Daybreak Health collects, retains, and uses PI/PHI from customers to include the following:
The information that's required when you sign up for the site, as well as the information you choose to share.
Required information such as your name, email address, birthday, and gender. We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
Usernames and User IDs, which are a way to identify you on Daybreak Health. A User ID is a string of numbers and a username generally is some variation of your name.
Information posted to a group chat or moderated session and information kept within a one on one session.
“Contact Information” is personal information and or family/friend/relation that Daybreak Health stores confidentially for your Therapist to access in case of an emergency or mental health crisis.
Information Daybreak receives on forms, including, but not limited to, identifying information such as address, telephone number, e-mail address related to customer projects
Banking information for billing purposes; such as account # and routing information for invoicing purposes
We may employ third party companies and individuals to facilitate our Platform, to perform certain tasks which are related to the Platform, or to provide audit, legal, operational or other services for us. These tasks include, but not limited to, customer service, technical maintenance, monitoring, email management and communication, database management, billing and payment processing, reporting and analytics. We will share with them only the minimum necessary information to perform their task for us and only after entering into appropriate confidentiality agreements. We require these third parties to comply strictly with its instructions and we require that they not use your personal information for their own business purposes. All 3rd parties have been carefully selected for their highest standards of security as well as their compliance with HIPAA.
We restrict access to information about you to those employees who need to know that information as part of their job responsibilities. We also educate our employees about the importance of confidentiality and customer privacy through standard operating procedures, special training programs, and our Code of Conduct. We take appropriate disciplinary measures to enforce employee privacy responsibilities. We have developed precautions that comply with federal regulations to ensure the security and confidentiality of customer records and information, to guard against any anticipated threats or hazards to the security or integrity of such records, and to protect against unauthorized access to or use of such records or information which could result in substantial harm or inconvenience to our customers or our employees.
We protect nonpublic personal information by:
Restricting access to customer information to only those personnel for whom the information is necessary
Entering into written confidentiality/non-disclosure agreements with third party service providers for certain disclosures
Maintaining physical, electronic, and procedural safeguards that comply with the relevant laws and regulations
Conducting an Security Training and Awareness training program to communicate and educate employees about information security policies and procedures in order to make them aware of their roles and responsibilities in safeguarding information resources.
Daybreak Health uses firewall barriers and digital certifications to maintain the security of your online session and information.
We do not collect any non-public personal information about visitors on our website, unless information is provided to us voluntarily or derived from website navigation and usage of the Daybreak Health website and online platforms.
We do not knowingly collect or solicit any information from anyone under the age of 13 or knowingly allow such persons to become our user without parental consent per COPPA. The Platform is not directed and not intended to be used by children under the age of 13 without parental consent. If you're aware that we have collected Personal Information from a child under age 13 without parental consent please let us know by contacting us and we will delete that information.