Privacy Policy

Prado Hospice LLC ("we," "our," or "us") is committed to protecting your privacy and safeguarding your personal and health information. This Privacy Policy describes the information we collect, how we use it, how we protect it, and your rights. It also incorporates federal HIPAA requirements and Wisconsin-specific laws.

1. Information We Collect

     1.1 Personal Information

· Name, email address, mailing address, and phone number.

· Account and communication preferences, including SMS opt-in status.

     1.2 Protected Health Information (PHI)

As a health care provider, we may collect PHI that identifies you or relates to your past, present, or future health status and care, such as medical history, diagnoses, treatment information, care plans, and contact information for care coordination. PHI is protected under HIPAA and Wisconsin law.

     1.3 Information Collected Automatically

· IP address, browser type, device identifiers, pages viewed, and referring/exit pages.

· Cookies and similar technologies used for site performance, security, and analytics (you may manage cookies via your browser settings).

2. How We Use Your Information

· Provide hospice, palliative, and supportive services; coordinate treatment, payment, and health care operations ("TPO").

· Respond to inquiries and provide service-related communications.

· Send optional marketing messages (only with your explicit consent).

· Improve site functionality, quality, safety, and security; conduct analytics and quality improvement.

· Comply with legal obligations and enforce terms and policies.

3. SMS Consent & Communications

If you opt in to receive SMS messages, we will use your phone number only for: appointment reminders, care coordination, support updates, and—if expressly permitted—marketing messages. You may opt out at any time by replying STOP; reply HELP for help.

Important: SMS consent and phone numbers are never sold, rented, or shared with any third parties or affiliates for any purpose. We do not disclose SMS-related information to outside organizations. Standard message and data rates may apply.

4. HIPAA Uses & Disclosures (TPO) and Wisconsin Law

We may use and disclose PHI as permitted by HIPAA for treatment, payment, and health care operations (TPO). Under Wisconsin law (Wis. Stat. §§ 146.81–146.84; § 146.816), disclosures for TPO made in compliance with HIPAA are authorized. Certain categories of records—such as mental health treatment, developmental disability, and substance use disorder treatment records—receive heightened protection (e.g., Wis. Stat. § 51.30; 42 C.F.R. Part 2). We do not use or disclose PHI for marketing or sale without your written authorization.

5. How We Share Information

     5.1 Business Associates & Service Providers

We share personal information (and PHI when necessary) with trusted vendors who perform services for us (e.g., hosting, EHR, analytics, email delivery, IT support). Business Associates handling PHI are required to sign Business Associate Agreements (BAAs) and use the information only as instructed. SMS consent and phone numbers are not shared with any third parties or affiliates.

     5.2 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect rights, safety, or security, consistent with HIPAA and Wisconsin law.

     5.3 Business Transfers

If we undergo a merger, acquisition, or similar transaction, personal information may be transferred as permitted by law. SMS consent data will not be transferred or shared.

6. Your Rights (HIPAA & Wisconsin)

· Access: You may request access to your PHI and obtain a copy, subject to limited exceptions (HIPAA; Wis. Stat. § 146.83).

· Amend: You may request corrections to your PHI.

· Accounting: You may request an accounting of certain disclosures.

· Restrictions & Confidential Communications: You may request limits on certain uses/disclosures and alternate means/locations for communications.

· Copy Fees (Wisconsin): Copying charges and formats are governed by Wis. Stat. § 146.83; Medicaid-eligible patients may be entitled to reduced copy fees as provided by law.

7. Wisconsin-Specific Requirements

     7.1 Patient Health Care Records

Wisconsin law (Wis. Stat. §§ 146.81–146.84) governs confidentiality, access, redisclosure, and copy fees for patient health care records, including documentation of requests and permitted redisclosures. We comply with these requirements, including limitations on redisclosure by non-covered entities.

     7.2 Mental Health, Developmental Disability, and Substance Use Treatment Records

Wisconsin law (Wis. Stat. § 51.30; Wis. Admin. Code ch. DHS 92) provides special protections for "treatment records." We will obtain informed written consent or meet a specific exception before disclosures outside the treating facility, consistent with HIPAA and, where applicable, 42 C.F.R. Part 2.

     7.3 Data Breach Notification

If personal information (as defined by Wis. Stat. § 134.98) is acquired by an unauthorized person and presents a material risk of identity theft or fraud, we will notify affected Wisconsin residents within a reasonable time, not to exceed 45 days after discovery, and notify nationwide consumer reporting agencies if a single incident affects 1,000 or more residents. HIPAA breach notification duties for unsecured PHI also apply.

     7.4 Disposal of Records Containing Personal Information

As a medical business, we dispose of records containing personal information in accordance with Wis. Stat. § 134.97 (e.g., shredding, erasing, or otherwise rendering information unreadable) and applicable HIPAA retention/disposal standards.

     7.5 Telemarketing & Texting (Wisconsin & Federal)

We comply with federal TCPA requirements and Wisconsin telephone solicitation rules (Wis. Stat. § 100.52; Wis. Admin. Code ch. ATCP 127) for any marketing texts or calls. We obtain express written consent before sending marketing texts; honor Do-Not-Call rules and opt-out requests; restrict messaging to permitted hours; and maintain records of consent. We do not share or sell SMS consent or phone numbers to third parties or affiliates.

8. Data Security

We maintain administrative, technical, and physical safeguards aligned with HIPAA Security Rule standards to protect PHI and other personal information, including encryption in transit, access controls, staff training, and auditing. No system is 100% secure; please use appropriate care when transmitting information.

9. Children’s Privacy

Our website is not directed to children under 13. Minors’ consent and confidentiality for specific services may be governed by Wisconsin and federal law; where minors lawfully consent to care, additional confidentiality protections may apply under state law.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post updates with a revised “Last Updated” date.

*Last updated February 3, 2026