Privacy Policy

Your privacy and the security of your health information is our top priority

HIPAA Compliant & Secure
Table of Contents
Last Updated: August 5, 2025

Overview

QuickCare AI ("we," "us," or "our") is committed to protecting your privacy and maintaining the confidentiality of your Protected Health Information (PHI) in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws.

This Privacy Policy explains how we collect, use, maintain, and disclose information collected from users of our healthcare AI platform including our revolutionary clinical trial matching system and advanced medical image analysis features.

Legal Agreement: By using our services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy and our commitment to protecting your health information.

Information We Collect

🏥

Protected Health Information (PHI)

Personal identifiers, medical history, symptoms, medications, lab results, and diagnostic data from our AI analysis tools.
🔬

Clinical Trial Data

Health conditions, treatment history, and eligibility criteria for our AI-powered clinical trial matching system.
🖼️

Medical Images

ECGs, X-rays, skin photos, lab reports, and other medical images uploaded for AI analysis.
💬

Communication Records

Messages with our 9 AI specialists, emergency support interactions, and platform communications.
📱

Technical Information

Device information, usage patterns, and interaction data to improve our AI services.
💳

Payment Information

Billing details for our $12/month subscription and payment processing records.

How We Use and Disclose PHI

Permitted Uses Under HIPAA

🩺

Treatment

Providing AI-powered health assessments, clinical trial matching, medical image analysis, and care coordination with our 9 specialized AI doctors.
💰

Payment

Processing your $12/month subscription, insurance claims, and billing for additional services when applicable.
⚙️

Healthcare Operations

Quality improvement, AI model training, platform optimization, and enhancing our clinical trial matching accuracy.

Required Disclosures

  • To you or your authorized representative upon request
  • To the Department of Health and Human Services for compliance investigations
  • As required by state or federal law
  • For public health activities and disease reporting
  • To prevent serious threats to health or safety
  • For judicial and administrative proceedings when required

Your Rights Under HIPAA

Right to Access

You have the right to inspect and obtain copies of your PHI in our records, including clinical trial matches and AI analysis results.

Right to Amend

You may request amendments to your PHI if you believe it is incorrect or incomplete.

Right to Accounting

You can request a list of disclosures of your PHI made by us over the past six years.

Right to Restrict

You may request restrictions on how we use or disclose your PHI for treatment, payment, or operations.

Right to Confidential Communications

You can request to receive communications about your PHI in a specific manner or location.

Right to Paper Copy

You have the right to obtain a paper copy of this Privacy Policy at any time.

To Exercise Your Rights: Contact our Privacy Officer using the information provided at the bottom of this policy. We will respond to your request within 30 days.

Security Measures

We implement comprehensive security measures to protect your PHI and ensure the integrity of our clinical trial matching and medical image analysis systems:

🔐

Technical Safeguards

• 256-bit SSL/TLS encryption
• Multi-factor authentication
• Regular security audits
• Intrusion detection systems
• Secure cloud infrastructure
• AI model security protocols
👥

Administrative Safeguards

• Comprehensive staff training
• Access controls and authorization
• Incident response procedures
• Business Associate Agreements
• Regular policy updates
• HIPAA compliance monitoring
🏢

Physical Safeguards

• Secure data centers
• Biometric access controls
• 24/7 physical monitoring
• Environmental controls
• Backup and disaster recovery
• Secure device management
Compliance Certifications: Our security measures meet or exceed HIPAA requirements and include SOC 2 Type II, ISO 27001, and regular third-party security assessments.

Data Retention

We retain your PHI only as long as necessary to provide ongoing healthcare services, comply with legal requirements, and fulfill the purposes outlined in this Privacy Policy.

Data Type Retention Period Legal Basis Secure Deletion
Medical Records & AI Analysis 7 years after last treatment State medical records laws Cryptographic erasure
Clinical Trial Data 10 years (FDA requirements) Clinical research regulations Multi-pass overwrite
Medical Images 7 years or until deletion requested Medical imaging standards Secure cloud deletion
Billing Information 7 years IRS requirements Financial data shredding
Audit Logs 6 years HIPAA requirements Automated purging
Marketing Consent Data Until consent withdrawn Consent-based processing Immediate upon request

Third Party Services & Business Associates

We may work with Business Associates who provide services on our behalf. All Business Associates are required to maintain the same high standards of PHI protection.

☁️

Cloud Infrastructure

HIPAA-compliant cloud hosting providers (AWS, Google Cloud) with signed BAAs and dedicated healthcare environments.
🤖

AI Services

Claude AI and other machine learning providers operating under strict BAAs with no data retention policies.
💳

Payment Processing

PCI-compliant payment processors for secure $12/month subscription billing and transaction processing.
📧

Communication Services

HIPAA-compliant email and messaging services for patient communications and notifications.
Business Associate Requirements: All partners must sign comprehensive BAAs, maintain HIPAA compliance, implement appropriate security measures, and limit PHI use to contracted services only.

Cookies and Tracking Technologies

We use cookies and similar technologies to improve your experience on our platform. No PHI is ever stored in cookies or shared with third-party analytics providers.

Cookie Type Purpose Duration Opt-out Available
Essential Cookies Platform functionality, authentication, security Session only ❌ Required for operation
Analytics Cookies Usage statistics (anonymized), performance monitoring 2 years ✅ Available in settings
Preference Cookies User settings, language preferences, accessibility 1 year ✅ Available in settings
Marketing Cookies Personalized content (no PHI), feature recommendations 6 months ✅ Available in settings

Changes to This Privacy Policy

📝

When We Update

Changes in practices, legal requirements, new features (like clinical trial matching improvements), or regulatory feedback.
📢

How We Notify

Email notifications, prominent platform notices, and in-app notifications at least 30 days before implementation.

Timeline

Material changes require 30-day advance notice. Emergency security updates may be implemented immediately.
Stay Informed: We recommend reviewing this policy periodically and ensuring your contact information is current to receive important updates about your privacy rights.

Effective Date: August 5, 2025

© 2025 QuickCare AI. All rights reserved.

HIPAA Compliant SOC 2 Certified ISO 27001