top of page

Privacy Policy

Legal Disclaimer

The explanations and information provided on this page or within the HealthyInsights.ai platform are only general in nature.  You should not rely on any materials within this website or our platform as legal or medical advice or as recommendations regarding what you should actually do.   We recommend that you seek advice from those professionals you trust, and/or may help you understand and to assist you with questions and concerns.

Privacy Policy - the basics

Having said that, a privacy policy is a statement that discloses some or all of the ways a website collects, uses, discloses, processes, and manages the data of its visitors and customers. It usually also includes a statement regarding the website’s commitment to protecting its visitors’ or customers’ privacy, and an explanation about the different mechanisms the website is implementing in order to protect privacy. 

 

Different jurisdictions have different legal obligations of what must be included in a Privacy Policy. You are responsible to make sure you are following the relevant legislation to your activities and location. 

What to include in the Privacy Policy

1. Introduction
 

HealthWorx Technologies, Inc., including our platform HealthyInsights.ai™ (collectively, "HealthWorx," "we," "us," or "our"), is committed to rebuilding trust in healthcare finance through transparency, security, and integrity. We operate at the intersection of clinical truth and fiscal integrity, providing software and services that help patients, providers, and payers connect effectively.
 

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our websites (including [www.healthworx.ai] and [www.healthyinsights.ai]), use our software platforms, or engage with our services.

2. A Critical Note on Protected Health Information (PHI)

 

A significant portion of the data we process is Protected Health Information (PHI). This information is governed by the Health Insurance Portability and Accountability Act (HIPAA) in the United States.
 

  • If you are a Patient or Member: When you use our platform at the direction of your healthcare provider or health plan (e.g., to complete a Health Risk Assessment or cognitive screening), our use and disclosure of your PHI is governed by the Notice of Privacy Practices of your provider or health plan, not just this Privacy Policy. We act as a "Business Associate" to these organizations, meaning we process your data strictly according to their instructions and federal law.
     

  • Conflict: If there is any conflict between this Privacy Policy and our HIPAA Business Associate Agreements (BAA) with your healthcare provider or plan, the BAA and HIPAA regulations will control regarding your PHI.
     

3. Information We Collect
 

We collect information in three primary ways: (1) information you provide directly, (2) information collected automatically, and (3) information from third-party sources.
 

A. Information You Provide Directly
 

  • Account Information: If you create an account (as a provider, payer administrator, or patient), we collect identifiers such as name, email address, phone number, and professional credentials.
     

  • Assessment Data: When using HealthyInsights.ai, users may voluntarily provide sensitive data including:
     

    • Medical history and health status.

    • Social Determinants of Health (SDoH) (e.g., housing, transportation, food security).

    • Functional status and daily living activities.

    • Cognitive performance data (via the MyCog™ module).
       

  • Communications: Information you provide when you contact our support teams or sign up for newsletters.
     

B. Information Collected Automatically
 

  • Usage Data: We log information about how you interact with our platforms (e.g., pages visited, time spent, features used) to improve system performance.
     

  • Device & Connection Data: We collect data about the device you use to access our services, including IP address, browser type, and operating system.
     

  • Cookies: We use cookies and similar technologies to maintain your session security and analyze site traffic.
     

C. Information from Third Parties
 

  • Integration Partners: Through our Aria™ orchestration layer, we may receive clinical or administrative data from Electronic Health Records (EHRs), health plans, or other authorized data partners to facilitate care coordination and accurate coding.
     

4. How We Use Your Information
 

We use the information we collect for specific, legitimate business purposes:
 

  • Service Delivery: To provide our risk assessment, cognitive screening, and revenue cycle management services.
     

  • Compliance & Audit: To maintain our AuditTrace™ provenance ledger, ensuring that every data point is traceable, timestamped, and audit-defensible in compliance with CMS and OIG standards.
     

  • Improvement & Analytics: To analyze trends, test new features, and improve the accuracy of our AI models (consistent with our ethical AI governance).
     

  • De-identified Data: We may aggregate and de-identify data (stripping out personal identifiers) to create industry benchmarks, research, or "Data-as-a-Service" insights. This de-identified data is no longer considered Personal Information.
     

  • Security: To detect and prevent fraud, unauthorized access, and security incidents.
     

5. How We Share Your Information
 

We do not sell your personal information. We disclose information only as follows:
 

  • Your Healthcare Organization: We share assessment results and risk profiles with the specific health plan or provider that requested the service, to facilitate your care and coverage.
     

  • Service Providers: We typically engage trusted third-party vendors (e.g., cloud hosting, security monitoring) who assist in operating our services. They are contractually obligated to protect your data.
     

  • Legal Requirements: We may disclose information if required by law, regulation, or legal process (e.g., responding to a subpoena or government audit).
     

  • Business Transfers: If HealthWorx serves as a participant in a merger, acquisition, or sale of assets, user information may be transferred as part of that transaction, subject to confidentiality protections.
     

6. Data Security and Provenance
 

We employ a "Trust by Design" approach to security. We use administrative, technical, and physical safeguards designed to protect your data, including:
 

  • Encryption: Data is encrypted in transit and at rest.
     

  • Access Controls: Role-based access ensures only authorized personnel can view sensitive data.
     

  • Data Provenance: Our systems record the origin and history of data inputs (the "provenance"), ensuring data integrity and preventing unauthorized tampering.
     

However, no method of transmission over the Internet is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.
 

7. Your Privacy Rights
 

Depending on your location and the type of data, you may have rights regarding your personal information:
 

  • Access and Correction: You may request to review or correct your personal information. Note: For medical records or HRA results, we may direct you to your healthcare provider to fulfill this request in compliance with HIPAA.
     

  • Opt-Out: You may opt out of receiving promotional communications from us by following the unsubscribe instructions in those emails.
     

  • Deletion: You may request the deletion of your personal data, subject to our legal obligations to retain data for medical compliance, audit, and regulatory purposes.
     

8. Children’s Privacy
 

Our services are not directed to individuals under the age of 13. We do not knowingly collect personal information from children under 13 without parental consent. If we become aware that we have collected such information, we will take steps to delete it.
 

9. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the revised policy with an updated "Last Updated" date. We encourage you to review this page periodically.
 

10. Contact Us
 

If you have questions about this Privacy Policy or our data practices, please contact our Compliance Team: Privacy@healthworx.ai

bottom of page