Aabcor, Inc. Privacy Policy and Data Security

Introduction

Aabcor, Inc. ("we," "us," or "our") is committed to protecting the privacy and security of personal information collected from our clients, their families, and website visitors. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (www.aabcorinc.com), use our care management services, or communicate with us through various channels including text messaging.

Information We Collect

Personal Information

We may collect the following types of personal information:

Client Care Information:

  • Name, address, phone number, and email address

  • Date of birth and emergency contact information

  • Medical history and health information relevant to care management

  • Insurance information and financial data for billing purposes

  • Documentation related to brain injury, disability status, and care needs

  • Communication preferences and accessibility requirements

Communication Records:

  • Phone call logs and voicemail messages

  • Email correspondence

  • Text message communications for appointment confirmations and resource sharing

  • Documentation of in-person meetings and consultations

Website Usage Information:

  • IP address, browser type, and device information

  • Pages visited and time spent on our website

  • Referring websites and search terms used

Protected Health Information (PHI)

As a healthcare-related service provider, we collect and maintain Protected Health Information under HIPAA regulations, including:

  • Medical diagnoses and treatment information

  • Care plan details and progress notes

  • Information from healthcare providers and specialists

  • Therapy and rehabilitation records

How We Use Your Information

We use collected information for the following purposes:

Care Management Services:

  • Developing and implementing personalized care plans

  • Coordinating with healthcare providers, therapists, and community resources

  • Monitoring client progress and adjusting care strategies

  • Facilitating communication between clients, families, and care team members

Administrative Functions:

  • Scheduling appointments and sending confirmation reminders

  • Billing and insurance claim processing

  • Maintaining accurate client records and documentation

  • Complying with legal and regulatory requirements

Communication and Support:

  • Responding to inquiries and providing customer support

  • Sending appointment confirmations and reminders via text message

  • Sharing relevant resources and educational materials

  • Providing updates on available community services and programs

Quality Improvement:

  • Evaluating and improving our services

  • Training staff and maintaining professional standards

  • Conducting satisfaction surveys and collecting feedback

Text Messaging Services

Appointment Confirmations

We offer text messaging services to confirm upcoming appointments and send reminders. By providing your mobile phone number and consenting to receive text messages, you agree to:

  • Receive appointment confirmation messages 24-48 hours before scheduled visits

  • Receive reminder messages on the day of your appointment

  • Receive rescheduling notifications if changes are necessary

Resource Sharing

We may send text messages containing:

  • Links to helpful resources and educational materials

  • Information about community programs and services

  • Updates about available support groups or workshops

  • Emergency contact information and crisis resources

Text Message Consent and Opt-Out

  • Consent: By providing your mobile number, you consent to receive text messages from Aabcor, Inc.

  • Frequency: Message frequency varies based on your appointment schedule and selected services

  • Charges: Standard message and data rates may apply

  • Opt-Out: Reply STOP to any text message to unsubscribe from future messages

  • Help: Reply HELP for assistance or contact us at (630) 493-9516

Information Sharing and Disclosure

We may share your information in the following circumstances:

With Your Consent:

  • Sharing information with family members or caregivers as authorized by you

  • Communicating with healthcare providers in your care team

  • Coordinating services with community organizations and resources

Legal and Regulatory Requirements:

  • Complying with court orders, subpoenas, or legal proceedings

  • Reporting to government agencies as required by law

  • Protecting against fraud or other illegal activities

Business Operations:

  • Working with contracted service providers who assist in our operations

  • Sharing anonymized data for research or quality improvement purposes

  • Transferring information in the event of a business merger or acquisition

Emergency Situations:

  • Sharing information when necessary to prevent serious harm to you or others

  • Coordinating emergency medical care when required

Data Security Measures

We implement comprehensive security measures to protect your personal information:

Technical Safeguards

  • Encryption: All sensitive data is encrypted both in transit and at rest using industry-standard encryption protocols

