HIPPA Compliance

Our Commitment to HIPAA Compliance

Effective Date: 10/03/2023

Proxwell is committed to protecting your health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA). This page explains how we safeguard your Protected Health Information (PHI) and your rights under HIPAA.

What is Protected Health Information (PHI)?

Protected Health Information is any health information that can identify you or your care recipient, including:

  • Medical conditions, diagnoses, and allergies

  • Medications and dosages

  • Health observations and measurements

  • Activity logs and care records

  • Doctor and emergency contact information

  • Any health-related information connected to identifiable individuals

How We Protect Your PHI

Technical Safeguards

  • All data encrypted in transit and at rest

  • Secure cloud infrastructure (AWS) with HIPAA-compliant configuration

  • Role-based access controls

  • Password requirements and optional two-factor authentication

  • Regular security monitoring and audits

Administrative Safeguards

  • Limited employee access on a need-to-know basis

  • Business Associate Agreements with all service providers

  • Regular security training

  • Incident response procedures

Physical Safeguards

  • Secure data centers with restricted access

  • Regular backups and disaster recovery procedures

Who Can Access Your PHI

  • Your Care Network: Only people you explicitly invite with the permission levels you set

  • Service Providers: Trusted partners (AWS, Stripe, Twilio) under Business Associate Agreements

  • As Required by Law: Valid court orders, mandatory reporting, or to prevent serious harm

We never sell or use your PHI for marketing without your explicit consent.

Your HIPAA Rights

Right to Access

View and obtain copies of your PHI at any time through your account.

Right to Amend

Request corrections to inaccurate or incomplete information.

Right to an Accounting

Request a list of certain PHI disclosures we've made.

Right to Request Restrictions

Ask us to limit how we use or share your PHI.

Right to Confidential Communications

Request we contact you in specific ways.

Right to Delete

Request deletion of your account and PHI (some data may be retained for legal compliance).

To exercise any of these rights, contact us at support@getproxwell.com

Breach Notification

If a breach affects your PHI, we will notify you within 60 days and explain:

  • What happened

  • What information was affected

  • Steps we're taking to address it

  • How you can protect yourself

Filing a Complaint

If you believe your privacy rights have been violated:

Contact us: support@getproxwell.com

File with HHS: www.hhs.gov/ocr/privacy/hipaa/complaints • 1-877-696-6775

You will not be penalized for filing a complaint.

Questions?

For HIPAA-related questions: support@getproxwell.com

For complete information about data collection, use, and your privacy rights, please see our Privacy Policy and Terms of Use.