We collect the following types of information:

• Personal Information: Name, email address, phone number, business address, and billing details you provide when contacting us or signing up for services.
• Account Information: Login credentials and client portal details.
• Protected Health Information (PHI): Any patient data your practice shares with our vetted Healthcare Virtual Assistants (HVAs) for administrative, scheduling, billing, or social media tasks.
• Usage Data: Website visit information such as IP address, browser type, pages viewed, and time spent (collected automatically via cookies and similar technologies).
• Communication Data: Emails, chat messages, and support tickets exchanged with our team.

How We Use Your Information We use the information we collect for the following purposes:
‍
• To provide, maintain, and improve our virtual assistant services tailored to eye clinics and ophthalmology practices.
• To process payments and manage client accounts.
• To communicate with you about services, updates, and support.
• To ensure HIPAA compliance and protect patient data.• To analyze website usage and improve user experience.
• To fulfill legal obligations and prevent fraud.How We Share Your Information We do not sell your personal information or PHI. We may share information only in these limited cases:
• With our rigorously vetted Healthcare Virtual Assistants who have signed confidentiality agreements and completed HIPAA training.
• With third-party service providers (such as secure cloud hosting, payment processors, or encrypted communication tools) that have signed Business Associate Agreements (BAAs) where required.
• When required by law, court order, or government regulation.
• In the event of a business transfer (merger, acquisition, or sale of assets), with appropriate safeguards.

Individual HVAs may sign separate Business Associate Agreements directly with your practice as needed.

We take patient privacy extremely seriously. Our commitments include:
‍
• All HVAs complete annual HIPAA training and follow strict security protocols.
• We use only HIPAA-compliant tools with encryption, access controls, and audit logging.
• We maintain Business Associate Agreements where applicable.
• We conduct regular security audits and risk assessments.
• We follow the Philippine Data Privacy Act of 2012 in addition to HIPAA requirements.

You remain responsible for your own compliance when granting access to your systems (e.g., EMR/EHR credentials). We are not liable for any unauthorized disclosure caused by your own access controls or actions.

We implement reasonable administrative, technical, and physical safeguards to protect your information, including:

• Encryption of data in transit and at rest.
• Role-based access controls and least-privilege principles.
• Regular staff training on data protection.
• Incident response procedures for any potential breach.

No method of transmission or storage is 100% secure, but we work hard to protect your data.

Depending on your location, you may have rights regarding your personal information, including:

• Accessing, correcting, or deleting your personal data.
• Opting out of certain communications (marketing emails).
• Requesting information about how your data is shared.

To exercise these rights, contact us using the details below. For PHI, please work directly with your practice’s privacy officer as required by HIPAA.

Our website uses cookies and similar technologies to improve functionality and analyze traffic. You can manage cookie preferences through your browser settings.

Our website may contain links to third-party sites or integrations (such as EMR systems or social media platforms). We are not responsible for the privacy practices of those third parties.

Our services are not directed to children under 18. We do not knowingly collect information from children.

We may update this Privacy Policy from time to time.• Changes will be posted on this page with a new effective date.• Your continued use of our website or services after changes are posted means you accept the updated policy.

If you have questions or concerns about this Privacy Policy or our data practices, please contact us support@eyecareworks.com

If you have questions about these Terms, please contact us at: support@eyecareworks.com or through the contact form on our website.