Privacy Policy
Clarity Behavioral Health Software, LLC ("Clarity," "we," "us," or "our") is committed to protecting the privacy, security, and confidentiality of the information we collect, use, and disclose. This Privacy Policy outlines how Clarity collects, uses, shares, and safeguards information in compliance with the Health Insurance Portability and Accountability Act (HIPAA), 42 CFR Part 2 (Confidentiality of Substance Use Disorder Patient Records), and SOC 2 requirements. This policy applies to all data collected through our websites (including www.claritybhs.com), mobile applications, software products, and any services (collectively, the "Services").
1. Information We Collect
We collect and store the following types of information:Personally Identifiable Information (PII): Name, address, email, phone number, and other information you provide.Protected Health Information (PHI): Medical records, treatment history, diagnostic data, insurance details, and substance use disorder information protected under 42 CFR Part 2.Usage Data: Information on how you interact with our Services, including IP address, browser type, operating system, access times, and referring websites.Device and Location Information: Device type, unique device identifiers, geolocation data (if enabled).
2. How We Use Information
We use your information only as permitted by law and for legitimate business purposes, including: Providing, operating, and improving our Services. Communicating with you about your account or service requests. Ensuring compliance with applicable regulations (e.g., HIPAA, 42 CFR Part 2).Conducting audits, security assessments, and operational analysis for quality assurance and SOC 2 compliance. Protecting against fraud, abuse, and unauthorized access.
3. Disclosure of Information
We only disclose PII and PHI under the following conditions: With Your Consent: When you authorize us to share your data. For Treatment, Payment, and Operations (TPO): In accordance with HIPAA and 42 CFR Part 2, disclosures are limited to the minimum necessary. Legal Requirements: When required by law, subpoena, or court order, in strict accordance with 42 CFR Part 2 regulations. Qualified Service Providers: With third-party vendors, cloud services, or consultants under strict Business Associate Agreements (BAAs) and SOC 2 compliant controls. De-identified and Aggregate Data: We may use anonymized data for analytics and research without identifying individuals.
4. Your Rights
You have the right to: Access and request a copy of your personal data. Request corrections to inaccurate or incomplete information. Withdraw your consent to data sharing. File a complaint with us or the U.S. Department of Health and Human Services if you believe your privacy rights have been violated. To exercise any of these rights, please contact us at: privacy@claritybhs.com.
5. Data Security Measures
Clarity implements administrative, physical, and technical safeguards to protect your information, including: Data encryption in transit and at rest. Role-based access controls. Activity logging and monitoring. Regular vulnerability testing and penetration testing. Compliance with SOC 2 Type II security controls. All employees undergo HIPAA and 42 CFR Part 2 confidentiality training.
6. Data Retention
We retain records in accordance with applicable federal and state regulations. PHI is retained for a minimum of six years, unless otherwise required by law. Deletion requests will be evaluated per applicable legal retention obligations.
7. Cookies and Tracking Technologies
Our website may use cookies or similar technologies to enhance user experience and monitor Service usage. You can control cookie settings through your browser. We do not track users across third-party websites or engage in behavioral advertising.
8. Children’s Privacy
Clarity’s Services are not directed to children under the age of 13. We do not knowingly collect or solicit personal information from minors. If you believe a minor has provided us with information, please contact us immediately.
9. Changes to This Privacy Policy
We reserve the right to update or modify this Privacy Policy at any time. When we do, we will revise the "Last Updated" date. Your continued use of our Services after changes indicates your acceptance of the updated policy.
10. Contact Us
If you have questions or concerns about this Privacy Policy, or wish to exercise your privacy rights, contact us at: Clarity Behavioral Health Software, LLC
Email: privacy@claritybhs.com