Care Connect, LLC
Notice of Privacy Practices
Care Connect has developed CareConnect, a cloud-based mobile and web application that includes advanced shift targeting, distribution, and communication features enabling health care providers to gain efficiencies coordinating and communicating with their caregivers employees and clients. CareConnect works as a stand-alone application or integrated with third-party applications that allow for the exchange of caregiver and client data.
We understand that certain caregiver and client data is personal. Care Connect is committed to protecting all personal information collected and maintained by the App. This Notice applies to all of the information we receive and maintain.
In order to provide our services, we collect certain personal information about our users including name, address, email, phone number, date of birth, social security number, personal preferences, skills, certifications, schedule and service information. This information is used to enable the App to connect caregivers and other employees with health care providers with whom they already have a relationship and have invited to use our services.
During your use of our App, we may collect certain additional information automatically about how our services are accessed and used including, but not limited to, your browser type, the type of mobile device you use, your mobile devices unique device ID, your IP address, your operating system, the type of mobile Internet browsers you use, and information about the way you use the Application in order to enhance our services.
We also may collect information through the use of “cookies”, tracking pixels, and similar technologies to understand how you navigate through the App and interact with advertisements, to learn what content is popular, and to save your preferences. Cookies are small text files that web servers place on your device; they are designed to store basic information and to help websites and apps recognize your browser. We may use both session cookies and persistent cookies. A session cookie disappears after you close your browser. A persistent cookie remains after you close your browser and may be accessed every time you use the App. You should consult your web browser(s) to modify your cookie settings. Please note that if you delete or choose not to accept cookies from us, you may be missing out on certain features of the services we provide.
We use the information we collect from all users to:
We may also disclose information in special cases when we have a good faith belief that such disclosure is necessary to: (a) comply with legal requirements; (b) defend and protect company property; (c) enforce our terms and conditions; or (d) protect the interests of our users or others.
Our App is not intended for children under 13 years of age. We do not knowingly collect information from children under 13. If you think we have collected information from a child under the age of 13, please contact us.
The security of your information is very important to us. We use physical, electronic and administrative safeguards to protect your personal information, however, no security measures can be 100% secure, and we cannot guarantee the security of your data.
This HIPAA Business Associate Agreement
This HIPAA Business Associate Agreement (“Agreement”) is a legally binding contract between Care Connect, LLC, a New York limited liability company (“Business Associate”) and the “Covered Entity” as identified in any Sales Order entered into by the Covered Entity for Business Associate’s Products and Services. These terms can be found at www.careconnectmobile.com/baa. The Business Associate and the Covered Entity are hereinafter individually referred to as “Party” or collectively as “Parties.” Capitalized terms used herein and not otherwise defined shall have the meaning set forth in the Subscription Agreement between Business Associate and Covered Entity.
WHEREAS, Covered Entity has contracted with Business Associate to provide Products and Services to the Covered Entity and the Covered Entity is required by law to enter into this Agreement with Business Associate; and
WHEREAS, the Parties wish to disclose to each other certain information pursuant to the terms of the Subscription Agreement, some of which may constitute Protected Health Information; and
WHEREAS, the purpose of this Agreement is to satisfy certain obligations under the Federal Health Insurance Portability and Accountability Act of 1996 and its related regulations (“HIPAA”), the Health Information Technology for Economic and Clinical Health Act, Title XIII of the American Recovery and Reinvestment Act of 2009 and related regulations promulgated by the Secretary (the “HITECH Act”). These provisions of the HITECH Act and the regulations applicable to Business Associate are collectively referred to as the "HITECH BA Provisions."
NOW, THEREFORE, in consideration of the mutual promises below, and for other good and valuable consideration, the receipt and sufficiency of which is hereby acknowledged, the Parties agree as follows:
Interpretation of this Agreement. Any ambiguity in this Agreement shall be resolved in favor of a meaning that permits the Parties to comply with HIPAA.
Definitions. All capitalized terms used herein and not further defined below shall have the meanings set forth in the HIPAA Regulations (as such term is defined below).
