1. Scope of Services

ConciCare delivers a voice-enabled intake platform that transforms clinic paperwork into guided conversations. We grant you a limited, non-exclusive right to access and use the platform for your organization's internal operations while these terms remain in effect.

2. Account Responsibilities

You are responsible for safeguarding account credentials, configuring role-based permissions, and ensuring that only authorized staff members access protected health information. Notify ConciCare immediately if you suspect unauthorized use.

3. Compliance and Data Handling

ConciCare operates exclusively within HIPAA-compliant cloud regions and will enter into a Business Associate Agreement prior to processing any protected health information (PHI). You retain ownership of all intake content. By using the platform, you grant ConciCare a limited, revocable license to process PHI only to deliver contracted features, maintain security, and provide de-identified operational analytics.

• PHI is encrypted in transit (TLS 1.2+) and at rest using FIPS 140-2 validated services with rotating keys.
• We do not use PHI to train public models, build marketing datasets, or for any secondary purpose.
• Sensitive artifacts such as audio files and transcripts inherit your configured retention window. The default retention is 30 days, and you may choose zero-retention streaming so that ConciCare never stores PHI beyond real-time processing.
• All PHI is processed within United States data centers. We will obtain your written consent before enabling any cross-border transfer.

4. Protected Health Information Safeguards

Access to PHI is limited to properly credentialed clinic staff and ConciCare personnel with a demonstrable need-to-know. Administrative and technical controls include mandatory multi-factor authentication, audit logging retained for six years, intrusion detection, and 24/7 monitoring. ConciCare will cooperate with your compliance team during security assessments and promptly report any incident involving PHI in accordance with HIPAA breach notification rules.

5. Acceptable Use

Do not misuse the platform, attempt to breach security, or interfere with other customers. You agree to follow all applicable laws, including those governing the handling of patient information and telehealth communications.

6. Subscription and Billing

Unless otherwise stated in an order form, subscriptions renew automatically at the end of each term. Fees are due within thirty days of invoice. Late payments may result in service suspension until the balance is resolved.

7. Term and Termination

Either party may terminate service with thirty days written notice. ConciCare may suspend or terminate access immediately if you violate these terms or create a security risk. Upon termination, we will make patient data exports available for up to thirty days unless a different period is specified by agreement, after which all hosted PHI is securely deleted in accordance with NIST SP 800-88 guidelines.

8. Disclaimers and Liability

The platform is provided "as is" except where required by law or written agreement. ConciCare is not liable for indirect or consequential damages, and our aggregate liability is limited to fees paid in the preceding twelve months.

9. Changes to These Terms

We may update these Terms of Service from time to time. Material changes will be communicated by email or in-product notice. Continued use after the effective date constitutes acceptance of the revised terms.