Effective Date: 9/1/2025
The Services: The Services provided through this platform include virtual physical therapy sessions, treatment plans, progress tracking, and related telehealth services. These Services are delivered via a secure, HIPAA-compliant platform.
The Provider: The Provider refers to licensed physical therapists who deliver care through the platform. Providers are responsible for ensuring the quality of care, maintaining professional standards, and complying with applicable laws and regulations, including HIPAA.
The Patient: The Patient refers to the individual receiving care through the platform. Patients are responsible for providing accurate health information, following prescribed treatment plans, and adhering to the Terms of Service and Privacy Policy.
By using the Services, both the Provider and the Patient agree to maintain professional conduct and comply with all applicable laws and regulations.
We may collect the following types of information from Patients to provide the Services:
As part of our Services, we may collect and store recorded videos, images, or other media that the Patient shares during therapy sessions. These recordings are used solely by the Provider for treatment purposes, such as exercise demonstrations, form reviews, and progress tracking.
Recorded videos are stored securely on encrypted servers hosted by Amazon Web Services (AWS). Access to these recordings is restricted to authorized personnel involved in the Patient's care.
We retain recorded videos as long as necessary to provide the Services, comply with legal obligations, and resolve disputes. If the Patient wishes to delete specific recordings, please contact us at support@touchpointpt.com.
We use the Patient's information to:
We do not sell the Patient's personal information. The Patient's information may be shared with the following third parties as necessary to provide the Services:
All third-party vendors are required to comply with HIPAA and implement appropriate safeguards to protect shared data.
We are committed to complying with the Health Insurance Portability and Accountability Act (HIPAA) to protect the Patient's Protected Health Information (PHI).
We implement administrative, technical, and physical safeguards to ensure the confidentiality, integrity, and security of the Patient's PHI. These safeguards include encryption, access controls, and audit logs to monitor access to the Patient's data.
Under HIPAA, the Patient has the right to access their PHI, request corrections, and file complaints if they believe their privacy rights have been violated. To exercise these rights, contact us at support@touchpointpt.com.
We may communicate with the Patient via phone, email, text messages, and recorded videos to facilitate the Services, including appointment reminders, treatment plans, and exercise demonstrations provided by the Provider.
We use secure platforms to transmit sensitive health information whenever possible. However, some communication methods, such as email or text, may not be fully secure. By using our Services, The Patient consents to these communication methods and acknowledges the associated risks.
If the Patient has concerns about the security of specific communication methods, please contact us at support@touchpointpt.com.
We use Amazon Web Services (AWS) to host and store the Patient's data. AWS is a HIPAA-eligible service provider and implements industry-standard security measures, including encryption in transit and at rest, to protect the Patient's data.
While we take all reasonable measures to secure the Patient's data, no system is completely secure, and we cannot guarantee absolute security.
In the event of a data breach involving the Patient's Protected Health Information (PHI), we will notify the Patient as required by HIPAA.
We are committed to addressing breaches promptly and implementing measures to prevent future incidents.
Depending on the Patient's location, the Patient may have the right to:
To exercise these rights, contact us at support@touchpointpt.com.
We may use cookies and similar technologies to improve the Patient's experience, analyze usage, and customize content. The Patient can adjust browser settings to block cookies, but some features may not function properly.
We retain the Patient's information as long as necessary to provide the Services, comply with legal obligations, and resolve disputes.
Our Services are not directed to children under 13 (or under 16 in some jurisdictions). We do not knowingly collect information from Patients under the age of 18 without parental consent.
If the Patient accesses our Services from outside the U.S., the Patient's data may be processed and stored in the U.S. or other countries, which may have different data protection laws.
We may update this Privacy Policy periodically. If we make material changes, we will notify the Patient through the platform or by email.
If the Patient has questions about this Privacy Policy, contact us at: support@touchpointpt.com