top of page

Privacy Policy

OVERVIEW

One Rising, LLC and our Team Members ("we," "us," or "our") are committed to protecting the privacy of visitors to our website (the "Website"), offices and mobile application (the "App"). This Privacy Policy explains how we collect, use, and share information about you when you visit or use our Website or use our Mobile App.

1.) INTRODUCTION

Welcome to One Rising, LLC ("One Rising," "we," "us," or "our"). We are committed to protecting the privacy and security of your information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website, www.one-rising.com (the "Site"), and use our mobile application (the "App"). The Site and the App are collectively referred to as the "Services."
 

This policy is designed to be compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and other applicable privacy laws. Please read this policy carefully. By using our Services, you acknowledge that you have read, understood, and agree to the terms of this Privacy Policy.

2.) INFORMATION WE COLLECT

We collect information that you provide to us directly, information that is collected automatically through your use of our Services, and information from other sources.

A.) Information You Provide to Us

  • Account and Profile Information: When you create an account, we collect personal information such as your name, email address, phone number, date of birth, mailing address, and password.

  • Protected Health Information (PHI): As a healthcare provider, we collect health and medical information necessary to provide you with our Services. This is considered PHI under HIPAA and may include:

    • Medical history, symptoms, diagnoses, and treatment plans.

    • Medication information.

    • Communications with your healthcare providers through our Services.

    • Health insurance information.

    • Appointment details.

  • Payment Information: To process payments for our Services, we collect billing information, such as credit/debit card details and billing addresses. This is typically handled by a secure, third-party payment processor.

  • Communications: We collect information when you communicate with us, such as through customer support inquiries, feedback submissions, or any other correspondence.

B.) Information Collected Automatically

  • Usage Data: We automatically collect information about your interaction with our Services. This includes your IP address, device type, operating system, browser type, pages viewed, links clicked, and the dates and times of your visits.

  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to help operate our Services, enhance your experience, and analyze usage. You can control the use of cookies at the individual browser level.

  • Location Data: With your consent, our App may collect precise location data from your mobile device to provide location-based services. You can disable this feature in your device's settings.

3.) How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Manage Services: To create and manage your account, provide healthcare services, schedule appointments, process payments, and facilitate communication between you and your providers.

  • For Treatment, Payment, and Healthcare Operations (TPO): As permitted by HIPAA, we use and disclose your PHI for:

  • Treatment: Coordinating your care with healthcare professionals.

  • Payment: Billing for our services and managing claims with your health plan.

  • Healthcare Operations: Administrative, financial, legal, and quality improvement activities necessary to run our business and support our core functions.

  • To Communicate With You: To send you appointment reminders, service updates, security alerts, and administrative messages.

  • To Improve Our Services: To analyze usage trends and user feedback to improve the functionality, security, and user experience of our Site and App. We will use de-identified or aggregated data for this purpose whenever possible.

  • To Comply with Legal Obligations: To comply with applicable laws, regulations, court orders, subpoenas, or other legal processes, including mandatory reporting to public health authorities.

4.) How We Share and Disclose Your Information

WE DO NOT and WILL NOT sell your personal information, EVER.

We may share your information only in the following circumstances:

  • Healthcare Providers: We share your information with the healthcare professionals involved in your treatment through the Services.

  • Business Associates: We may share information with third-party vendors and service providers who perform functions on our behalf. These are our "Business Associates" under HIPAA (e.g., cloud hosting providers, data analytics services, payment processors). We have executed HIPAA-compliant Business Associate Agreements (BAAs) with these parties, which contractually require them to protect your PHI.

  • With Your Explicit Consent: We may share your information with third parties for purposes outside of Treatment, Payment, and Healthcare Operations, but only with your prior written authorization. You may revoke this authorization at any time.

  • As Required by Law: We may disclose your PHI when required by law, such as in response to a court order, or for public health activities, law enforcement purposes, and other situations mandated by federal or state law.

  • De-identified and Aggregated Data: We may share aggregated or de-identified information, which cannot reasonably be used to identify you, for research, marketing, or analytics purposes.

5.) Data Security

We have implemented administrative, physical, and technical safeguards to protect the security and confidentiality of your information. These measures are designed to prevent unauthorized access, use, disclosure, alteration, or destruction of your data and include:

  • Encryption: Data is encrypted both in transit (using TLS/SSL) and at rest.

  • Access Controls: Access to PHI is strictly limited to authorized personnel and is based on the principle of minimum necessary access.

  • Regular Security Audits: We conduct regular risk assessments and security audits to ensure our safeguards remain effective.

 

While we take extensive measures to protect your information, no system is 100% secure. We cannot guarantee the absolute security of your information.

6.) Data RETENTION

We will retain your personal information and PHI for as long as your account is active and as necessary to provide you with our Services. We will also retain your information as required by federal and state laws, which often mandate that medical records be kept for a specific number of years. After this period, we will securely delete or de-identify your information.

7.) CHILDREN's PRIVACY

Our Services are not intended for use by individuals under the age of 18 without verifiable parental consent. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information without parental consent, we will take steps to delete it. If you are a parent or guardian and believe your child has provided us with information, please contact us.

8.) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email (sent to the email address specified in your account), through a notification in our App, or by posting a prominent notice on our Site prior to the change becoming effective. We encourage you to review this page periodically for the latest information on our privacy practices.

9.) Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, or if you wish to exercise your rights under HIPAA, please contact our Privacy Officer through our Buckhannon, WV office.

bottom of page