Legal

HIPAA Notice

Last Updated: April 26, 2026

This notice describes how MonitoRight relates to HIPAA in its role as a bridge between technology providers and healthcare organizations. MonitoRight does not collect, store, or process protected health information (PHI) through this website.

1. MonitoRight's Role Under HIPAA

MonitoRight operates as a facilitator and bridge connecting remote monitoring technology vendors and clinical platforms with the healthcare practices and organizations that use those tools to deliver patient care. In this capacity:

MonitoRight is not a Covered Entity under HIPAA, as we do not directly provide healthcare services, health plans, or healthcare clearinghouse functions.
MonitoRight may function as a Business Associate in limited circumstances — specifically when a healthcare provider engages us to assist in activities that involve access to PHI on their behalf. In those circumstances, a Business Associate Agreement (BAA) will be executed prior to any such engagement.
This website does not transmit, store, or process PHI. Inquiry forms collect contact information only.

2. What We Do Not Collect

Through this public-facing website, MonitoRight does not collect:

Patient names, dates of birth, or identifying information
Medical record numbers, diagnoses, or treatment data
Health insurance or claims information
Any other information that constitutes PHI under HIPAA

Important: Do not submit protected health information through the inquiry forms on this website. If you need to share clinical details in the context of a formal engagement, our team will provide a secure channel for that communication.

3. HIPAA Compliance in Remote Monitoring Programs

When MonitoRight facilitates the implementation of an RPM, CCM, or RTM program for a healthcare organization, HIPAA compliance is a shared responsibility:

The healthcare provider or organization is the Covered Entity and bears primary responsibility for HIPAA compliance, including patient consent, Notice of Privacy Practices, and safeguarding PHI.
Technology and clinical platform vendors connected through MonitoRight are required to maintain their own HIPAA compliance programs and execute BAAs directly with the Covered Entity where applicable.
MonitoRight will execute a Business Associate Agreement with any Covered Entity that engages us in a capacity that involves access to PHI.

4. Business Associate Agreements

If your organization requires a Business Associate Agreement as part of engaging MonitoRight's services, please contact us directly. We are committed to executing appropriate agreements prior to any engagement that involves access to protected health information.

5. Security Practices

MonitoRight takes data security seriously. For our website operations, we employ reasonable administrative, technical, and physical safeguards to protect the contact information submitted through our inquiry forms. We use HTTPS encryption on all pages and process form submissions through HIPAA-conscious service providers.

6. Breach Notification

In the event of a data security incident involving information submitted through this Site, MonitoRight will notify affected individuals in accordance with applicable state and federal breach notification laws. If MonitoRight is operating as a Business Associate under an executed BAA, we will notify the relevant Covered Entity of any breach involving PHI in accordance with HIPAA's Breach Notification Rule.

7. For Healthcare Providers

If you are a healthcare provider, practice administrator, or compliance officer with questions about how MonitoRight programs interact with your HIPAA obligations, we encourage you to:

Consult with your organization's HIPAA Privacy Officer
Review the HIPAA compliance documentation of any technology vendor you engage
Contact MonitoRight directly to discuss BAA requirements before program implementation

8. For Families and Caregivers

If you are a family member or caregiver inquiring about remote monitoring for a loved one, please be assured that we do not collect any health information about your loved one through this website. Any information you share through our family inquiry form (name, location, general situation) is used solely to connect you with the appropriate program through your loved one's care team.

9. Updates to This Notice

We may update this HIPAA Notice as our services evolve or as regulatory requirements change. Updates will be posted on this page with a revised effective date.

10. Contact Us

For HIPAA-related questions, Business Associate Agreement requests, or data security concerns, please contact:
info@monitoright.io
MonitoRight.io — The Bridge in Remote Care®