First Call Technologies, LLC dba Community CareLink is committed to protecting the privacy and security of protected health information (PHI) we manage as part of our electronic health records (EHR) services. This Privacy Policy outlines our practices in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable laws.

 

PHI We Collect and Use

Our systems are used by clients ("Covered Entities") to collect PHI and other necessary data to provide and improve patient care and outcomes via our EHR SaaS solution(s). This may include, but is not limited to, patient names, dates of birth, medical histories, treatment information, and health insurance details.  Data that is collected shall be limited to that which is needed to provide care and information access logging in compliance with all Federal, State, and Community CareLink guidelines and regulations.  Data may be aggregated for client reporting, outcomes research, and clinical usage analysis.  

 

Use and Disclosure of PHI

We use and disclose PHI only for the purposes of providing our services, improving patient care, and as required by law. We may also use PHI for billing and payment processing purposes on behalf of our clients.

 

Safeguards

We implement physical, administrative, and technical safeguards to protect the confidentiality, integrity, and availability of PHI. This includes secure data storage, encryption, access controls, and regular security assessments.

 

Patient Rights

Patients whose PHI we manage have the right to:

• Access and obtain a copy of their PHI.

• Request amendments to their PHI.

• Receive an accounting of disclosures of their PHI.

• Request restrictions on certain uses and disclosures of their PHI.

• Receive confidential communications.

Any requests for modification/access should be directed to the Health Facility where care was derived.​

 

Breach Notification

As a Business Associate of Covered Entities, we will work with the appropriate Covered Entity to provide notifications and information that may be deemed necessary for their compliance with HIPAA and HITECH rulings.

 

Changes to This Policy

We reserve the right to change this Privacy Policy. Any changes will be posted on our website and will be effective upon posting.

​

Identification of 3rd Party Involvement

Community CareLink has contracts in place with the following companies for hosting and business services:

• Microsoft Azure

• NetStandard

No data is shared with outside parties unless appropriate legal agreements and protections are in place and are solely used for the delivery of services customers have contracted for.

 

Contact Information

For questions or concerns about our privacy or security practices (including vulnerability notification) or data inquiries, please contact our Privacy Officer at security@communitycarelink.com.

 

Effective Date

This Privacy Policy is effective as of 19-Dec-2023.

​​