HIPAA Notice

Your Privacy Rights and Our Practices

Last updated: January 2024

Important Clarification

Witness is a coaching platform. We provide reflection, guidance, and support—not therapy or healthcare services. While we follow HIPAA-minded security practices, our service may not be considered a "covered entity" under HIPAA regulations. However, we voluntarily adopt strict privacy and security measures to protect your sensitive information.

Encryption

All recordings and personal data are encrypted both in transit (TLS 1.3) and at rest (AES-256). Your files are never accessible in unencrypted form.

Access Controls

Only the coach assigned to your submission can access your recordings. All access is logged and audited. Administrative staff cannot view your recordings.

Data Retention & Deletion

Recordings are automatically deleted 90 days after feedback delivery. You can request immediate deletion at any time. We maintain secure backup practices with defined retention periods.

Coach Agreements

All coaches on our platform sign confidentiality agreements and agree to handle your information with the same care as protected health information.

Your Rights

You have the right to:

  • Access: Request a copy of the information we have about you
  • Amendment: Request corrections to inaccurate information
  • Deletion: Request deletion of your recordings and personal data
  • Restriction: Request that we limit how we use your information
  • Portability: Receive your data in a commonly used format
  • Disclosure Accounting: Request a record of who has accessed your information

How We Protect Your Information

  • Multi-factor authentication for all accounts
  • Regular security assessments and penetration testing
  • Secure data centers with physical access controls
  • Employee training on privacy and security practices
  • Incident response procedures for potential breaches

Breach Notification

In the unlikely event of a data breach that affects your information, we will notify you within 72 hours via email and provide information about what happened and steps you can take.

Contact Our Privacy Team

For questions about your privacy rights or to exercise any of your rights, contact:

Email: support@witness.care
Phone: 801-999-8131
Address: [Your Business Address]