Amma
Consent to TreatmentTerms of ServicePrivacy Policy

Privacy Policy and HIPAA Notice

Last Updated: November 1, 2025

Company: Amma Inc., a Delaware corporation ("Amma," "we," "us," or "our")

Contact: legal@withamma.co

1. Overview — Our Commitment to Privacy

Amma is an AI-enabled patient advocacy and care-navigation platform that helps adults and caregivers manage healthcare logistics, insurance, and appointments.

We handle your information responsibly, in line with the Health Insurance Portability and Accountability Act (HIPAA), applicable state privacy laws, and modern data-security practices.

We separate information into two main categories:

  • Protected Health Information (PHI) — data we receive or create in connection with healthcare services performed for or on behalf of covered entities (e.g., physicians, insurers).
  • Personal Information (PI) — data you share directly with Amma for account, billing, or communication purposes that is not PHI.

2. Information We Collect

We may collect:

CategoryExamplesPurpose
Personal InformationName, contact details, caregiver relationship, payment dataAccount setup, billing, and notifications
Protected Health Information (PHI)Health conditions, medications, insurance detailsAdvocacy, coordination, and navigation services
Technical DataIP address, device type, browser, usage logsImprove website performance and security
Aggregated / De-identified DataNon-identifiable statistics and trendsAnalytics, AI training, and service improvement

3. How We Use Your Information

We use information to:

  • Provide, personalize, and improve our Services;
  • Facilitate communication between you and your advocate;
  • Coordinate with insurers or providers at your request;
  • Process payments and manage billing;
  • Support AI-driven recommendations and administrative tasks;
  • Conduct internal analytics and service improvement;
  • Comply with legal and regulatory obligations.

We do not sell or rent your personal or health information.

4. HIPAA Compliance and Our Role

When Amma handles PHI for or on behalf of a healthcare provider, insurer, or other covered entity, we act as their Business Associate under HIPAA. We sign appropriate Business Associate Agreements (BAAs) and maintain appropriate safeguards.

Your provider's HIPAA Notice of Privacy Practices may also apply to your PHI. If there is a conflict, the more protective rule governs.

5. How We Share Information

We share information only when necessary:

  • With authorized caregivers who you designate and verify;
  • With your providers or insurers to facilitate navigation or billing;
  • With service vendors under confidentiality agreements;
  • For legal reasons when required by law;
  • During a corporate transaction in compliance with confidentiality obligations.

We do not share PHI or personally identifiable data for advertising purposes.

6. Your Rights and Choices

Depending on your relationship with us and applicable law, you may:

  • Access and receive a copy of your information;
  • Request corrections to inaccurate data;
  • Request deletion of non-PHI personal data;
  • Restrict or object to certain uses or disclosures;
  • Obtain an accounting of PHI disclosures;
  • Withdraw consent for communications;
  • File a complaint with us or with the U.S. Department of Health and Human Services.

To exercise these rights, email legal@withamma.co.

7. Data Security

We take the protection of your personal information seriously and have implemented organizational and technical safeguards to help keep it secure. While we strive to maintain the highest level of security, the transmission of information is done at your own risk.

8. AI Transparency

  • AI outputs are reviewed or monitored by trained staff;
  • AI does not make clinical or medical decisions;
  • De-identified data may be used to improve algorithms;
  • PHI is never used for AI training without explicit written authorization.

9. Cookies and Analytics

Our website may use cookies or similar technologies to maintain session continuity, measure usage, and remember preferences. You can adjust browser settings to disable cookies.

10. Data Retention

We retain information only as long as necessary to deliver Services, comply with legal obligations, resolve disputes, or maintain business records. PHI is retained according to HIPAA requirements.

11. Children's Privacy

Our Services are intended for adults 18 years and older. We do not knowingly collect information from children under 18. If you believe a child has provided data to us, contact support@withamma.co for deletion.

12. Changes to This Notice

We may update this Privacy Policy / HIPAA Notice from time to time. When we do, we will post the revised version with a new effective date. Your continued use of the Services after updates constitutes acceptance.

13. Contact Us

For questions, concerns, or to exercise your rights, please contact legal@withamma.co.

If you believe your privacy rights under HIPAA have been violated, you may also file a complaint with the Office for Civil Rights, U.S. Department of Health and Human Services, without fear of retaliation.