(a) Business Associate will establish and maintain appropriate safeguards and comply with Subpart C of 45 CFR Part 164 with respect to electronic protected health information to prevent any Use or Disclosure of PHI, other than as provided for by this Agreement or as required by law. In accordance with 45 CFR §164.502 (e)(1)(ii) and 164.308(b)(2), if applicable Business Associate shall ensure that any subcontractors that create, receive, maintain or transmit protected health information on behalf of the Business Associate agree in writing to the same terms, conditions, restrictions and requirements that apply to Business Associate with respect to such information.
(b) Covered Entity shall not delegate to Business Associate the determination and processing of an Individual member’s request for amendments to his or her PHI in a Designated Record Set. Business Associate shall promptly forward all requests for amendments to PHI to Covered Entity upon receipt. Covered Entity will make the final determination to grant or deny amendments and complete all required processing. Business Associate hereby agrees to make amendments to PHI in a Designated Record Set as and when approved by Covered Entity so as to permit Covered Entity to timely comply with the requirements of 45 C.F.R. 164.526.
(c) Covered Entity shall not delegate to Business Associate the determination and processing of Individual member requests for an accounting of Disclosures of PHI. Business Associate shall promptly forward all requests for an accounting of Disclosures of PHI to Covered Entity upon receipt. Covered Entity will complete all required processing in connection with such request. Business Associate hereby agrees to promptly make available information collected relating to applicable accountings of PHI Disclosures to Covered Entity, so as to permit Covered Entity to timely respond to a request by an Individual for an accounting of Disclosures of Protected Health in accordance with 45 C.F.R. 164.528
(d) Covered Entity shall not delegate to Business Associate the determination and processing of an Individual’s request for access to his or her PHI in a Designated Record Set. Business Associate shall promptly forward all requests for access to PHI to Covered Entity upon receipt. Covered Entity will make the final determination to grant or deny access to PHI in a Designated Record Set and complete all required processing in connection with such access. Business Associate hereby agrees to promptly make available PHI in a Designated Record Set to Covered Entity so as to permit Covered Entity to timely comply with the requirements of 45 C.F.R. 164.524.
(e) Business Associate agrees to make available to the Secretary (i) Business Associate’s internal practices, books and records relating to the Use and Disclosure of PHI for the purposes of determining Covered Entity’s compliance with the Privacy Rule; and (ii) Business Associate’s policies, procedures and documentation relating to the safeguards described herein, for the purposes of determining Covered Entity’s compliance with the Security Rule.
(f) To the extent the Business Associate is to carry out one or more of Covered Entity’s obligation(s) under Subpart E of 45 CFR Part 164, comply with the requirements of Subpart E that apply to the Covered Entity in the performance of such obligation(s).
(g) Business Associate shall have procedures in place for mitigating any injurious or harmful effect from the Use or Disclosure of PHI in a manner contrary to this Appendix.
(h) Business Associate agrees that it will:
(1) Implement Administrative Safeguards, Physical Safeguards, and Technical Safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of EPHI;
(2) Ensure that any agent, including a subcontractor, to whom it provides such information agrees to implement reasonable and appropriate safeguards to protect it; and
(3) Report to Covered Entity any use or disclosure of protected health information not provided for by the Agreement of which it becomes aware, including breaches of unsecured protected health information as required by 45 CFR §164.410 and any Security Incident of which it becomes aware.
The HITECH BA Provisions shall apply commencing on February 17, 2010, or such other date as may be specified in the applicable regulations, whichever is later (“Applicable Effective Date”). Business Associate hereby acknowledges and agrees that, to the extent it is functioning as a Business Associate of Covered Entity, it will comply with the HITECH BA Provisions and with the obligations of a Business Associate as prescribed by HIPAA and the HITECH Act commencing on the Applicable Effective Date of each such provision. Business Associate and Covered Entity further agree that the provisions of HIPAA and the HITECH Act that apply to business associates and that are required to be incorporated by reference in a business associate agreement are incorporated into this Agreement between Business Associate and Covered Entity as if set forth in this Agreement in their entirety and are effective as of the Applicable Effective Date.
(a) Term. The Term of this Agreement shall be effective as of the Effective Date, and shall terminate when all of the PHI provided by Covered Entity to Business Associate, or created or received by Business Associate on behalf of Covered Entity, is destroyed or returned to Covered Entity, or, if it is not feasible to return or destroy PHI, protections are extended to such information, in accordance with the termination provisions in this Section.
(b) Termination for Cause By Covered Entity. Upon the Covered Entity’s knowledge of a material breach by Business Associate of this Agreement, the Covered Entity shall have the right to immediately terminate this Agreement.
(c) Automatic Termination. This Agreement will automatically terminate without any further action by the Parties upon the termination or expiration of the Subscription Agreement between the Parties.
(d) Effect of Termination
(1) Except as provided in paragraph (2) of this Section 7(d), upon termination of this Agreement for any reason, the Business Associate shall return or destroy all PHI received from Covered Entity, or created or received by Business Associate on behalf of Covered Entity. Business Associate shall retain no copies of the PHI except as required by any applicable statute of limitations applicable to data retention.
(2) In the event that Business Associate determines that returning or destroying the PHI is not feasible, the Business Associate shall provide in writing to Covered Entity notification of the conditions that make return or destruction infeasible. Business Associate shall extend the protections of this Agreement to such PHI and limit further uses and disclosures of such PHI to those purposes that make the return or destruction infeasible, for so long as Business Associate maintains such PHI.
Regulatory References. A reference in this Agreement to a section in the Privacy Rule means the section as in effect or as amended, and for which compliance is required.
Automatic Amendment. Upon the Applicable Effective Date of any amendment to the regulations promulgated by Health and Human Services (HHS) with respect to PHI, this Agreement shall automatically amend such that the obligations imposed on Business Associate as a Business Associate remain in compliance with such regulations.
Survival. The respective rights and obligations of Business Associate and Covered Entity under this Agreement shall survive the termination of this Agreement.
Choice of Law. This Agreement shall be governed and construed under the laws of the State of New York, without regard to choice of law rules.
Entire Agreement. This Agreement constitutes the entire agreement between the Parties with respect to the subject matter hereof, and supersedes all prior oral or written agreements, commitments or understandings with respect thereto. In the event of a conflict between the terms of this Agreement and the Subscription Agreement, the terms of this Agreement shall control. The Parties understand that no provisions of the Agreement shall apply to this Agreement unless expressly referred to herein.
Assignment. Either Party shall be permitted to assign its rights and interests under this Agreement to an entity that purchases the assets of the Company or merges with the company, so long as (i) the assignee agrees to be bound by all of the terms and conditions of this Agreement and (ii) the assignee operates the business as a continuation of that Party’s business.
State Law Preemption. Pursuant to 45 CFR Section 160.203, certain provisions of state laws relating to the privacy of PHI may supersede the applicable similar provision(s) within the HIPAA Regulations (hereinafter referred to each as a “State Law”). Business Associate shall comply with provisions of such State Laws applicable to Business Associate.
Notice. Any notice called for under this Agreement shall be given in accordance with the Subscription Agreement.
Updated: December 2019
careconnectmobile.com strives to ensure that its services are accessible to people with disabilities. Careconnectmobile.com has invested a significant amount of resources to help ensure that its website is made easier to use and more accessible for people with disabilities, with the strong belief that every person has the right to live with dignity, equality, comfort and independence.
careconnectmobile.com makes available the UserWay Website Accessibility Widget that is powered by a dedicated accessibility server. The software allows careconnectmobile.com to improve its compliance with the Web Content Accessibility Guidelines (WCAG 2.1).
The careconnectmobile.com accessibility menu can be enabled by clicking the accessibility menu icon that appears on the corner of the page. After triggering the accessibility menu, please wait a moment for the accessibility menu to load in its entirety.
careconnectmobile.com continues its efforts to constantly improve the accessibility of its site and services in the belief that it is our collective moral obligation to allow seamless, accessible and unhindered use also for those of us with disabilities.
Despite our efforts to make all pages and content on careconnectmobile.com fully accessible, some content may not have yet been fully adapted to the strictest accessibility standards. This may be a result of not having found or identified the most appropriate technological solution.
If you are experiencing difficulty with any content on careconnectmobile.com or require assistance with any part of our site, please contact us during normal business hours as detailed below and we will be happy to assist.
If you wish to report an accessibility issue, have any questions or need assistance, please contact careconnectmobile.com Customer Support as follows: