Privacy Policy

WTT Solutions LLC (“VCare Health,” “we,” “our,” or “us”) provides an AI-powered medical receptionist platform that helps healthcare practices automate patient call handling, appointment scheduling, and front-desk operations.

This Privacy Policy describes how we collect, use, disclose, and protect information when you use our website, platform, and services (“Services”). It also describes your rights and choices regarding that information.

If you are a healthcare provider using VCare Health on behalf of patients, please also review our Business Associate Agreement (BAA), which governs our handling of Protected Health Information (PHI) under HIPAA.

We collect information in the following categories:

2.1 Information you provide directly

• Account registration information: name, work email address, practice name, phone number
• Billing information: payment card details (processed by our payment processor; we do not store full card numbers)
• Communications with our team: support tickets, demo requests, trial sign-up forms
• EHR credentials and configuration settings provided during onboarding

2.2 Information collected automatically

• Log data: IP addresses, browser type, referring URLs, pages visited, and timestamps
• Usage data: feature usage patterns within the VCare dashboard
• Cookies and similar technologies: session cookies for authentication and preference cookies

When healthcare providers use VCare Health to handle patient calls, patient information — including names, phone numbers, appointment details, and reason-for-visit — constitutes Protected Health Information (PHI) under HIPAA.

We process PHI solely as a Business Associate on behalf of covered entities (your healthcare practice), under the terms of a signed Business Associate Agreement (BAA). PHI is never used for marketing, advertising, or any purpose outside the scope of the Services defined in your BAA.

A BAA is included on all VCare Health plans at no extra cost. To request a copy or discuss HIPAA compliance, contact us at info@vcare-health.com.

We use the information we collect to:

• Provide, operate, and maintain the VCare Health platform and Services
• Process and confirm account registrations and subscription payments
• Configure and integrate with your EHR system during onboarding
• Respond to support requests and communicate about your account
• Send product updates, service notifications, and security alerts
• Monitor and analyze usage patterns to improve the Services
• Detect, investigate, and prevent fraudulent or unauthorized activity
• Comply with applicable legal obligations

We do not use patient PHI for marketing, advertising, product development unrelated to delivering the Services, or any purpose not specified in your BAA.

We may share your information with:

Service providers: Third-party vendors that assist in operating the platform (e.g., cloud infrastructure, payment processing, email delivery). All service providers are contractually bound to protect data and use it only for the purposes we specify.

EHR and integration partners: Your designated EHR system, solely to read and write scheduling data as configured during onboarding.

Legal and regulatory authorities: When required by law, court order, or other legal process, or when we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

Business transfers: In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred to the acquiring entity. We will provide notice before such a transfer.

We do not sell your personal information or PHI to any third party.

We implement technical and organizational measures designed to protect your information:

• All data in transit is encrypted using TLS 1.3
• All data at rest is encrypted using AES-256 encryption
• Access to customer and patient data is governed by role-based access controls
• All data access events are logged in tamper-evident audit trails
• Our infrastructure runs on SOC 2 Type II certified data centers
• We conduct regular third-party security assessments

No system is 100% secure. If you believe your account has been compromised, please contact us immediately at info@vcare-health.com.

We retain account and usage data for the duration of your subscription and for up to 3 years after termination, unless a longer retention period is required by law or your BAA specifies different terms.

PHI is retained according to the terms of your BAA. Upon termination of the service relationship, PHI is returned or destroyed as specified in the BAA, unless applicable law requires longer retention.

Depending on your location, you may have the following rights:

• Access: Request a copy of personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information, subject to legal retention obligations
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to certain processing activities, including marketing communications
• Opt-out: Unsubscribe from marketing emails using the link in any email we send

To exercise these rights, contact us at info@vcare-health.com. We will respond within 30 days.

Note: Patient rights regarding PHI (access, amendment, accounting of disclosures) are governed by HIPAA and must be exercised with the covered entity (your healthcare provider), not with VCare Health directly.

We use cookies and similar technologies for authentication, session management, and understanding how the Services are used. You can control cookies through your browser settings. Disabling certain cookies may affect functionality of the platform.

We do not use third-party advertising cookies or sell browsing data to ad networks.

The VCare Health platform is intended for use by healthcare professionals and business operators. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware that we have collected such information, we will delete it promptly.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or by posting a prominent notice on our website at least 30 days before the changes take effect. Your continued use of the Services after the effective date constitutes acceptance of the updated policy.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, contact our Privacy team:

WTT Solutions LLC (VCare Health)
Privacy Officer
Email: info@vcare-health.com

To request a Business Associate Agreement or discuss HIPAA compliance, visit our demo booking page.