We collect some personal information about clients which the therapist enters into this app in order to properly manage patient treatment assessment records. We also collect a small amount of personal information about the therapist which is used to identify the author of treatment assessment records, and at the discretion of the therapist, this information is placed into each assessment record.
Client information may include text about, and potentially pictures of clients being treated, which are made part of the treatment assessment records. It may also include pain diagrams hand-drawn by the therapist which describe where pain occurs for treatment and progress tracking purposes.
We do not save any of this information in any fashion, and we do not transfer any information to third parties, except by the explicit request of the therapist using the app. The information collected is only saved locally on the iPad which is running the app, until the therapist authorizes a transfer to a designated third party by sending assessment pdf files to a third party, or sending appointment reminders to clients, or by printing the assessments.
The app has a voice-to-text translation function to assist the therapist in quickly gathering treatment information from the client, and entering it in the assessment form. This translation is only performed locally on the iPad running the app. The app guarantees that text information is not sent out of the app for text translation by requiring that the iPad be disconnected from any Wi-Fi or Cellular internet connection before allowing voice-to-text translation. This is done to maintain HIPAA compliance for medical records, since remote voice-to-text translation by Apple’s servers is not guaranteed to be HIPAA compliant.
Patient information which is saved locally on the iPad is encrypted with the AES encryption provided by Apple whenever the app is put into the background, or is stopped by the user, or when the user turns off the iPad. This includes all text or hand-written information, and any pictures which are part of the assessment forms. The only exceptions to this occur when the app user creates a pdf version of a patient assessment, in order to transfer it to another app, or print it or email it.
The unencrypted assessments are placed locally on the iPad running the app (only). The app provides a tool to remove all unencrypted assessments with a single button tap, in order to keep the app in HIPAA compliance, once uploads, printing, and emailing are complete. The pdf information is only transferred outside of the app by the user, and only to the third parties specified by the user.
At the discretion of the app user, some therapist information may be part of the assessment form (therapist text and hand-written signature and therapy license number), but the therapist information is only shared with a third party when the therapist decides to send out the information as part of an assessment.
The only additional information about the therapist which is collected occurs when the therapist purchases the full version of the app from the Apple App Store. Apple requires that the user log in with an Apple id and password in order to complete the purchase.This information is not saved within the app in any fashion, and its entry is governed by Apple’s privacy policies for the App Store. We do not have access to the details of your payment when you purchase the full app.
If you email us with a support request, or for other reasons, or when you send us your feedback, we receive any personal information that you send. It is totally at your discretion.
What is our data retention policy?
We do not keep any of your personal or client information – it is all located on the local iPad which is running the app.
What is the user’s responsibility for privacy?
The app is designed to be HIPAA-compliant in order to keep personal and medical information secure. In order to maintain that compliance, the app user should use the function provided by the app to delete unencrypted pdf assessments after working with them.
Also, if the app user transfers assessments to third parties, it is the user’s responsibility to ensure that the third party maintains HIPAA-compliant procedures for any information transferred by the user, and the user must complete any necessary agreements with the third party to ensure HIPAA-compliance, before transferring client information.
In order to maintain HIPAA-compliance, the app requires the user to enter an encryption password when it is first installed, and gives the user the ability to change the password at any time. The user is also given the ability to save encrypted zip file backups of the user information, and restore it later. The user must ensure that the encryption password in use when a zip file backup is created is still available for use when the user restores the app information later on.
Do we disclose any information to outside parties?
Children’s Online Privacy Protection Act Compliance
This app is directed toward professional neuromuscular massage therapists who are at least 17 years old or older, which is reflected in the Apple App Store product rating. If you are under the age of 17, per Apple’s rating suggestions, do not use the app. If you are under the age of 13, per the requirements of COPPA (Children’s Online Privacy Protection Act), do not use this app.
This document was last updated June 20, 2020.