Privacy Policy & Terms of Use

Privacy Policy

Introduction

Task Health is a service that connects New York State home care agencies with a network of qualified Registered Nurses to perform in-home health assessments. This Privacy Policy and Terms of Use apply to authorized Home Care Agencies using the Task Health web portal to request and manage nursing visits. It explains how we collect, use, and protect data (including patient health information), and outlines the terms governing agency use of the service.

Task Health operates in New York State only and complies with applicable federal and state regulations (including HIPAA and New York State Department of Health requirements).

Information Collected

• Agency Account Information: When an agency creates an account on the Task Health portal, we collect business contact details (agency name, staff users’ names, emails, etc.) needed to manage the account and authenticate users.
• Patient Information: Agencies submit patient details through our web app when requesting an RN visit. This typically includes patient name, contact information (e.g. phone number for scheduling and sharing results), address of the visit, and relevant health information needed for the assessment. All such individually identifiable health information about a patient constitutes Protected Health Information (PHI) under HIPAA. We limit the patient data we collect to what is necessary for the RN to perform the in-home assessment and for us to coordinate that service.
• Health Assessment Data: During and after the visit, the RN (using Task Health’s mobile app) will record assessment findings, care plans, vital signs, signatures, and other required documentation. Our system utilizes New York Department of Health (DOH)-compliant assessment templates, so the data captured aligns with state regulatory requirements. This includes any forms or reports that must be completed for the patient’s care (e.g., initial assessment forms, reassessments, caregiver observation forms, etc.).

Use of Collected Information

• Service Provision: Task Health uses the collected information to provide and manage the in-home nursing services for your agency. Patient information and health data are used to match your request with an available RN, to allow the RN to conduct the assessment, and to generate the required assessment documentation. We use the information to ensure each assessment is thorough and compliant (our system employs AI validation to catch missing signatures or fields, helping maintain completeness and DOH compliance).
• Sharing with Assigned Nurse: The patient details an agency provides are disclosed to the assigned RN contractor who will perform the visit, so they can properly identify and assess the patient. The RN is an independent contractor bound by strict confidentiality and HIPAA obligations.
• Sharing Assessment Results: After the nurse documents the visit, Task Health will share the necessary parts of that documentation with the patient and their caregiver as required by regulation or agency request. We do this via a secure link sent to the patient’s and/or caregiver’s mobile number on file. The link is protected and patient-specific, requiring identity verification to ensure only the intended recipient can view the sensitive information. No PHI is exposed in the SMS message itself -the patient must authenticate through the secure portal to view their information.
• Operational Uses: Task Health may also use agency and patient information for routine operational purposes such as scheduling visits, sending reminders/notifications, providing support, and improving our services. Any communications containing PHI will be done through secure channels.
• Analytics and Improvement: We may internally analyze usage of our portal to improve the user experience. These analytics will not include any identifiable patient health information. We do not sell or monetize personal data.

Data Storage and Retention

All information collected via Task Health is stored on secure cloud servers. Data is currently retained indefinitely by our system, unless deletion is requested or required by law. This means that patient assessment records, once created, remain available in the portal for the agency’s access and to meet record-keeping rules.

Encrypted backups of data are maintained to ensure business continuity and disaster recovery. Even in backup form, PHI remains protected. When data is no longer needed and eligible for deletion, we will securely delete or anonymize it in accordance with HIPAA guidelines and any New York state laws on health data retention.

Agencies may request deletion of their non-patient account data if they cease using the service, but patient health records may be retained as part of the medical record archive unless the law permits full removal.

Third-Party Services and Data Disclosure

Task Health utilizes a number of reputable third-party services (“sub-processors”) as part of delivering our platform:

Other Disclosures: Task Health does not share any agency’s or patient’s personal information with third parties for marketing or other independent uses. We will never sell patient data. We will disclose data to third parties only if required by law or regulation, or if an oversight agency requests records for compliance purposes.

Cookies and Tracking

The Task Health web portal uses minimal cookies or tracking. We may use session cookies to keep agency users securely logged in and to maintain session state. These cookies are strictly functional and contain no personal details beyond an ID. We do not use advertising cookies or intrusive trackers on the agency portal.

By using the portal, you consent to our use of these functional cookies. You cannot opt-out of essential cookies as they are needed for the site to function securely, but we do not use them beyond the scope of providing the service.

Security Measures and HIPAA Compliance

Task Health is fully committed to HIPAA compliance and the protection of PHI. We implement a comprehensive set of administrative, technical, and physical safeguards in line with the HIPAA Security Rule and New York State’s data protection requirements:

Patient Privacy and HIPAA Rights

Patients are not direct users of Task Health’s platform, but their information is processed by us on the agency’s behalf. We encourage agencies to inform patients that their RN assessments may be handled through Task Health.

If a patient exercises their HIPAA rights (for example, requesting access to their health records, requesting an amendment, or requesting an accounting of disclosures), the agency remains responsible for handling that request. Task Health will assist the agency as needed in fulfilling such requests.

We will not use or disclose PHI in any way that is not permitted by HIPAA and our agreements. We do not directly respond to patient inquiries because we typically do not have direct contact information aside from what the agency provided. If a patient or their personal representative contacts us about their data, we will refer them to the agency or cooperate with the agency in accordance with HIPAA’s rules.

Consent and Authorization

By using Task Health’s services and providing patient information to us, the home care agency confirms that it has the authority to do so under HIPAA and applicable law. Typically, no separate patient authorization is required for the agency to share PHI with Task Health, because the disclosure is for treatment or health care operations purposes which HIPAA permits without individual authorization.

The agency’s Notice of Privacy Practices should disclose that the agency uses third parties/business associates for care and operations. If we ever need to use or disclose information in a way not covered by these purposes, we would seek the agency’s direction and ensure proper patient authorization if required by law.

Changes to this Privacy Policy

Task Health may update this Privacy Policy from time to time to reflect changes in our practices or for legal compliance. We will notify agencies of any material changes. Notifications may be sent via email or shown upon login to the portal. Continued use of the service after updates constitutes acceptance of the revised policy. The “last updated” date will be indicated at the top of the policy for reference.

Scope of Service

Task Health provides an online platform and network of contracted Registered Nurses to perform in-home nursing assessments and related home care supervisory visits for licensed home care agencies in New York State. By using our web portal and services, the Home Care Agency (“you” or “Agency”) agrees to these Terms of Use.

These Terms govern your use of the Task Health portal and the services facilitated through it. They are intended to form a binding agreement between the Agency and Task Health. If you do not agree to these Terms, you may not use the service.

These Terms of Use are specific to agency users of Task Health. They do not create any rights for any other party. Task Health’s Privacy Policy (above) is incorporated by reference.

Agency Account and Responsibilities

• Eligibility and Compliance: The Agency represents that it is a properly licensed Home Care Services agency in New York State (e.g., a LHCSA or other entity authorized to arrange personal care and nursing services). The Agency will only use Task Health for patients located in New York State and in accordance with all applicable laws and regulations.
• Account Registration: To use Task Health, the Agency must register for an account on our portal. All information provided during registration must be truthful and accurate. You will designate authorized staff users with unique login credentials. You are responsible for maintaining the confidentiality of your account credentials. If you suspect any unauthorized access, you must promptly notify Task Health.
• Permitted Use: The Agency may use the Task Health portal solely for the purpose of scheduling and managing in-home nurse visits for your patients, and for viewing/downloading the resulting documentation. Any other use of the platform is prohibited. Task Health reserves the right to suspend or terminate access if we detect abuse, misuse, or any activity that compromises patient privacy or service integrity.
• Providing Patient Information: When submitting a visit request, the Agency will provide accurate and only necessary patient information. You confirm that you have the right to share the patient’s health information with Task Health for care coordination. Task Health is not responsible for any delay or failure in service caused by incomplete or incorrect information provided by the Agency.

Our Services and Commitments

• Nurse Assignment: Upon the Agency submitting a visit request, Task Health will endeavor to assign a qualified RN from our network. All RNs are licensed in New York State and meet competency requirements for home care assessments. We verify licensure and credentials and perform background checks. The RN is an independent contractor, not an employee of the Agency. Task Health serves as a facilitator to connect agencies with independent RNs and to provide the technology for documentation.
• Timeliness and Performance: Task Health will make commercially reasonable efforts to ensure visits are completed in a timely manner. We provide scheduling confirmations and status updates through the portal. If a scheduled RN cannot complete a visit, we will attempt to reassign another RN as quickly as possible or reschedule with your approval.
• Documentation: Our platform generates the necessary forms and documentation for each visit using DOH-compliant templates with validation checks (including AI-based field checks). After a visit, the completed assessment report is made available through the portal. It is ultimately the Agency’s responsibility to review the documentation and incorporate it into the patient’s medical record.
• HIPAA and Confidentiality: Task Health will treat all patient and agency information as confidential. We have executed Business Associate Agreements with your Agency and with our subcontractor RNs. In the event of any unauthorized disclosure or breach, we will follow breach notification regulations.

