Privacy Policy
Colorado CareAssist is committed to protecting your personal information. This policy explains what we collect, how we use it, and your rights.
How We Handle Your Information
Effective date: May 13, 2026. Locally owned and operated since 2012, Colorado CareAssist handles your information with care and transparency.
Information We Collect
Name, phone number, and email address from contact forms; care needs and health information from consultations; IP address and cookies from website visits; and employment information from job applicants. For clients receiving care, we collect protected health information (PHI) as defined by HIPAA, including care plans, medical diagnoses, assessment data, incident reports, and monitoring visit records.
How We Use Your Information
To respond to inquiries and schedule consultations; to coordinate and deliver home care services; to communicate about care plans and scheduling; to improve our website and services; and to comply with legal and regulatory requirements including HIPAA.
Information Sharing
We do not sell personal information. We share PHI only with: caregivers assigned to your care, healthcare providers as needed for care coordination, payment processors for billing, our EHR system (WellSky) for care documentation, and as required by law. All vendors that handle PHI have signed Business Associate Agreements (BAAs) as required by HIPAA.
HIPAA Compliance
Colorado CareAssist is a HIPAA-covered entity. We maintain administrative, physical, and technical safeguards to protect your protected health information (PHI) in compliance with the HIPAA Privacy Rule and Security Rule. Our HIPAA compliance program includes: signed BAAs with all vendors handling PHI (Google Cloud, WellSky, RingCentral, Retell AI, EBizCharge), encryption of PHI at rest and in transit, audit logging of all PHI access, workforce training on HIPAA requirements, and regular risk assessments. For details, visit our HIPAA & Data Security page.
Data Security
We use industry-standard security measures including encrypted web connections (TLS 1.3), AES-256 encryption for data at rest and backups, secure storage of client records, role-based access controls, audit logging of all PHI access, background-checked and trained staff, and regular security reviews. All database backups are encrypted before offsite storage.
Data Retention
We retain client records and PHI for a minimum of 7 years as required by Colorado state law and HIPAA regulations. Assessment records, monitoring visits, and incident reports are retained for 7 years. Operational logs are retained for 90 days to 2 years depending on data type. We have automated data retention policies enforced by scheduled processes.
Your Rights
You may request access to, correction of, or deletion of your personal information. Under HIPAA, you have the right to access your PHI, request amendments to your health records, receive an accounting of disclosures, and request restrictions on certain uses and disclosures. Colorado residents have additional rights under the Colorado Privacy Act (CPA). Contact [email protected] to submit a request.
Cookies and Analytics
We use Google Analytics to understand site traffic on our public marketing pages only. Google Analytics is not used on authenticated client or employee portal pages where PHI is displayed. You can manage cookie preferences through your browser settings.
Children's Privacy
Our services are not directed at individuals under 18. We do not knowingly collect personal information from children.
Changes to This Policy
We may update this policy periodically. The effective date will be noted at the top of this page. Continued use of our website after changes constitutes acceptance of the updated policy.
Contact Us
For privacy questions, HIPAA inquiries, or to exercise your rights, email [email protected] or call (303) 757-1777. For security or compliance requests, include “Security/Compliance Request” in the subject line.
Have a Privacy Question?
Our team is available to assist with data access requests, corrections, deletions, and any other privacy concerns. We respond to all privacy requests within one business day.
[email protected]Include “Privacy Request” in the subject line for fastest routing.
Take the Next Step
Questions About Your Privacy?
Contact our team at [email protected] or call (303) 757-1777.