Personally Identifiable information (PiI)
and 
Protected Health Information (PHI)

Social media
(Instagram and Facebook)

Online Reviews and testaments

Website Tracking and analytics

Compromised Data


HIPAA and Marketing

Home Body Being Massage's website www.homebodybeingmassage.com + www.homebodybeingmassage.com/blog, does not collect data about visitors other than the number of times  the website itself has been visited via HBBM's Google Business Profile, found through Google Search. As well as the number of times someone searched directions to Home Body Being Massage's location. No PII or PHI is ever collected by HBBM via website tracking and analytics.

In the unlikely event of a data security breach of Google, Square, constant contact, or Home Body Being Massage's data storage, Home Body Being Massage is legally obligated to inform you how the data was compromised, the extent of the information involved, what you should do to prevent potential harm, and what HBBM is doing to remedy the situation and prevent any future breaches. Home Body Being Massage will utilize email, address, or phone number provided to communicate the breach. Home Body Being Massage and the companies it holds a Baa with take information security very seriously. 

ANY INFORMATION YOU SHARE ON GOOGLE REVIEWS, ON SOCIAL MEDIA, OR OTHER PUBLIC SPACES in support of, or reference to, Home body being massage, IS SUBJECT TO THE DATA AND PRIVACY POLICIES OF THOSE COMPANIES, NOT HOME BODY BEING MASSAGE.

BY LEAVING A REVIEW FOR HOME BODY BEING MASSAGE YOU VERIFY THAT YOU HAVE RECEIVED TREATMENT AT HOME BODY BEING MASSAGE, WHICH WOULD BE CONSIDERED PRIVATE HEALTH INFORMATION UNDER HIPAA, AND YOU RECOGNIZE YOUR PERSONAL RESPONSIBILITY OF DISCLOSING YOUR OWN PHI IN THE PUBLIC DOMAIN. ANY DISCLOSURES OF PHI IN REVIEWS OR COMMENTS OF TESTAMENT ARE SUBJECTED TO BE REFERRENCED IN RESPONSE TO YOUR REVIEW/ COMMENT, BUT ADDITIONAL NONE DISCLOSED PHI WILL NEVER BE REFERRENCED.

Any information you disclose in the public domain of social media is your responsibility. Any information you disclose regarding your connection to HBMM is done through your own free will, with recognition of association with HBBM that may indicate your having received treatment at HBBM, which would be considered PHI.

Any information you disclose in Direct Message to Kristy/ HBBM on Social Media Platforms is under regulation of the respective platforms privacy policy. Home Body Being Massage has no control over how your information is used when collected by Social Media Data Tracking and Analytics.

Home Body Being Massage's Social Media avatars are password protected with 2-step verification.




HIPAA regulations require any business and professional involved in healthcare oriented services and treatments to abide by HIPAA regulations. These regulations require explicit permission from you to use your PHI to contact you digitally in order to market and advertise business updates, services, and promotions directly to you Via email.

Your full name and email address are the only pieces of information stored and used to mass deliver information via constant contact. All mass email recipient information (full name and email address) is stored in Constant Contact's data Cloud. Home Body Being Massage holds a BAA with contstant contact to ensure all data is stored according to hipaa regulation.

All email updates can be unsubscribed by clicking a button in the email labled "Unsubscribe" 
or by contacting kristy directly at
Kristy@homebodybeingmassage.com

Home Body Being Massage (HBBM) does not collect PII or PHI about you, unless and until you disclose your information via direct communication through email, text, phone call, Direct Message on Social media(Instagram and Facebook), scheduling an appointment via SQuare, and submitting an intake form via Google Forms/Docs, or when entrusting information on paper in person.

Home Body Being Massage as a business follows hipaa privacy laws and regulation.

Personally Identifiable Information is your name, contact information, and, any other information that can be directly indicated to you.
Protected Health information is also your name and contact information, when disclosed directly to me via direct communication with the intention to receive treatment at HBBM; as well as, your age, gender, sex at birth, medical diagnosis's, treatments, symptoms, and any other information shared to Home Body Being Massage via the methods described above and to Kristy Chamberland, LMT, CMLDT.

The only person with legal right and access to your information associated with Home Body Being Massage is Kristy Lynn Chamberland, the sole propriotor, operator, and Licensed Massage Therapist of Home Body Being Massage and You.
unless you complete and sign a PHI release waiver to allow for communication between Kristy and specific healthcare personelle.

All purposes of you disclosing information to Home Body Being Massage is for the express purpose of communication between you and Kristy Chamberland, about scheduling, answering your questions, Kristy requesting information to best inform treatment, and to update you about Business Practice and Privacy Policy updates. Home Body Being Massage will explicitly request your permission to use your contact information for marketing in the form of newsletters and promotional oferrings. Home Body Being Massage never sells or discloses any information about you to 3rd parties for the purpose of marketing, data collection, or any other purpose.

Home Body Being Massage does not and will never share your Personally Identifiable Information or Protected Health Information with anyone. unless with written waiver from you according to hipaa regulation. and, in the event of communication & behavior expressing personal harm to yourself or others. In this circumstance your emergency contact will be informed when shared.
In the event of immediate direct harm of the persons or property associated with Home body being massage, the proper safety authorities will be contacted and provided with your information.

HBBM stores your information digitally and physically. all Information is protected with secure passcodes, encryptions, firewalls, and secure locks at all times. Home Body Being Massage holds a Business Associates Agreement with Google, square, and Constant Contact. These Business Associate Agreements hold the companies mentioned accountable for storing your information submitted to HBBM in HIPAA compliant data clouds. These data storage clouds are protected with encryption and firewalls with very specific tracking processes. Your information submitted through Google Forms is digitally stored short term in Google's HIPPA compliant Google WorkSpace Suite Cloud. When you submit an intake form via Google, your data is only collected in Home Body Being Massage's Google drive for short term storage. Information is regularly moved to hard drive storage and backed up in an additional external hard drive storage. All PHI submitted digitally is stored in password, facial recognition, firewall, and, encryption protected hard drives accessable only to home body being massage.


PHI entrusted in physical form is locked in secure boxes with keys and passcodes.

All PHI is documented through the duration of your time associated with Home Body Being Massage as a client. including possibily documentating reason for visit, professional assesment/ observation, and documentation of treatment.
Any PHI discarded is done so via private shredding and full deletion. PHI and PII is discarded after 2 years after no client engagement with Home Body Being Massage.


All access to information received on Home Body Being Massage's end is restricted access. All information is protected by password, facial recognition, 2-step verification sign-in protocols, data encryption, and, firewalls.


It is important to understand that your personal information held in your inbox is only as secure as you ensure it is. Home body Being massage is not to be held responsible for information compromised on your own devices.

Posted January 2024