top of page

PRIVACY POLICY

This Privacy Policy outlines the policies regarding the collection, use, disclosure, and protection of personal data, including any Protected health information (PHI)_, when accessing or using the Service. It also describes the rights available to users regarding that data, pursuant to applicable laws including the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).

​

By using the Service, you consent to the collection and the use of information in accordance with this Privacy Policy. Unless otherwise defined, terms used herein have the same meanings as those used in the Terms and Conditions at https://www.incitegrace.com/

​

By using the Service, you consent to the collection and use of information in accordance with this Privacy Policy. Unless otherwise defined, terms used herein have the same meanings as those used in the Terms and Conditions at https://www.incitegrace.com

 

Information Collection and Use

Multiple types of information, including PHI (where applicable), may be collected for various purposes to provide and improve the Service.

 

Types of Data Collected
Personal Data

Personal Data may include information that can be used to identify or contact an individual, such as:

•Name, email address, and other identifiers

•Health-related information (e.g., symptoms, diagnoses, treatment history) when provided as part of the Service

•Cookies and Usage Data

 

Usage Data

Automatically collected data may include browser type and version, IP address, pages visited, date and time of visit, time spent on pages, and diagnostic data.

​

Tracking & Cookies Data

Cookies and similar technologies may be used to enhance and analyze usage. Users can configure browsers to refuse cookies; disabling cookies may limit Service functionality.

​​

​

​

HIPAA Compliance and Protected Health Information (PHI)

Where applicable, Incite Grace LLC complies with HIPAA requirements for handling PHI.

​

Use and Disclosure of PHI

PHI will be used or disclosed only for permitted purposes, such as:

  • Treatment and coordination of care

  • Payment and billing operations

  • Health care operations and quality improvement

  • Required legal disclosures

PHI will NOT BE SOLD or used for marketing purposes without explicit written authorization unless otherwise permitted under HIPAA.

​

Data Safeguards

Administrative, technical, and physical safeguards are in place to protect PHI against unauthorized access, alteration, disclosure, or destruction.  Reasonable efforts are made to ensure that PHI is only accessed by authorized individuals.

​

Business Associates

Incite Grace LLC engages third-party service providers who handle PHI and those providers are contractually bound by Business Associate Agreements (BAAs) and required to comply with HIPAA security and privacy requirements.

​

Your HIPAA Rights

Subject to certain exceptions, individuals have the right to:

  • Request access to their PHI

  • Request corrections to their PHI

  • Request restrictions on certain uses and disclosures

  • Request confidential communications

  • Receive and accounting of disclosures of PHI

  • File a complaint with the U.S. Department of Health & Human Services (HHS) for any violations

To exercise any of these rights, a written request must be submitted via the contact information provided below.

​

​​​

Transfer of Data

Personal Data and PHI may be transferred and stored on servers located outside of the user’s jurisdiction.  All transfers are subject to safeguards to ensure compliance with HIPAA and applicable privacy laws.

​

 

Disclosure of Data
Legal Requirements

Incite Grace LLC may disclose Personal Data or PHI in good faith if such action is necessary to:

  • Comply with legal obligations

  • Respond to law enforcement or court orders

  • Protect rights, safety, or property

  • Investigate potential violation of applicable laws or policies

  • Prevent or address security or technical issues

​
Security of Data

All reasonable efforts are made to maintain the security and confidentiality of collected data.  However, no method of data transmission or storage is entirely secure. While safeguards are implemented in line with HIPAA and industry standards, absolute security cannot be guaranteed.

​

​

Service Providers

Third-party service providers engaged to perform services on behalf of Incite Grace LLC are given access to Personal Data or PHI only as necessary and under strict confidentiality obligations, including HIPAA-compliant Business Associate Agreements where required.

​

​

Links to Other Sites

The Service may include links to third-party websites. Incite Grace LLC is not responsible for the content, policies, or practices of those websites. Users are encouraged to review the privacy policies of external sites before providing any personal or health-related information.

​

​

Children’s Privacy

The Service is not intended for individuals under the age of 18. Personally identifiable information or PHI is not knowingly collected from minors. If such data is discovered to have been collected without verified parental consent, it will be deleted in accordance with applicable regulations.

​

​

Changes to this Privacy Policy

This Privacy Policy may be updated from time to time. Notice of material changes will be posted prominently on this page and may also be sent via email where appropriate. Continued use of the Service after changes are made constitutes acceptance of the updated terms.

​

​

Contact

To exercise rights under HIPAA, report a concern, or ask a question regarding this Privacy Policy:

Contact Form: https://www.incitegrace.com/contact-5

​

bottom of page