HIPAA Notice — Carecierge

Our Commitment

Carecierge respects the privacy and confidentiality of all health-related information shared by our clients. While Carecierge is a Brazilian company and is not directly subject to HIPAA (Health Insurance Portability and Accountability Act), we recognise that many of our patients are US residents who are accustomed to HIPAA protections.

We voluntarily align our health data practices with HIPAA principles to ensure that US-based patients receive the same standard of privacy protection they would expect at home.

What is HIPAA?

HIPAA is a US federal law that establishes national standards for the protection of individually identifiable health information, known as Protected Health Information (PHI). It governs how healthcare providers, health plans and their business associates use and disclose PHI.

Key protections include: the right to access your health records, the right to request corrections, limits on who can see your information, and the right to know how your data is used.

Health Information We Collect

To coordinate your medical journey in Brazil, we may collect and process health-related information including:

Information about the medical procedure or treatment you are seeking
Relevant medical history provided voluntarily by you
Pre-operative or diagnostic reports shared for specialist consultation
Post-operative care needs and recovery preferences

We collect only what is strictly necessary to match you with the right medical professionals and coordinate your care.

How We Use Your Health Information

Your health information is used exclusively to:

Connect you with appropriate certified medical specialists in Brazil
Coordinate consultations, procedures and follow-up appointments
Arrange suitable accommodation and logistics for your recovery
Provide multilingual support throughout your journey

We do not sell, rent or share your health information with any third party for marketing, advertising or commercial purposes.

Who We Share Information With

Your health information is shared only with parties directly involved in your care coordination:

Licensed physicians and clinics you are referred to, with your explicit consent
Accommodation and transport partners — limited to logistical data only
Technical service providers operating under strict confidentiality agreements

All third parties are required to treat your information with the same level of confidentiality we apply internally.

Your Rights Regarding Your Health Information

Right of Access

Request a copy of the health information we hold about you.

Right to Correct

Ask us to correct inaccurate or incomplete health information.

Right to Delete

Request deletion of your health information when no longer needed.

Right to Restrict

Request that we limit how we use or disclose your information.

Right to Withdraw Consent

Withdraw consent for data processing at any time, without affecting prior coordination.

Right to a Copy

Receive your data in a portable format for transfer to another provider.

Data Security

We implement appropriate technical and organisational security measures to protect your health information against unauthorised access, disclosure, alteration or destruction. These include encrypted communications, restricted internal access and confidentiality protocols with all partners.

International Data Transfers

As our services are based in Brazil, your health information will be processed in Brazil. We ensure that all data handling meets the standards required by Brazil's LGPD (Lei Geral de Proteção de Dados) and is conducted in a manner consistent with HIPAA privacy principles for US-based patients.

Contact Us

To exercise any of your rights or for questions about how we handle your health information:

Privacy Contact

For questions about your health data or this HIPAA Notice:

carecierge@carecierge.com.br

Carecierge · São Paulo, SP, Brasil