

At Saint Daniels Healthcare Rewards, we take the privacy and security of your personal health information extremely seriously. As a healthcare rewards platform, we understand the sensitive nature of the information you share with us and are committed to protecting it in accordance with all applicable laws and regulations, including the Health Insurance Portability and Accountability Act (HIPAA).

HIPAA Compliance and Data Protection

Our platform is built with HIPAA compliance at its core. This means:

  • All personal health information (PHI) is encrypted both in transit and at rest
  • Access to PHI is strictly limited to authorized personnel who require it for specific healthcare operations
  • Regular security audits and updates are performed to maintain the highest level of data protection
  • All staff members undergo mandatory HIPAA compliance training
  • We maintain detailed access logs and conduct regular security assessments

Information We Collect

We only collect information that is necessary to provide our healthcare rewards services:

  • Basic personal information (name, contact details)
  • Health insurance information
  • Healthcare activity data related to rewards program participation
  • Program participation and rewards history
  • Information required for health insurance enrollment and management

How We Use Your Information

Your information is used exclusively for:

  • Processing and managing your healthcare rewards program participation
  • Facilitating health insurance enrollment and coverage
  • Verifying eligibility for specific rewards and programs
  • Improving our services and user experience
  • Maintaining HIPAA compliance and regulatory requirements

We do not sell, trade, or transfer your personal information to outside parties for marketing purposes. Your data is strictly used for healthcare-related operations within our organization.

Data Storage and Security

We implement robust security measures to protect your information:

  • Advanced encryption protocols for all stored data
  • Secure, HIPAA-compliant servers and databases
  • Regular security updates and vulnerability assessments
  • Strict access controls and authentication procedures
  • Automated security monitoring and threat detection

Your Rights and Control

Under HIPAA and our privacy commitment, you have the right to:

  • Access your personal health information
  • Request corrections to your information
  • Receive an accounting of disclosures of your health information
  • Request restrictions on certain uses and disclosures
  • Obtain a copy of your health records
  • Choose how we communicate with you about your health information

Data Retention

We retain your information only for as long as necessary to:

  • Provide our services and maintain your rewards program participation
  • Comply with legal and regulatory requirements
  • Resolve any disputes or issues that may arise
  • Maintain accurate business and health records as required by law

After this period, your information is securely deleted or anonymized in accordance with our data retention policies and HIPAA requirements.

Third-Party Service Providers

When we work with third-party service providers:

  • All providers must meet our strict HIPAA compliance requirements
  • Business Associate Agreements (BAAs) are maintained with all relevant parties
  • Access to data is limited to only what is necessary for specific services
  • Regular audits are conducted to ensure compliance

Updates to Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or regulatory requirements. Any significant changes will be communicated to you through our platform or via email. Continued use of our services after such changes constitutes acceptance of the updated Privacy Policy.