HIPAA Notice of Privacy Practices

Last updated: March 2026

This notice describes how health information about patients may be used and disclosed, and how patients can get access to this information. Please review it carefully.

1. Who We Are

LiteraSeed, Inc. is a Business Associate under HIPAA. We provide patient communication and intake services to Covered Entities (health systems, hospitals, and payer organizations). We handle Protected Health Information (PHI) only as directed by and on behalf of our Covered Entity customers.

2. How We Use and Disclose PHI

As a Business Associate, we use and disclose PHI only as permitted by our Business Associate Agreements (BAAs) with Covered Entities and as required by applicable law. Permitted uses include:

  • Providing patient intake and communication services on behalf of healthcare providers
  • Delivering structured patient summaries to authorized EHR systems
  • Supporting treatment, payment, and healthcare operations as directed by Covered Entities

3. Data Security

LiteraSeed implements administrative, physical, and technical safeguards to protect PHI in accordance with the HIPAA Security Rule. All data is encrypted in transit (TLS 1.2+) and at rest. Access to PHI is restricted to authorized personnel on a need-to-know basis.

4. Patient Rights

Patient rights regarding their PHI (access, amendment, restriction, accounting of disclosures) are administered by the Covered Entity (your healthcare provider), not by LiteraSeed directly. Please contact your healthcare provider to exercise these rights.

5. Breach Notification

In the event of a breach of unsecured PHI, LiteraSeed will notify the applicable Covered Entity as required by the HIPAA Breach Notification Rule.

6. Contact

For questions about this notice or our HIPAA compliance practices, contact our Privacy Officer at hello@literaseed.io.