Privacy Policy

1. Introduction

Warriors Hope Foundation (“the Foundation,” “we,” “our,” or “us”) is committed to protecting the privacy, confidentiality, and security of all personal information entrusted to us. This Privacy Policy explains how we collect, use, disclose, and safeguard information, including Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). We follow the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule to the extent they apply to our services and operations.

2. Scope of This Policy

This policy applies to:

Veterans, service members, and family members who participate in our programs
Individuals who communicate with us or submit information through our website
Donors, volunteers, partners, and community members

This policy covers all personal information and PHI we receive, store, transmit, or process.

3. Information We Collect

Personal Information

We may collect:

Name, address, phone number, email
Demographic information
Emergency contact information

Protected Health Information (PHI)

PHI may include:

Medical history, diagnoses, or treatment information
Mental health or wellness information
Service‑related health concerns
Any individually identifiable health information

Technical Information

We may collect:

IP address, browser type, device information
Website usage analytics

4. How We Use Information

We use personal and health information to:

Provide veteran support programs and services
Coordinate care, referrals, and case management
Communicate with participants about services, events, and resources
Improve program quality and operational effectiveness
Comply with legal, regulatory, and reporting requirements

We do not use PHI for marketing without explicit written authorization.

5. How We Share Information

We may disclose information only as permitted under HIPAA, including:

With your written authorization
For treatment, coordination, or referral purposes
With service partners or vendors under Business Associate Agreements (BAAs)
When required by law, such as safety concerns or court orders

We do not sell or rent personal information or PHI.

6. Data Protection & Security

To comply with HIPAA’s Security Rule, we implement:

Administrative safeguards: staff training, access controls, privacy procedures
Technical safeguards: encryption, secure storage, audit logs, authentication controls
Physical safeguards: restricted access, secure facilities, protected storage systems

We regularly review and update our security practices.

7. Your Rights Under HIPAA

You have the right to:

Access and obtain a copy of your PHI Request corrections to your records
Request restrictions on certain uses or disclosures
Request confidential communications
Receive an accounting of disclosures
File a privacy complaint without fear of retaliation

Requests may require written verification of identity.

8. Breach Notification

If a breach involving your PHI occurs, we will notify you in accordance with the HIPAA Breach Notification Rule. This includes:

Direct notification to affected individuals
Notification to the U.S. Department of Health and Human Services (HHS)
Media notification when required by law

9. Third‑Party Services

Any third‑party vendors or partners who handle PHI on our behalf must sign a Business Associate Agreement (BAA) and comply with HIPAA standards.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in regulations, organizational practices, or service offerings. Updated versions will be posted on our website and available upon request.

11. Contact Information

Warriors Hope Foundation

Address: __________________________

Email: ____________________________ Phone: ____________________________