Legal
Effective Date: February 4, 2026
Company: MYOUSS Group LLC, operating as HHAOps
MYOUSS Group LLC, operating as HHAOps (“we,” “us,” or “our”), provides a SaaS platform at HHAOps.com designed to support home healthcare agencies in the United States with operational and administrative workflows. This Privacy Policy describes how we collect, use, disclose, and protect information in connection with our platform and website. Our customers are home healthcare agencies (“Agencies”). Agency staff who use the platform (“Users”) do so under their Agency’s account. As part of providing our Services, we may receive or process Protected Health Information (“PHI”) on behalf of Agencies, who are Covered Entities under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). In that capacity, HHAOps functions as a Business Associate as defined under HIPAA and its implementing regulations.
When an Agency creates an account, we collect: the agency's legal name, address, and contact information; billing and payment information for platform subscriptions; the names, email addresses, titles, and login credentials of authorized Users; and any other information provided during onboarding or account setup.
We automatically collect information about how Users interact with the platform, including: log data (IP addresses, browser type, pages visited, timestamps); device identifiers; feature usage and session data; and error and diagnostic logs. This data is used to operate, maintain, and improve the platform.
In the course of providing Services, the platform may process PHI submitted by Agencies and their Users, including but not limited to: patient names and demographic information; dates of service and care schedules; caregiver assignments; clinical notes and diagnoses; and billing and Electronic Visit Verification (EVV) data.
We receive and process this PHI solely as a Business Associate acting on behalf of the Agency as the Covered Entity. Our use and disclosure of PHI is governed by our Business Associate Agreement ("BAA") with each Agency and applicable HIPAA regulations — not by this Privacy Policy. If you have questions about how your Agency handles PHI, please contact your Agency directly.
We do not collect payment card numbers directly. Subscription fees are collected via ACH bank transfer. We do not sell personal information to third parties. We do not use PHI for marketing, advertising, or any purpose other than providing the contracted Services.
Account and Business Information: To provision and manage accounts; to communicate with Agencies about their subscriptions; to send service-related notices; and to comply with legal obligations.
Usage Data: To operate, maintain, secure, and improve the platform; to analyze usage patterns and develop new features; and to troubleshoot technical issues.
PHI: Solely to perform the Services described in the applicable subscription agreement and BAA. We will not use or disclose PHI except as permitted or required by the BAA and HIPAA.
We do not sell or rent personal information or PHI. We may share information in the following limited circumstances:
Service Providers. We engage third-party vendors to help operate the platform (e.g., cloud hosting, infrastructure, analytics). These vendors are contractually bound to protect information and may only use it to provide services to us. Where such vendors may access PHI, we execute appropriate BAAs with them.
Legal Requirements. We may disclose information if required to do so by law, court order, or government authority, or if we believe in good faith that disclosure is necessary to protect our legal rights or the safety of any person.
Business Transfers. In the event of a merger, acquisition, or sale of assets, information may be transferred to the successor entity, subject to the same privacy obligations described in this Policy.
With Your Consent. We may share information for any other purpose with your explicit consent.
As a Business Associate under HIPAA, we are required to: (a) use and disclose PHI only as permitted by our BAA and applicable law; (b) implement appropriate administrative, physical, and technical safeguards to protect PHI; (c) report any known breach of unsecured PHI to the applicable Agency without unreasonable delay; (d) ensure that any subcontractors that handle PHI on our behalf agree to the same restrictions; and (e) return or destroy PHI upon termination of the BAA, to the extent feasible.
Each Agency that uses the platform must execute a Business Associate Agreement with us before accessing any feature that involves PHI. We will not permit an Agency to submit PHI to the platform without a signed BAA in place.
We implement commercially reasonable administrative, technical, and physical safeguards designed to protect the information we hold against unauthorized access, disclosure, alteration, or destruction. These measures include encrypted data transmission (TLS), encrypted data storage, access controls and role-based permissions, audit logging, and regular security assessments.
No security system is impenetrable. In the event of a security incident involving PHI, we will notify affected Agencies in accordance with our BAA and HIPAA's Breach Notification Rule.
We retain account and business information for as long as an Agency's account is active and for a reasonable period thereafter for legal and business purposes. Usage data is retained in accordance with our standard data retention schedules. PHI is retained and disposed of in accordance with the applicable BAA and HIPAA requirements.
Users access the platform on behalf of their Agency. Rights to access, correct, or delete PHI are exercised through the Agency as the Covered Entity, not directly through us. If you believe your PHI has been improperly handled, please contact your Agency. For questions about account or non-PHI information held by us, please contact us at legal@hhaops.com.
We use cookies and similar technologies to maintain user sessions, remember preferences, and analyze platform usage. Users may configure their browsers to refuse cookies, though this may affect platform functionality. We do not use third-party advertising cookies or behavioral tracking for advertising purposes.
The platform is intended for use by healthcare professionals and agency staff. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have collected such information, we will delete it promptly.
We may update this Privacy Policy from time to time. We will notify Agencies of material changes by email or by posting a notice within the platform at least thirty (30) days before the change takes effect. Continued use of the platform after the effective date constitutes acceptance of the updated Policy.
For questions about this Privacy Policy, please contact:
MYOUSS Group LLC d/b/a HHAOps 418 Broadway, Suite 11235 Albany, NY 12207 Email: legal@hhaops.com Phone: 646-535-3685
© 2026 MYOUSS Group LLC d/b/a HHAOps. All rights reserved.