HIPAA Privacy Notice

Last Updated: July 2026

Effective Date: These Terms become effective on the date you first access or use TMatch, or when you explicitly agree to them during account registration.

TMatch is a service provided by Tmind AI Inc., doing business as TMatch. TMatch is not a healthcare provider. When applicable, TMatch may act as a Business Associate under HIPAA in support of providers, practices, clinics, universities, placement sites, or other covered entities that use TMatch.

This notice explains how TMatch may handle Protected Health Information (“PHI”) when HIPAA applies. It does not replace the Notice of Privacy Practices or other privacy notices provided by your therapist, provider, practice, clinic, school, placement site, or other covered entity.

Our Role

TMatch may support provider matching, intake, care navigation, scheduling, communication, self-pay payment support, telehealth access or integrations, client support, security, and related platform operations.

Tracy may help collect and organize information, generate non-diagnostic intake summaries, and support matching and navigation. Tracy does not provide clinical care, diagnosis, treatment, medical advice, crisis intervention, or emergency services.

Uses and Disclosures of PHI

When HIPAA applies, TMatch may use or disclose PHI as permitted by HIPAA, applicable Business Associate Agreements, and other applicable law, including to facilitate provider matching and care navigation; generate intake summaries and matching information for providers; support scheduling, reminders, communications, telehealth access or integrations, and platform support; operate and secure the platform; support payment, billing, refund, dispute, fraud review, or compliance functions where applicable; and meet legal, regulatory, safety, security, audit, or reporting obligations.

TMatch may also create or use de-identified or aggregated information where permitted by HIPAA, applicable agreements, and law.

Your HIPAA Rights

When your information is PHI governed by HIPAA, you may have the right to request access, amendment, restrictions, confidential communications, or an accounting of certain disclosures.

Because TMatch generally acts as a Business Associate when HIPAA applies, some requests may need to be directed to the provider, practice, clinic, school, placement site, or other covered entity responsible for your care or records. You may contact TMatch at hi@tmind.ai, and we will help route requests where appropriate.

Our Responsibilities

When HIPAA applies, TMatch is required to protect PHI in accordance with applicable HIPAA requirements and applicable Business Associate Agreements.

TMatch uses administrative, technical, and physical safeguards designed to protect PHI handled through the platform. If a breach of unsecured PHI occurs, TMatch will provide required notifications to the applicable covered entity or as otherwise required by law.

Non-HIPAA Health Information

Some health-related information handled by TMatch may not be PHI under HIPAA. Such information may still be protected by state privacy laws, consumer health data laws, professional confidentiality obligations, contract, or our Privacy Policy.

Contact

For questions about TMatch’s privacy practices, contact hi@tmind.ai.