Privacy Policy
Effective Date: 08/26/2025
Tavia Health Inc., a Delaware corporation, ("Tavia Care LLC (a wholly owned subsidiary of Tavia Health Inc.", “Tavia”, “Tavia Health” “we,” “us,” or “our”), operates as a management services organization (MSO) and independent practice association (IPA). Tavia Health provides administrative, operational, and contracting support to independent contractor licensed therapists (the “Tavia Health Professionals”). All clinical services, including physical, occupational, and speech therapy, are delivered solely by the Tavia Health Professionals, who are independently licensed and responsible for patient care.
This Privacy Policy explains how we collect, use, disclose, and protect your personal information and protected health information (PHI) when you use our telehealth, in-clinic based care, and in-home therapy services (physical, occupational, and speech therapy), referral services, electronic health record (EHR) systems, administrative support, our website: Taviahealth.io and any related web-based and mobile applications (collectively, the “Services”). This policy complies with the Health Insurance Portability and Accountability Act (HIPAA), the Children’s Online Privacy Protection Act (COPPA), and applicable state laws. It does not apply to data collected from individuals outside the United States, as Tavia Health does not provide Services or collect data internationally.
By using our Services, you agree to the practices described in this Privacy Policy, which provides additional details on your rights and our responsibilities regarding PHI under HIPAA. If you do not agree, please do not use the Services.
1. Information We Collect
We collect the following types of information:
Personal Information
Account Information: When you create an account, we collect your name, email address, phone number, mailing address, and other details you provide (e.g., date of birth, insurance information).
Payment Information: We collect billing details (e.g., credit card or bank account information) through our third-party payment processor (Stripe) to process payments for Services.
Contact Information: We collect information you provide when contacting us, such as through our support or feedback forms.
User Submissions: We collect feedback, reviews, surveys, or other content you submit about the Services.
Communication Data: We collect information from your interactions with us, such as emails, texts, or app messages, including Remote Therapeutic Monitoring (RTM) responses.
Protected Health Information (PHI)
Health Information: If you receive therapy services, we collect PHI, such as medical history, treatment plans, appointment details, and RTM data, as defined by HIPAA.
Medical and Billing Records: We maintain records related to your care, billing, insurance claims, and case management, as required by HIPAA.
Usage Data
Technical Information: We collect device and usage data, such as IP address, browser type, device identifiers, operating system, and app usage patterns, to operate and improve the Services.
Analytics Data: We collect anonymized or aggregated data to analyze Service performance and user behavior.
Information from Minors
We do not knowingly collect personal information from children under 13 without parental consent, per COPPA. If you are under 13, do not attempt to register or provide personal information. If we discover such data, we will delete it. Contact info@taviahealth.io. if you believe a child under 13 has provided information without consent.
2. How We Collect Information
We collect information:
Directly from You: When you create an account, schedule appointments, submit Reviews, participate in RTM, or contact us.
Automatically: Through cookies, web beacons, and similar technologies when you use the Site or apps.
From Third Parties: From Tavia Health Professionals (e.g., treatment notes), insurance providers (e.g., coverage details), or our payment processor (e.g., billing confirmation).
From Partners: If you access Services through our health system or clinic partners, we may receive relevant information about you.
3. How We Use Information
We use your information to:
Provide Services: Facilitate telehealth, in-clinic based care, and in-home therapy (delivered by Tavia Health Professionals), referrals, and EHR/administrative support, including scheduling appointments, managing accounts, and delivering care plans.
Process Payments: Bill for Services, process insurance claims, and manage financial transactions.
Communicate with You: Send appointment reminders, legal disclosures, updates to Terms or Privacy Policy, and marketing messages (with your consent, where required).
Improve Services: Analyze usage data and Reviews to enhance the Site, apps, and user experience.
Comply with Laws: Meet HIPAA requirements (e.g., maintaining medical and billing records), COPPA, and other applicable laws.
