Last updated: Jan 30, 2025
We protect your data with care
This Privacy Policy explains how A & S Home health Care Services, LLC handles information across our website and caregiver mobile apps, including EVV features like schedules, GPS clock‑ins, e‑signatures, and timesheets.
HIPAA‑aware HandlingNo Data SalesSecurity First
About PHI (HIPAA)
Where program rules apply, certain information is treated as Protected Health Information (PHI). We use and disclose PHI in accordance with applicable law and payer requirements.
Minimum Necessary
We collect only what we need to operate our website, apps, scheduling, and EVV features.
No Selling of Data
We never sell personal information. Sharing is limited to operations, compliance, and safety.
Transparent EVV
Location is captured for EVV at clock‑in/clock‑out and, where required, during active visits—not off‑shift.
Scope
This Policy covers our public website and our caregiver mobile apps for iOS and Android, including EVV features used for electronic timekeeping and visit verification. It does not cover third‑party sites or services we do not control.
PRODUCTS COVERED
- A & S Home health Care Services, LLC public website
- Caregiver EVV mobile apps (iOS & Android)
- Admin/portal software for scheduling & documentation
What We Collect
Account Info
Name, contact details, employment identifiers, profile photo, and credentials (securely stored).
Scheduling & EVV
Shifts, clock‑in/out times, GPS at clock‑in/out and when required, e‑signatures, and visit notes.
Client/Care Data
Care plans and limited health details needed for service delivery (treated as PHI where applicable).
Device & Analytics
App diagnostics, crash logs, performance data, and cookies on our website for functionality.
When We Share Information
Operational Sharing
- Payers & EVV aggregators for visit verification and billing
- Service providers (hosting, analytics, messaging, background checks)
- Health partners involved in client care, as permitted by law
Legal, Safety & Transactions
- To comply with law, audits, and lawful requests
- To protect rights, privacy, safety, and property
- In a merger or acquisition subject to this Policy
We do not sell personal information.
Mobile App Permissions & Data Use
The caregiver Apps may request the following permissions and handle data as described, to meet electronic visit verification and operational needs required by certain programs.
| Permission / Data | How It’s Used | Is It Required? | Retention | Sharing |
|---|---|---|---|---|
| Location (GPS) | Confirm caregiver is at the scheduled service location when clocking in/out; may verify presence during active visits when program rules require it. | Required for EVV features; you can disable in device settings but EVV will not function. | Kept as long as necessary to verify visits and as required by law/payer rules. | Shared with EVV aggregators/payers as needed for verification. |
| Camera / Photos | Upload a profile picture (caregiver profile). | Optional. | Until you update or delete the photo, or as required for employment records. | Not sold; may be stored by secure cloud providers. |
| e‑Signature | Sign visit notes/timesheets to confirm services provided. | Often required for timesheet verification. | Retained per legal/payer documentation requirements. | Shared with payers as part of claim documentation. |
| Identifiers & Contact | Account setup, shift notifications, support. | Required to create and maintain an account. | For the duration of employment/engagement and as required by law. | Service providers under contract (e.g., messaging, hosting). |
| Timesheets & Schedules | Track hours worked, visits completed, payroll and billing. | Required for operations and compliance. | Retained per labor, payroll, and payer recordkeeping rules. | Shared with payroll and payers as needed. |
| Diagnostics | Crash logs, performance data to improve stability. | Optional; may be controlled by device settings. | Shorter periods unless needed to address issues. | Analytics/monitoring vendors under contract. |
Location collection pattern: By default, we capture location at clock‑in and clock‑out and, when mandated, during an active visit window. We do not track location when you are off‑shift.
Security
Technical Safeguards
Encryption in transit, hardened infrastructure, vulnerability management, and continuous monitoring.
Access Controls
Role‑based access, multi‑factor authentication for internal systems, and least‑privilege principles.
Process & Training
Policies, workforce training, and incident response procedures designed to safeguard data.
Data Retention
We keep information only as long as needed to provide services, meet legal and payer obligations (including EVV verification and claims), resolve disputes, and enforce agreements. Retention periods vary by record type and applicable requirements.
Examples
- Timesheets & payroll: per labor laws
- EVV records: per payer rules
- Diagnostics: shorter periods
Your Choices & Rights
Access & Update
Caregivers can view or update profile details in‑app or by contacting us.
Location Controls
You may change device location permissions; EVV features require location access to function.
Communications
Opt out of non‑essential messages via unsubscribe links or by contacting us.
HIPAA Rights
Clients may have PHI rights (access, amendment). See our Notice of Privacy Practices (available on request).
Additional rights may apply depending on your jurisdiction (e.g., CPRA). We will honor eligible requests as required by law.
Children’s Privacy
Our apps are intended for adult caregivers and admins. We do not knowingly collect personal information from children under 13.