Privacy & Security
We Protect Your Health Information Because It's the Right Thing to Do
Your trust is our most valuable asset. Whether you're chatting with your care team or using our AI assistant, Clara™, you deserve absolute confidence that your personal details stay private. We go beyond the minimum because safeguarding your data is simply the right thing to do.
1. Why Security Matters to Us
- Respect for People: Behind every data point is a real human. Treating your information with care is part of treating you with care.
- Foundation of Trust: Great healthcare relies on open, honest conversations. You can only speak freely if you know your words won't leak.
2. The Big Rules & Certifications
| Term | What It Stands For | Why It Matters |
|---|---|---|
| HIPAA | Health Insurance Portability and Accountability Act | U.S. law that requires us to guard "Protected Health Information" (PHI) and use it only for treatment or operations. |
| BAA | Business Associate Agreement | A legal promise our vendors sign, saying they'll protect PHI to the same standard we do. |
3. Everyday Safeguards You Can Count On
- Data Encryption: We scramble information in transit and at rest so only authorized parties can read it.
- Need‑to‑Know Access: Staff - and Clara - see only what they require to do their job.
- Strong Logins: Multi‑factor authentication, unique passwords, and automatic time‑outs keep others out.
- Audit Logs: Every data access is timestamped and traceable.
- Ongoing Training: Everyone from clinicians to engineers completes regular privacy and security training.
- Regular Security Assessments: We conduct penetration testing and vulnerability assessments.
- Incident Response: 24/7 monitoring with rapid response protocols for any security events.
- Compliance Monitoring: Regular audits ensure we meet HIPAA, state, and industry standards.
4. Your Rights & Our Promises
- Prompt Breach Notification: If something ever goes wrong, we'll tell you quickly—no sweeping under the rug.
- Transparency: Our full Notice of Privacy Practices is easy to find and written in everyday English.
5. Working Only With Trusted Partners
Every vendor must meet our strict security standards. If they don't, we won't use them.
6. Simple Steps You Can Take
- Use Strong Passwords for portals and apps.
- Keep Devices Updated with the latest security patches.
- Log Out on Shared Devices.
7. Questions
Email [email protected]. Our Privacy Officer will get back to you within one business day.
Bottom Line: Protecting your health information isn't a checkbox, it's part of caring for you. Thanks for trusting Vital and Clara with what matters most.