HIPAA Disclaimer

Last Updated: 11/13/2025

This HIPAA Disclaimer explains how TidalPath Technology Services, LLC (“TidalPath,” “we,” “our,” or “us”) interacts with healthcare clients and their systems in relation to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). While we help healthcare practices strengthen their security posture and implement HIPAA-aligned safeguards, this website is not intended to store, process, or transmit protected health information (PHI).

---

1. No PHI Collected Through This Website

This website does not collect, store, or transmit any protected health information (PHI). Visitors should not submit patient names, medical details, or any other HIPAA-regulated information through website contact forms or scheduling tools.

---

2. Our Role as a Business Associate

When providing IT services to healthcare clients, TidalPath may act as a Business Associate under HIPAA. In those cases, we follow HIPAA’s administrative, technical, and physical safeguard requirements. We enter into Business Associate Agreements (BAAs) when required by law or contract.

Our services may involve access to systems that store or process PHI, but we do not access PHI directly unless it is required to perform a service task and explicitly authorized by the client.

---

3. No Clinical or Medical Services

TidalPath does not provide medical advice, clinical services, or healthcare treatment. Any decisions related to patient care, clinical operations, or medical workflows are solely the responsibility of the healthcare provider.

---

4. Security Responsibilities

We implement and support HIPAA-aligned IT safeguards, including security configurations, access control, backups, email protection, and device management. However, full HIPAA compliance requires administrative and organizational elements beyond the scope of IT services. These responsibilities remain with the covered entity (the healthcare provider).

Examples of responsibilities that remain with the healthcare organization include employee training, privacy policies, breach notification procedures, and complete HIPAA documentation.

---

5. Third-Party Tools and Integrations

Some services used by TidalPath or integrated into client environments may be provided by third parties. These vendors operate under their own privacy and compliance policies. TidalPath is not responsible for the compliance practices of third-party platforms.

Clients are responsible for verifying whether third-party vendors meet their own HIPAA compliance requirements.

---

6. No Guarantee of HIPAA Compliance

While TidalPath helps clients strengthen IT security, reduce risk, and support HIPAA-aligned safeguards, using our services does not guarantee full HIPAA compliance. Compliance requires organizational, administrative, and procedural elements that extend beyond technology controls.

---

7. Updates to This HIPAA Disclaimer

We may update this disclaimer to reflect changes in regulations, best practices, or our service offerings. Updates will be posted on this page with a revised effective date.

---

8. Contact Us

If you have questions about this HIPAA Disclaimer or our role in supporting HIPAA-aligned IT services, please contact us:

TidalPath Technology Services, LLC
Email: info@tidalpathtech.com
Phone: 631-388-6480
Service Area: Long Island, NY