Privacy Policy

1. Introduction

San Diego HIPAA Compliance ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

As HIPAA compliance experts, we understand the importance of data protection and apply the same rigorous standards to our own operations that we recommend to our clients.

2. Information We Collect

Personal Information

We may collect personal information that you voluntarily provide to us when you:

• Request a free HIPAA assessment
• Contact us via phone, email, or contact form
• Subscribe to our newsletter or resources
• Engage our consulting services
• Register for training or events

This information may include:

• Name and contact information (email, phone, address)
• Organization name and role
• Practice type and size
• Specific compliance questions or concerns

Automatically Collected Information

When you visit our website, we automatically collect certain information about your device and browsing activity, including:

• IP address and location data
• Browser type and version
• Pages visited and time spent on pages
• Referring website or source
• Device type and operating system

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our services
• Respond to your inquiries and provide customer support
• Schedule and conduct HIPAA assessments and training
• Send you information about our services, updates, and resources
• Analyze website usage and improve user experience
• Comply with legal obligations and protect our rights
• Prevent fraud and enhance security

4. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

• Service Providers: We may share information with trusted third-party service providers who assist us in operating our website, conducting business, or serving our clients (e.g., email service providers, analytics services, payment processors). These providers are bound by confidentiality agreements.
• Legal Requirements: We may disclose information if required to do so by law or in response to valid requests by public authorities (e.g., court orders, subpoenas).
• Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
• With Your Consent: We may share information with your explicit consent for specific purposes.

5. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website. Cookies are small data files stored on your device that help us:

• Remember your preferences and settings
• Understand how you use our website
• Improve website performance and functionality
• Deliver relevant content and advertisements

You can control cookie settings through your browser preferences. However, disabling cookies may limit your ability to use certain features of our website.

6. Third-Party Analytics

We use third-party analytics services, such as Vercel Analytics, to help us understand how visitors use our website. These services may collect information about your online activities over time and across different websites.

We use this information to improve our website and better serve our San Diego healthcare community. Analytics data is aggregated and does not personally identify individual visitors.

7. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Employee training on data protection
• Incident response procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

For clients, we typically retain information for the duration of our engagement and for a period thereafter as required for legal, accounting, or business purposes. When information is no longer needed, we securely delete or anonymize it.

9. Your Privacy Rights

Depending on your location, you may have certain rights regarding your personal information:

• Access: Request access to the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information
• Opt-Out: Opt out of marketing communications at any time
• Data Portability: Request a copy of your information in a portable format

To exercise these rights, please contact us using the information provided below. We will respond to your request within a reasonable timeframe and as required by applicable law.

10. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including:

• Right to know what personal information is collected, used, and shared
• Right to delete personal information
• Right to opt-out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

To exercise these rights, please contact us at hello@sandiegohipaacompliance.com.

11. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete that information.

12. Links to Other Websites

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any third-party sites you visit.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the updated policy on our website and updating the "Last Updated" date.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: