Privacy Policy

ElderWise Consultants ("Company," "we," "us," or "our") is committed to protecting the privacy and security of the personal information entrusted to us. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website or use our services. Please read this policy carefully. By using our website or services, you consent to the practices described in this Privacy Policy.

1. Information We Collect

We may collect the following types of information:

Personal Information

• Name, email address, phone number, and mailing address
• Job title and organizational affiliation
• Account credentials (username and encrypted password)
• Any other information you voluntarily provide to us

Protected Health Information (PHI)

In the course of providing our healthcare consulting services, we may collect and process Protected Health Information as defined by HIPAA. This may include resident names, dates of birth, insurance information, healthcare coverage details, and facility enrollment records. PHI is handled in strict accordance with HIPAA regulations and applicable Business Associate Agreements.

Automatically Collected Information

• IP address, browser type, and operating system
• Pages visited, time spent on pages, and referring URLs
• Device information and unique device identifiers

2. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, maintain, and improve our healthcare consulting services
• To manage user accounts and authenticate access to our platform
• To communicate with you about your account, services, or inquiries
• To assist healthcare facilities with resident enrollment and coverage management
• To generate reports and analytics for facility partners
• To comply with legal obligations, including HIPAA requirements
• To detect, prevent, and address technical issues or security threats
• To maintain audit logs for regulatory compliance and accountability

3. HIPAA Compliance

ElderWise Consultants recognizes the importance of protecting Protected Health Information and is committed to full compliance with the Health Insurance Portability and Accountability Act (HIPAA).

• We maintain appropriate administrative, physical, and technical safeguards to protect PHI
• We execute Business Associate Agreements (BAAs) with all covered entities and subcontractors as required
• We limit the use and disclosure of PHI to the minimum necessary to accomplish the intended purpose
• We provide training to our workforce on HIPAA requirements and privacy practices
• We maintain audit trails of access to PHI for accountability and compliance monitoring
• In the event of a breach of unsecured PHI, we will comply with all applicable notification requirements under the HIPAA Breach Notification Rule

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following circumstances:

• Service Providers: With trusted third-party service providers who assist us in operating our platform, subject to confidentiality obligations
• Healthcare Facilities: With facility partners as necessary to deliver our consulting services, in accordance with applicable agreements and HIPAA requirements
• Legal Obligations: When required by law, regulation, legal process, or governmental request
• Protection of Rights: When necessary to protect the rights, property, or safety of ElderWise Consultants, our users, or the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate notice

5. Data Security

We implement robust security measures to protect your personal information and any PHI in our possession. These measures include encryption of data in transit and at rest, secure authentication mechanisms with multi-factor authentication, role-based access controls, regular security assessments, and comprehensive audit logging. While we strive to use commercially acceptable means to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee absolute security.

6. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience. These include:

• Essential Cookies: Required for the operation of our website, including session management and authentication
• Functional Cookies: Used to remember your preferences and provide enhanced functionality

We do not use cookies for advertising or cross-site tracking purposes. You can manage your cookie preferences through your browser settings.

7. Third-Party Services

Our services may integrate with or contain links to third-party services, including cloud storage providers, email services, and mapping services. These third-party services have their own privacy policies, and we encourage you to review them. We are not responsible for the privacy practices of third-party services. When third-party services process PHI on our behalf, we ensure appropriate agreements are in place to protect that information.

8. Data Retention

We retain personal information and PHI for as long as necessary to fulfill the purposes for which it was collected, to comply with legal and regulatory obligations, and to resolve disputes. When information is no longer needed, we securely dispose of it in accordance with our data retention policies and applicable regulations, including HIPAA retention requirements.

9. Your Rights

Depending on your location and applicable law, you may have the following rights regarding your personal information:

• Access: The right to request a copy of the personal information we hold about you
• Correction: The right to request correction of inaccurate or incomplete personal information
• Deletion: The right to request deletion of your personal information, subject to legal and contractual obligations
• Restriction: The right to request restriction of processing of your personal information
• PHI Rights: Under HIPAA, individuals have additional rights regarding their PHI, including the right to access, amend, and receive an accounting of disclosures

To exercise any of these rights, please contact us using the information provided below.

10. Children's Privacy

Our website and services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. When we make material changes, we will update the effective date at the top of this page. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

12. Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or have concerns about how your information is being handled, please contact us: