Disclosure Policy

“The #1 cause of HIPAA fines? Data breaches. Don’t leave your practice unprotected.”

Disclosure Policy
Effective Date: 3/6/25
Last Updated: 3/6/25

Chiro Cyber Coverage (“Company,” “we,” “us,” or “our”) is committed to transparency, security, and compliance with all applicable industry regulations, including HIPAA, GDPR, CCPA, and other cybersecurity and privacy standards. This Disclosure Policy outlines important legal and compliance information regarding our services, data handling practices, and third-party relationships.

1. General Disclaimer

The information provided on our website, in marketing materials, and during cybersecurity consultations is for general informational and educational purposes only. While we strive for accuracy, we do not guarantee that the information is always current, complete, or error-free.

Our services are not a substitute for professional legal or regulatory advice.
We recommend that clients consult their own legal and IT security advisors for specific compliance requirements.
Chiro Cyber Coverage is a cybersecurity and cyber insurance provider but does not function as a law firm, compliance certification agency, or government regulator.

By using our services, you acknowledge and accept these terms.

2. Regulatory Compliance & Security Standards

Chiro Cyber Coverage follows industry-leading cybersecurity protocols and complies with applicable privacy regulations, including but not limited to:

A. HIPAA (Health Insurance Portability and Accountability Act) – U.S.

We adhere to HIPAA Security & Privacy Rules to help protect electronic protected health information (ePHI).
Our services aim to support HIPAA compliance but do not replace your legal obligation to comply with HIPAA regulations.
We provide cybersecurity protection but are not a HIPAA certification authority.

B. GDPR (General Data Protection Regulation) – EU

If you are located in the European Economic Area (EEA), we process personal data in accordance with GDPR.
We do not sell personal data and allow users to exercise their rights under GDPR (see Privacy Policy for details).

C. CCPA (California Consumer Privacy Act) – U.S.

California residents have rights under CCPA, including the right to access, delete, or opt-out of personal data processing.
We do not sell personal data and provide transparency in how we collect and use information.

D. Other Cybersecurity Standards

We implement cybersecurity controls aligned with:
NIST Cybersecurity Framework (National Institute of Standards and Technology)
ISO 27001 (Information Security Management Standard)
SOC 2 Type II Compliance (Security & Privacy Controls for Service Organizations)
However, we do not guarantee that using our services will make your business fully compliant with these frameworks.

3. Third-Party Services & Partnerships

Chiro Cyber Coverage partners with trusted third-party vendors to enhance cybersecurity protection. These third parties may include:

Cloud security providers (e.g., for data storage and encryption)
IT security consultants (e.g., penetration testing and risk assessments)
Cyber insurance providers (e.g., for cyber liability coverage)

A. Third-Party Responsibilities

We carefully vet our partners to ensure industry compliance.
However, we are not responsible for their policies, actions, or breaches.
Clients should review the privacy policies and security terms of third-party services before engaging with them.

B. Affiliate & Referral Relationships

We may recommend third-party cybersecurity tools or cyber insurance providers.
Some recommendations may be affiliate partnerships, meaning we may receive a commission if a client signs up.
These partnerships do not affect our objectivity—we only recommend services that align with industry best practices.

4. No Guarantee of Cybersecurity Protection

While we provide advanced cybersecurity risk mitigation, we do not guarantee 100% protection against cyber threats.

Cybersecurity is an evolving field; new threats emerge constantly.
No system is completely immune to cyberattacks, even with best-in-class security measures.
Our cybersecurity risk assessment helps identify vulnerabilities, but clients remain responsible for implementing security best practices.
We are not liable for any data breaches, HIPAA violations, financial losses, or regulatory penalties that may occur, even if you use our services.

5. Limitations of Liability

To the fullest extent permitted by law:

Chiro Cyber Coverage is not liable for any direct, indirect, incidental, consequential, or punitive damagesarising from the use of our services.
Our maximum liability shall not exceed the amount paid by the client for our services in the previous 12 months.
We do not assume responsibility for losses due to cyberattacks, data breaches, regulatory penalties, or compliance failures.

6. Data Collection & Privacy Practices

Our Privacy Policy explains how we collect, use, and protect your data. Key disclosures include:

We do not sell personal or business data.
We collect only the necessary information to provide cybersecurity services.
Data may be shared with trusted third-party security vendors and partners (see Section 3).
Clients may request access, corrections, or deletion of their personal data (subject to legal requirements).

See our Privacy Policy for full details.

7. Changes to This Disclosure Policy

We may update this Disclosure Policy at any time to reflect changes in laws, regulations, or industry standards.

Updates will be posted on this page.
We encourage you to review this policy regularly.
Your continued use of our services after changes means you accept the revised policy.

8. Contact Information

If you have any questions about this Disclosure Policy or need further clarification, contact us at:

📧 Email: support@chirocybercoverage.com