Agency Obligations in Using the Service

• Professional and Legal Compliance: The Agency remains responsible for overall patient care and compliance with any legal obligations relating to the nursing assessments. Task Health is a tool and service to assist you, but it does not replace the Agency’s responsibilities under NYS Department of Health regulations or Medicaid/Medicare requirements.
• Patient Consents and Rights: The Agency should inform patients that an RN from Task Health will visit them. You should obtain any consent needed for treatment or for the sharing of their information. If a patient refuses to have an outside RN or to receive texted documents, inform us so we can accommodate.
• Use of Results and Follow-up: The nursing assessments should be integrated into the Agency’s care planning. It is the Agency’s duty to review the RN’s findings and act on recommendations according to your protocols. Task Health is not providing medical decisions; we provide the information for your team to act on.
• Payment of Services: The Agency agrees to pay for services according to the agreed pricing or fee schedule. Task Health reserves the right to suspend service for non-payment after reasonable notice.

Independent Contractor Nurses and Liability

The Agency acknowledges that the RNs provided via Task Health are independent contractors. While Task Health facilitates the relationship and ensures qualifications, the nurse is not an employee of the Agency. The nurse will perform services in a professional and independent manner consistent with nursing standards and the instructions given by the Agency.

Task Health is not practicing medicine or nursing; we are a coordination service. As such, Task Health does not assume clinical liability for the acts or omissions of the independent RNs beyond facilitating the service. The RNs themselves are licensed professionals accountable for the quality of care they provide. We maintain insurance and require our nurses to have their own professional liability insurance.

Each party agrees to hold the other harmless from any third-party claims to the extent caused by that party’s negligence or misconduct. All parties are expected to carry appropriate insurance as required by industry standards.

Limitation of Liability

Term and Termination

These Terms apply as long as the Agency is using the Task Health service. Either party may terminate the service usage with advance notice. If the Agency wishes to stop using Task Health, it can do so at any time; however, the Agency remains responsible for any outstanding fees for visits already completed or in progress.

Task Health may terminate or suspend the Agency’s access if the Agency materially breaches these Terms and such breach is not cured after notice. In case of termination, Task Health will provide the Agency with a way to retrieve any stored data belonging to the Agency.

Our BAA and confidentiality obligations survive termination -we will continue to protect any PHI obtained during the service even after the relationship ends. Sections regarding liability, indemnity, and data protection survive termination as well.

Governing Law and Dispute Resolution

This agreement is governed by the laws of the State of New York, without regard to its conflict of law principles. Any dispute or claim will be resolved in the state or federal courts located in New York.

We encourage resolving any issues informally first. In the event of a dispute, the parties will attempt in good faith to negotiate a resolution. Only if those efforts fail will we resort to litigation. Each party will be responsible for its own attorneys’ fees unless applicable law provides otherwise.

Miscellaneous

• HIPAA Compliance: Both parties agree to comply with HIPAA and sign the necessary Business Associate Agreement. In case of any conflict between these Terms and the BAA with respect to PHI, the BAA will control.
• Entire Agreement: These Terms (along with the Privacy Policy and any BAA or separate service agreement) constitute the entire agreement. Any changes must be agreed in writing. In the event the Agency has a fully signed master services agreement with Task Health, that agreement’s terms will prevail for the subject matter of any conflict.
• No Third-Party Beneficiaries: These Terms do not confer rights on any third parties (including patients or caregivers).
• Assignment: The Agency may not assign without prior written consent. Task Health may assign in the event of a merger, acquisition, or sale of the business, provided the successor agrees to be bound by these terms.
• Notices: Official notices should be sent in writing to the contacts provided by each party. Day-to-day communications can be done via email or through the portal interface.
• Severability: If any provision is found invalid or unenforceable, the rest of the Terms remain in effect.
• Waiver: A failure by either party to enforce any provision does not constitute a waiver of that provision.

By using Task Health’s platform, you acknowledge that you have read and understood these Terms of Use and agree to be bound by them. We value our partnership with home care agencies and strive to help you deliver high-quality care efficiently and in compliance with the law.