Privacy Policy

Last updated: Nov 1, 2024

IMPORTANT NOTICE ABOUT YOUR DATA

We want to be absolutely clear:

  • We NEVER sell your personal information

  • We NEVER sell your health information

  • We NEVER share your information for marketing purposes

  • We NEVER share data with third-party advertisers

  • We NEVER monetize your health information in any way

Unlike many tech companies:

  • We are a healthcare platform bound by HIPAA

  • We only use your information to help you access healthcare

  • We have no advertising or data monetization business

  • We succeed by helping you connect with healthcare providers, not by selling data

Understanding Your Health Records/Information

When you use Leah's platform to complete intake forms, assessments, or referrals, we create a record of your health information. This record typically contains your symptoms, assessment responses, personal information, and relevant health history. This Privacy Policy explains how we protect your health information while connecting you with healthcare providers.

Our Responsibilities

We are required by law to:

  • Maintain the privacy and security of your protected health information (PHI)

  • Provide you with notice of our legal duties and privacy practices

  • Follow the terms of this notice

  • Never sell your personal or health information

  • Notify you if a breach occurs that may compromise your information

Types of Information We Collect

Health Information

  • Mental health assessment responses

  • Health history and symptoms

  • Medical conditions and concerns

  • Current treatments or medications

  • Other health-related information you provide

Personal Information

  • Name and date of birth

  • Contact information (email, phone, address)

  • Emergency contact information (if provided)

  • Insurance information (if provided)

  • Demographic information

Technical Information

  • Device and browser information

  • IP address and usage data

  • Cookies and similar technologies

How We Use Your Information

Primary Uses

  • Connect you with appropriate healthcare providers

  • Process your intake and assessment information

  • Share your information with your chosen healthcare provider

  • Coordinate your care with referral sources

  • Contact you about your care

Additional Uses

  • Improve our platform and services

  • Analyze and enhance our matching algorithm

  • Maintain platform security

  • Comply with legal obligations

Information Sharing and Disclosure

What We DON'T Do With Your Information

We will NEVER:

  • Sell your personal or health information to anyone

  • Share your information for marketing purposes

  • Allow third parties to use your data for advertising

  • Give access to third parties unless they are: a) Your chosen healthcare provider b) Essential to providing our service c) Legally required and bound by HIPAA

Who We DO Share Your Information With

Your information is ONLY shared with:

  1. Your chosen healthcare provider(s)

  2. The healthcare provider who referred you (if applicable)

  3. Essential service providers who:

    • Are bound by strict HIPAA Business Associate Agreements

    • Can only use your data to provide our core service

    • Are regularly audited for compliance

    • Must meet strict security requirements

    • Are contractually prohibited from using your data for any other purpose

Legal Requirements

We may disclose your information when required by law:

  • In response to court orders

  • To report abuse or neglect

  • For health oversight activities

  • Other legally required disclosures

Your Rights

You have the right to:

  • Get a copy of your health information

  • Request corrections to your information

  • Request confidential communications

  • Ask us to limit the information we share

  • Get a list of those with whom we've shared your information

  • Choose someone to act for you

  • File a complaint if you believe your privacy rights have been violated

Security

We protect your health information using:

  • Encryption for data in transit and at rest

  • Access controls and authentication

  • Security monitoring and incident response

  • Regular security assessments

  • Employee training and policies

Special Notes

Age Restrictions

Our service is not intended for individuals under 13. Parents/guardians should contact us if they believe their child has provided personal information.

Changes to This Policy

We will notify you of any material changes to this policy via email or platform notification before the changes take effect.

Contact Us

For questions about this Privacy Policy or to exercise your rights:

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights.