Compass Health Logo

Notice of Privacy Practices

Compass Health

Effective Date: January 2025

Introduction

Compass Health is committed to protecting the privacy and security of your health information. This Notice of Privacy Practices (“Notice”) explains how we may use and disclose your Protected Health Information (PHI), your rights regarding that information, and our legal duties under the Health Insurance Portability and Accountability Act (HIPAA).

We are required by law to:

  • Maintain the privacy and security of your PHI
  • Provide you with this Notice explaining our privacy practices
  • Follow the terms of this Notice currently in effect

Who This Notice Applies To

This Notice applies to all services provided by Compass Health and to all employees, contractors, care coordinators, and HIPAA-compliant business associates, customers, patients, physicians who may handle your PHI on our behalf.

How We May Use and Disclose Your Health Information

We may use or disclose your PHI with your written authorization per the agreement signed upon membership signature for the following purposes:

Treatment

To coordinate, manage, or assist with your healthcare, including appointment scheduling, specialist coordination, care navigation, and communication with healthcare providers involved in your care.

Payment

To bill for services, collect payment, verify eligibility, or manage payment-related activities for the membership service only.

Healthcare Operations

To operate our business, including quality assurance, training, compliance, auditing, care coordination workflows, and internal administration.

As Required by Law

When required by federal, state, or local law, regulation, or legal process.

Public Health & Safety

For public health reporting, abuse or neglect reporting, health oversight activities, or to prevent a serious threat to health or safety when permitted by law.

Uses and Disclosures Requiring Your Authorization

We will obtain your written authorization before using or disclosing your PHI for:

  • Any purpose not described in this notice

You may revoke your authorization at any time in writing. Revocation will not affect uses or disclosures already made.

Your Rights Under HIPAA

Access Your Information

Request to inspect or receive a copy of your PHI in paper or electronic form.

Request an Amendment

Ask us to correct or update your PHI if you believe it is inaccurate or incomplete.

Request an Accounting of Disclosures

Receive a list of certain disclosures of your PHI made by Compass Health.

Request Restrictions

Ask us to limit how your PHI is used or disclosed. While we are not required to agree to all requests, we will honor restrictions we approve.

Request Confidential Communications

Ask us to contact you in a specific way (e.g., phone, email, secure messaging).

Receive a Copy of This Notice

Request a paper or electronic copy of this Privacy Notice at any time.

File a Complaint

If you believe your privacy rights have been violated, you may file a complaint without fear of retaliation.

Security Safeguards & End-to-End Encryption

Compass Health implements administrative, physical, and technical safeguards to protect your PHI in compliance with the HIPAA Security Rule.

Technical Safeguards Include:

  • End-to-end encryption for electronic transmission of PHI
  • Secure HTTPS/TLS communication
  • Role-based access controls and authentication
  • Audit logs and monitoring of system access
  • Secure HIPAA-compliant platforms and vendors with executed BAAs

Administrative Safeguards Include:

  • HIPAA privacy and security training
  • Designated Privacy and Security Officers
  • Risk assessments and incident response protocols

Physical Safeguards Include:

  • Controlled access to systems and devices
  • Secure workstation and device management
  • Proper disposal of electronic media

Breach Notification

In the event of a breach of unsecured PHI, Compass Health will notify affected individuals without unreasonable delay and no later than 60 days after discovery, as required by HIPAA. Notifications will include information about the breach and steps you can take to protect yourself.

Changes to This Notice

We reserve the right to change this Notice at any time. Any changes will apply to all PHI we maintain and will be posted on our website. The effective date at the top of this page will be updated accordingly.

Contact Information

If you have questions, want to exercise your rights, or wish to file a complaint, contact:

contact@thecompasshealth.com

Email

(813) 567-8778

Phone

By using Compass Health services or interacting with our platform, you acknowledge that you have been provided access to this Notice of Privacy Practices.

By clicking "I Acknowledge", you confirm that you have read and understand this privacy notice.