Privacy Policy

Last updated: February 16, 2025

Introduction

Haute Couture Home Care ("Company," "we," "our," or "us") is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

We comply with the Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), and other applicable federal and state privacy laws. By using our services, you consent to the practices described in this policy.

Information We Collect

We may collect the following categories of information:

Personal Identifiers

  • Name, email address, phone number, and mailing address
  • Date of birth and Social Security Number (when required for services)
  • Emergency contact information
  • Insurance information and policy numbers

Protected Health Information (PHI)

  • Medical history and current health conditions
  • Medications and treatment plans
  • Physician contact information and orders
  • Care assessments and progress notes
  • Information about the care recipient's physical and mental health

Employment Information

  • Resume, employment history, and references
  • Background check results (for job applicants)
  • Certifications and training records

Automatically Collected Information

  • IP address, browser type, and device information
  • Pages visited and time spent on our website
  • Referring website addresses
  • Cookies and similar tracking technologies

How We Use Your Information

We use the information we collect to:

  • Provide, coordinate, and improve our home care services
  • Process care requests and develop personalized care plans
  • Communicate with you about services, appointments, and care updates
  • Process payments, billing, and insurance claims
  • Respond to inquiries and provide customer support
  • Evaluate job applications and manage employee relationships
  • Comply with legal obligations and regulatory requirements
  • Send service updates and, with consent, marketing communications
  • Improve our website and analyze usage patterns
  • Protect against fraud, unauthorized access, and illegal activity

Health Information Protection (HIPAA)

As a home care provider, we are committed to protecting your Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and the HITECH Act.

Your HIPAA Rights Include:

  • Right to Access: Obtain copies of your health records
  • Right to Amend: Request corrections to inaccurate information
  • Right to Accounting: Receive a list of disclosures of your PHI
  • Right to Request Restrictions: Limit certain uses of your PHI
  • Right to Confidential Communications: Request communication through specific means
  • Right to a Paper Copy: Receive a paper copy of this notice

A separate Notice of Privacy Practices is provided to all clients and is available upon request. This notice details how medical information about you may be used and disclosed, and how you can access this information.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to Know: Request disclosure of personal information we have collected, used, disclosed, or sold about you in the past 12 months
  • Right to Delete: Request deletion of your personal information, subject to certain exceptions
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the sale or sharing of your personal information (Note: We do not sell personal information)
  • Right to Non-Discrimination: Receive equal service and pricing even if you exercise your privacy rights
  • Right to Limit: Limit the use and disclosure of sensitive personal information

To exercise your California privacy rights, contact us using the information at the bottom of this page. We will verify your identity before processing any request. You may designate an authorized agent to make a request on your behalf.

We do not sell personal information. In the preceding 12 months, we have not sold any personal information as defined by the CCPA.

Information Sharing

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: Third parties who perform services on our behalf, such as payment processing, email delivery, background checks, and IT support. These providers are bound by contractual obligations to keep personal information confidential.
  • Healthcare Providers: When necessary for coordination of care, with appropriate authorization as required by HIPAA.
  • Insurance Companies: For billing and claims processing purposes with your authorization.
  • Family Members/Caregivers: As designated by the client or their legal representative, in accordance with care coordination needs.
  • Legal Compliance: When required by law, court order, or to protect our legal rights, safety, or property.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with continued privacy protections.
  • Emergency Situations: When necessary to prevent or lessen a serious and imminent threat to health or safety.

Data Retention

We retain your information as follows:

  • Client Care Records: Minimum of 7 years after the last date of service, or as required by state law, whichever is longer
  • Billing and Financial Records: 7 years from the date of the transaction
  • Employment Records: 7 years after employment ends
  • Job Applicant Records: 2 years from date of application
  • Website Analytics: 26 months
  • Marketing Communications: Until you unsubscribe or request deletion

After the retention period, we securely dispose of records through shredding (paper) or secure deletion (electronic).

Data Security

We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Secure access controls and authentication
  • Regular security assessments and updates
  • Employee training on privacy and security practices
  • Physical security measures for paper records
  • Secure disposal of records when no longer needed

However, no method of transmission over the Internet or electronic storage is 100% secure. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately.

Breach Notification

In the event of a data breach that compromises your personal information, we will notify affected individuals and relevant authorities as required by HIPAA and applicable state laws. For HIPAA-covered breaches, notification will occur within 60 days of discovery. We will provide information about the nature of the breach, the types of information involved, steps we are taking in response, and steps you can take to protect yourself.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve your experience:

  • Essential Cookies: Required for basic website functionality
  • Analytics Cookies: Help us understand how visitors use our website (Google Analytics)
  • Preference Cookies: Remember your settings and preferences

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

Do Not Track

Our website does not currently respond to "Do Not Track" signals. However, you can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these sites. We encourage you to review the privacy policies of any third-party sites you visit.

Children's Privacy

Our website is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe we have collected information from a child under 13, please contact us immediately so we can delete the information.

Your Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your information (subject to legal requirements)
  • Receive a copy of your data in a portable format
  • Opt out of marketing communications at any time
  • Withdraw consent where processing is based on consent
  • File a complaint with a supervisory authority

To exercise your rights, contact us using the information below. We will respond within 30 days (or as required by applicable law).

Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by posting a notice on our website and updating the "Last updated" date. For clients, we may also provide direct notification of significant changes. Continued use of our services after changes become effective constitutes acceptance of the revised policy.

Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or have concerns about our privacy practices, please contact us:

For HIPAA-related requests or to obtain a copy of our Notice of Privacy Practices, please contact our Privacy Officer directly.

← Return to Home