Your health privacy matters deeply. This notice explains exactly how Mouth-Body Companion protects your information with HIPAA-conscious workflows and minimum-necessary data principles.
HIPAA Compliance Statement — 2026
This Platform is engineered with HIPAA-conscious architecture. Practitioners who use this Platform to serve clients are advised to execute a Business Associate Agreement (BAA) with their practice management vendor and consult qualified HIPAA legal counsel. Full HIPAA certification requires administrative, physical, and technical safeguards beyond any single software application.
Effective Date: January 1, 2026
This notice describes how health-related information about you may be used and disclosed, and how you can get access to this information. Please review it carefully.
Mouth-Body Companion ("the Platform") is designed as an educational wellness support tool and does not itself constitute a covered healthcare entity under HIPAA. However, it is designed and operated with HIPAA-conscious workflows to protect user privacy at every layer.
Session authentication data (patient code, encrypted access token) — stored only in browser session memory.
Wellness self-check responses (symptom observations, habit tracking) — stored locally on your device only.
Exercise and routine completion progress — stored locally on your device only.
No name, address, date of birth, or insurance information is collected by the Platform.
No audio, video, or biometric data is collected.
Minimum necessary principle: we collect only what is needed for educational tracking and nothing more.
Automatic session timeout after 15 minutes of inactivity — your session is cleared from memory.
No health data is transmitted to or stored on external servers through this Platform.
Patient codes are assigned and managed by your licensed practitioner, not by the Platform.
All connections are served over HTTPS (TLS 1.3 encryption in transit).
No third-party advertising trackers are embedded in the Platform.
Your practitioner operates under their own HIPAA Business Associate obligations separate from this Platform.
Right to Access: You may request a copy of any information your practitioner holds about you in their own practice management system.
Right to Correct: You may ask your practitioner to correct inaccurate information.
Right to Restriction: You may ask your practitioner to limit certain uses of your information.
Right to Delete: You may clear all locally stored app data by clearing your browser or app cache at any time.
Right to Portability: Progress reports can be exported through the app for your own records.
Right to Complain: You have the right to file a complaint with the U.S. Department of Health and Human Services (HHS) if you believe your privacy rights have been violated.
Licensed practitioners using this Platform to serve clients are responsible for maintaining their own HIPAA compliance, including executing Business Associate Agreements (BAAs) where required.
Practitioners should not enter full legal names, birthdates, SSNs, or insurance IDs into the Platform.
Patient codes should be treated as confidential identifiers.
Practitioners are responsible for obtaining appropriate informed consent from clients before enrolling them in digital wellness programs.
Mouth-Body Companion is an educational wellness support platform only.
It is NOT a substitute for professional medical care, diagnosis, or treatment.
Content on this Platform has not been evaluated by the Food and Drug Administration (FDA).
Always consult your licensed healthcare provider for medical questions or concerns.
In case of emergency, call 911 or your local emergency number.
If you have questions about this Privacy Notice, please contact your Mouth-Body Companion practitioner directly.
For platform-level privacy inquiries: privacy@mouthbodycompanion.com
To file a complaint with HHS: www.hhs.gov/ocr/privacy
This notice may be updated periodically. The effective date at the top reflects the most recent version.