Ensure Security: Protect against fraud, unauthorized access, or misuse of the Services.
4. How We Share Information
We share your information only as described below, subject to HIPAA and other applicable laws:
With Tavia Health Professionals
We share PHI with Tavia Health Independent Contractor Professionals and other Health Professionals involved in your care, to deliver therapy services, such as treatment plans or appointment details.
Reviews may be shared with Tavia Health Independent Contractor Professionals with your consent to improve care.
With Third Parties
Service Providers: We share information with vendors (e.g., Stripe for payments, cloud hosting providers) to operate the Services, subject to confidentiality agreements and HIPAA compliance where applicable.
Insurance Providers: We share PHI and billing information with your insurer to process claims, as authorized by you.
Health System or Clinic Partners: If you access Services through our partners, we may share relevant information to coordinate care or billing.
Legal Compliance: We may disclose information to comply with legal obligations, such as responding to subpoenas, court orders, or government requests, or to protect our rights, safety, or property.
Public Sharing
With your consent, we may share Reviews publicly (e.g., on our website or marketing materials) to promote the Services. Shared Reviews may include your name, state, and care start date (e.g., “Patient since August 2025”).
De-Identified Data
We may share anonymized or aggregated data for analytics, research, or marketing purposes, ensuring it cannot identify you.
We do not sell your personal information or PHI.
5. Your Choices
Account Information: Update your Account Information via your account settings or by contacting info@taviahealth.io.
Electronic Communications: Opt-out of non-essential communications (e.g., marketing texts or emails) via account settings or by replying “stop” to texts. You cannot opt out of essential communications (e.g., appointment reminders, billing notices).
Reviews: Choose whether Reviews are shared publicly or with Tavia Health Professionals when submitting them.
6. Data Retention
We retain information as required by HIPAA, including:
Medical and billing records for at least 6 years (or longer, per applicable state law).
Signed authorizations and other related notices and acknowledgments.
Other records used to make decisions about you.
Personal information not subject to HIPAA (e.g., contact details) is retained as needed to provide Services or meet legal obligations. If you deactivate your account, we retain PHI and other records as required by law. Non-essential data may be deleted upon request, subject to legal requirements.
7. Data Security
We use reasonable administrative, technical, and physical safeguards to protect your information, including encryption, access controls, and secure servers. However, no system is completely secure, and we cannot guarantee absolute security. You are responsible for protecting your account credentials and using caution on public/shared devices. Notify us immediately at info@taviahealth.io if you suspect unauthorized access.
8. Your Rights Under HIPAA
Our Privacy Policy provides the following rights regarding your PHI, including:
Access: Request a copy of your PHI.
Amendment: Request corrections to inaccurate PHI.
Accounting of Disclosures: Request a list of certain disclosures of your PHI.
Restriction: Request limits on how we use or share your PHI.
Confidential Communications: Request alternative communication methods (e.g., a different email or phone number).
Complaint: File a complaint if you believe your privacy rights have been violated.
To exercise these rights or file a complaint, contact info@taviahealth.io.
9. Third-Party Links and Services
The Services may link to third-party websites or services (e.g., payment processors). These third parties have their own privacy policies, and we are not responsible for their practices. Review their policies before providing information.
10. Children’s Privacy
Per COPPA, we do not knowingly collect personal information from children under 13 without verifiable parental consent. If you are a parent or guardian and believe your child has provided information without consent, contact info@taviahealth.io to request deletion.
11. Changes to This Privacy Policy
We may update this Privacy Policy at any time. We will notify you of material changes by posting the updated policy on the Site and, if we have your email, sending a notice at least 15 days before the effective date. Continued use of the Services after the effective date constitutes acceptance of the updated policy.
12. Contact Information
For questions, concerns, or to exercise your privacy rights, contact us at:
Email: info@taviahealth.io
Phone: 848-243-0522
Mail:
1412 Broadway
Floor 21
New York, NY 10018
You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. Options and instructions for filing a complaint can be accessed at: