PRIVACY POLICY AND NOTICE OF PRIVACY PRACTICES

Golden Gate Concierge Nursing, P.C.
Effective Date: January 1, 2026


1. Our Commitment to Your Privacy:

Golden Gate Concierge Nursing, P.C. (“Company,” “we,” “our,” or “us”) is committed to protecting your privacy with the highest professional, ethical, and clinical standards. We coordinate private-duty and concierge nursing services through a curated network of licensed independent contractor Registered Nurses.

We comply with the following laws governing personal and medical information:

  • The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA)

  • The California Confidentiality of Medical Information Act (CMIA)

  • The Health Insurance Portability and Accountability Act (HIPAA), where applicable

  • All other relevant federal and California privacy laws

This Privacy Policy and Notice of Privacy Practices describes how we collect, use, disclose, and protect your information when you visit our website, submit inquiries, or receive nursing services coordinated through our practice.


2. Who We Are:

Golden Gate Concierge Nursing, P.C. is a professional corporation that coordinates private-duty and concierge nursing services.

All hands-on care is delivered by independent contractor Registered Nurses, who are not employees of the Company. These nurses are licensed healthcare professionals who exercise independent clinical judgment and are individually responsible for their own HIPAA, CMIA, and licensing compliance.

The Company does not provide medical treatment, diagnosis, or clinical decision-making.


3. HIPAA vs. CPRA: How Your Information Is Protected:

Different privacy laws protect different types of information:

  • Protected Health Information: (PHI)
    Governed by HIPAA and CMIA, this includes medical and clinical information collected during the course of care.

  • Personal Information: (PI)
    Governed by CPRA/CCPA, this includes identifiers, contact details, website visitor data, and inquiry information.

We apply strict privacy standards to all information, although your legal rights may differ depending on the type and purpose of the information collected.


4. Categories of Information We Collect:

We only collect information necessary to coordinate, schedule, and support concierge nursing services.

  • Identifiers:
    Name, address, email, phone number, date of birth, and similar details.

  • Sensitive Personal Information: (SPI)
    Includes medical history, diagnoses, medications, allergies, and health-related information required for nursing coordination and care.

  • Commercial Information:
    Billing details or payment information.

  • Communications:
    Emails, messages, and consultation notes exchanged with us.

  • Internet or Technical Information:
    IP addresses, browser type, device information, and website activity collected through Squarespace and Google Analytics.

We do not collect biometric identifiers, precise geolocation data, or any categories of information not described in this Notice.


5. Information You Voluntarily Provide:

  • Personal Information:(name, email, phone, address, DOB)

  • Medical or clinical information (PHI):
    Medical history, medications, allergies, prior treatments, current health concerns, care goals, or any information necessary for nursing care.

  • Payment Information:
    Used only for billing and invoicing when applicable.

  • Internet/Device Information when using the website:

We collect these only when you choose to submit them, and only for legitimate clinical or operational purposes.


6. How We Collect Information:

We collect information through:

  • HIPAA-compliant online forms (FormHippo)

  • Google Workspace (with Business Associate Agreement in place)

  • Communications with independent contractor nurses

  • Website interactions (Squarespace & Google Analytics)

  • Optional phone, video or electronic consultations

We do not require you to submit medical information through unsecured communication channels.


7. How We Use Your Information:

We use your information only for legitimate healthcare and operational purposes:

  • Coordinating and scheduling nursing services

  • Providing information necessary for your assigned nurse to deliver care

  • Communicating care updates, recommendations, or scheduling changes

  • Processing payments and invoices

  • Maintaining accurate care and business records

  • Improving website stability and security

  • Meeting legal, regulatory, and professional requirements

We do not sell or “share” personal information as defined under CPRA.
We do not use PHI for marketing, advertising, or commercial purposes.


8. Use of Sensitive Personal Information: (CPRA Requirement)

We collect and use sensitive personal information—including medical data — solely for purposes reasonably expected to provide healthcare services.

Because this qualifies as a “necessary service,” you do not have the right to limit our use of sensitive personal information under CPRA §1798.121.


9. How We Protect Your Information:

We maintain strict administrative, technical, and physical safeguards, including:

  • HIPAA-compliant intake and email systems

  • Encryption in transit and at rest

  • Access controls and multi-factor authentication

  • Confidentiality agreements for all contractors

  • Minimum necessary access standards

  • Secure data retention and destruction procedures

No system is entirely risk-free; but we follow industry-leading standards.


10. How We Disclose Information:

We disclose information only when appropriate and permitted by law:

A. Independent Contractor Nurses:
 Provided only the information necessary to deliver care.

B. Service Providers / Business Associates:
 Includes FormHippo, Google workspace, payment processors, Squarespace, and other secure vendors.

C. Legal or Regulatory Compliance:
Disclosures may occur only when required by law, court order, or in situations involving serious threats to safety.

We do not disclose information for advertising, marketing, or data sales.


11. Your Rights Under California Law: (CPRA/CCPA)

You have the following rights regarding your personal information:

Right to Know what we collect
Right to Access your information
Right to Correct inaccurate information
Right to Delete (subject to medical recordkeeping laws)
Right to Data Portability
Right to Non-Discrimination
Right to Opt-Out of Sale/Sharing (we do not sell/share any data
Right to Use an Authorized Agent to submit requests

📧 privacy@GoldenGateNurse.com


12. Categories of Personal Information Sold or Shared

In accordance with CPRA §§1798.140(ad)–(ah):

We do not sell or share any personal information, including for cross-context behavioral advertising.


13. CMIA Medical Information Protections

Under the California Confidentiality of Medical Information Act:

  • We will not use or disclose medical information for marketing, fundraising, or commercial purposes without your explicit written authorization.

  • We disclose medical information only as permitted by law (e.g., for treatment or public health obligations).


14. Data Retention: (CPRA-Compliant)

We retain information only as long as required:

  • Identifiers: 7 years after last client interaction
  • PHI / Medical Records: Minimum 7 years per California regulation
  • Billing & Payment Records: 7 years
  • Communications: 3–7 years
  • Website Data: Up to 24 months

After expiration, information is securely deleted or destroyed.


15. Children’s Privacy:

We do not knowingly collect information from children under 13 without parental consent.

Accidental submissions will be securely deleted.


16. Cookies, Analytics & Website Use:

Our website uses:

  • Squarespace Analytics
  • Google Analytics (GA4)

Collected data is non-identifying and used only to improve performance and security.

You may disable cookies at any time.

We do not use advertising or behavioral tracking cookies.


17. No Financial Incentives:

We do not offer discounts, rewards, or incentives in exchange for personal information.


18. Your HIPAA Privacy Rights:

You have the following rights regarding your Protected Health Information:

  • Right to Access your medical records

  • Right to Request Corrections

  • Right to Request Restrictions on certain uses/disclosures

  • Right to Request Confidential Communications

  • Right to an Accounting of Disclosures

  • Right to a Paper Copy of this Notice

Requests may be submitted to privacy@GoldenGateNurse.com.


19. Breach Notification:

If a breach of unsecured PHI occurs, we will notify you promptly in accordance with HIPAA Breach Notification Rule requirements.


20. Complaints:

You may file a complaint if you believe your privacy rights have been violated:

  • Golden Gate Concierge Nursing, P.C.

  • U.S. Department of Health and Human Services, Office for Civil Rights

No retaliation will occur for filing a complaint.


21. Accessibility:

To request this Notice in an alternative format or language, contact: privacy@GoldenGateNurse.com


22. Emergency Medical Disclaimer:
Golden Gate Concierge Nursing does not provide emergency medical services.

For any emergency, call 911 immediately.


23. Changes to This Privacy Policy:

We may update this Privacy Policy periodically.

The updated version will be posted with a revised Effective Date. Continued use of our services constitutes acceptance of the revised terms.


24. Contact Information:

Golden Gate Concierge Nursing, P.C.

📧 privacy@GoldenGateNurse.com

📞 (415) 555-5555


Acknowledgment:
By using our website, submitting an inquiry, or receiving services, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described.