Last Updated: December 22, 2023

Introduction
This HIPAA Privacy Policy ("Policy") applies to Cognition Co ("we," "us," or "our") and covers the use and disclosure of Protected Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act (HIPAA).

I. Definitions
PHI (Protected Health Information): Individually identifiable health information transmitted or maintained in any form or medium.

Covered Entity: A health care provider, health plan, or health care clearinghouse that transmits any health information electronically.

II. Information Collection and Use
We may collect, use, and disclose PHI only as permitted by HIPAA regulations and as necessary to provide our services. The following are key aspects of our information practices:

Collection of PHI: We will only collect PHI required for the purposes outlined in this Policy and as permitted by law.

Use of PHI: PHI will be used solely for the purposes of providing services and in accordance with the HIPAA regulations.

Disclosure of PHI: We may disclose PHI as required by law or with the individual's authorization. We will ensure that any third-party entities receiving PHI adhere to HIPAA regulations.

III. Individual Rights
Access: Individuals have the right to access their PHI and request amendments if inaccuracies are identified.

Disclosure Accounting: Individuals can request an accounting of disclosures of their PHI.

Restrictions: Individuals may request restrictions on certain uses and disclosures of their PHI.

IV. Security Measures
We implement reasonable and appropriate safeguards to protect the confidentiality, integrity, and availability of PHI. This includes administrative, physical, and technical safeguards to ensure the security of electronic PHI.

V. Training and Compliance
Our staff receives training on HIPAA regulations, and we have designated a Privacy Officer responsible for overseeing compliance. We conduct regular risk assessments and audits to ensure ongoing compliance.

VI. Breach Notification
In the event of a breach of unsecured PHI, we will follow HIPAA regulations for notifying affected individuals, the Secretary of Health and Human Services, and, if necessary, the media.

VII. Updates to Policy
This Policy is subject to change to reflect updates in HIPAA regulations or changes in our practices. Any material changes will be communicated through our website or other appropriate means.

VIII. Contact Information
For questions or concerns related to this HIPAA Privacy Policy, please contact us at hello@cognitionco.org.