  • Secure Networks: Our systems operate on secure, password-protected networks with firewall protection

  • Access Controls: Multi-factor authentication and role-based access controls limit system access to authorized personnel only

  • Regular Updates: We maintain current security software and apply security patches promptly

Physical Safeguards

  • Secure Facilities: Physical access to our offices and file storage areas is restricted and monitored

  • Locked Storage: Paper records are stored in locked cabinets and secure filing systems

  • Device Security: All computers and mobile devices are password-protected and encrypted

Administrative Safeguards

  • Staff Training: All employees receive regular training on privacy, security, and HIPAA compliance

  • Background Checks: We conduct thorough background checks on all staff members

  • Incident Response: We have established procedures for responding to security incidents and data breaches

  • Regular Audits: We conduct periodic security assessments and compliance audits

Communication Security

  • Secure Email: We use encrypted email systems for transmitting sensitive information

  • Text Message Security: Text messages are sent through secure, HIPAA-compliant messaging platforms

  • Phone Security: We use encrypted communication systems and follow protocols for confidential conversations

Data Retention

We retain your information for the following periods:

  • Active Client Records: Maintained during the duration of our service relationship

  • Inactive Client Records: Retained for 7 years after service termination or as required by law

  • Medical Records: Maintained according to state and federal requirements (typically 7-10 years)

  • Financial Records: Retained for 7 years for tax and auditing purposes

  • Communication Records: Text messages and emails retained for 3 years unless longer retention is required

Your Privacy Rights

You have the following rights regarding your personal information:

Access and Review

  • Request copies of your personal information and care records

  • Review how your information has been used and shared

  • Obtain an accounting of disclosures made without your authorization

Amendment and Correction

  • Request corrections to inaccurate or incomplete information

  • Add supplementary information to your records

  • Request updates to your communication preferences

Restriction and Objection

  • Request restrictions on how your information is used or shared

  • Object to certain uses of your information

  • Opt out of non-essential communications

Data Portability

  • Request your information in a commonly used electronic format

  • Request transfer of your records to another healthcare provider

  • Obtain copies of your care plans and progress reports

Cookies and Website Technology

Our website may use cookies and similar technologies to:

  • Remember your preferences and settings

  • Analyze website traffic and user behavior

  • Improve website functionality and user experience

  • Provide relevant content and resources

You can control cookie settings through your browser preferences.

Third-Party Services

We may work with third-party service providers who assist with:

  • Website hosting and maintenance

  • Email and text messaging services

  • Data backup and storage

  • Billing and payment processing

All third-party providers are required to maintain appropriate security measures and comply with applicable privacy laws.

Children's Privacy

Our services are primarily designed for adults with brain injuries and complex health needs. We do not knowingly collect personal information from children under 13 without parental consent. If we become aware that we have collected information from a child under 13, we will delete such information promptly.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

  • Post the updated policy on our website

  • Notify clients of significant changes via email or text message

  • Provide advance notice when possible

Breach Notification

In the event of a data security incident that may compromise your personal information, we will:

  • Investigate the incident promptly and thoroughly

  • Take immediate steps to secure affected systems

  • Notify affected individuals within 60 days of discovery

  • Report the incident to appropriate regulatory authorities as required

  • Provide information about steps you can take to protect yourself

Contact Information

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Aabcor, Inc.
Phone: (630) 493-9516
Email: info@aabcorinc.com
Business Hours: Monday through Friday

Complaints

If you believe your privacy rights have been violated, you may file a complaint with:

  • Aabcor, Inc. Privacy Officer (contact information above)

  • U.S. Department of Health and Human Services Office for Civil Rights

  • Illinois Department of Public Health (if applicable)

We will not retaliate against you for filing a privacy complaint.

Acknowledgment

By using our services, visiting our website, or providing your contact information, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein.

This Privacy Policy complies with applicable federal and state privacy laws, including HIPAA, HITECH Act, and Illinois state privacy regulations. For specific legal questions, please consult with qualified legal counsel.