Communications Policy

Effective Date: 11/12/25

Approved By: MeaeCare Compliance Department

Applies To: All MeaeCare employees, contractors, agents, and authorized representatives

1. Purpose

The purpose of this Communications Policy is to establish standards for the appropriate use of SMS (text messaging), telephone communications, and email communications by MeaeCare, Inc. (“MeaeCare”). This policy ensures that all communications comply with applicable regulations including HIPAA, the Telephone Consumer Protection Act (TCPA), the CAN‑SPAM Act, and applicable state privacy laws. This policy also ensures that communications protect patient privacy and maintain secure, compliant communication practices.

2. Scope

This policy applies to all MeaeCare personnel and covers all communications conducted on behalf of MeaeCare with patients, health plan members, healthcare partners, prospective patients, and third‑party stakeholders.

The policy applies to communications conducted through SMS / text messaging, telephone calls, and email. Only approved MeaeCare communication systems may be used for patient contact.

3. Approved Communication Systems

MeaeCare uses Microsoft Azure Communication Services as its authorized communication platform. Azure Communication Services is a certified and compliant platform supporting HIPAA compliance, GDPR compliance, SOC 2 compliance, and secure communication infrastructure.

All SMS, phone, and email communications must be sent through approved MeaeCare systems and accounts. The use of personal devices, personal email accounts, or unauthorized messaging platforms for patient communication is strictly prohibited.

4. Permitted Communication Types

MeaeCare may communicate with patients and members for the following purposes:

Operational Communications

• Appointment confirmations
• Appointment reminders
• Screening notifications
• Appointment updates
• Care coordination

Marketing Communications

• Information regarding services offered by MeaeCare
• Preventative screening programs
• Healthcare awareness initiatives

MeaeCare does not use member contact information for recruiting purposes.

5. Consent Requirements

MeaeCare requires proper consent prior to sending SMS messages, emails, or making phone calls.

Phone Call Consent

Patients may be contacted by phone when their health plan recommends services from MeaeCare and consent to contact has been provided by the patient through their health plan.

SMS Consent

Patients must provide explicit consent to receive SMS messages during appointment scheduling by phone. A double opt‑in SMS message must be confirmed before SMS communications begin.

Email Consent

Patients provide email consent during appointment scheduling and may receive confirmation or verification messages validating consent.

6. Opt‑Out Procedures

Patients may withdraw communication consent at any time.

SMS Opt‑Out

Patients may opt out of SMS communications by replying STOP. Once received, MeaeCare will cease SMS messaging to that number.

Email Opt‑Out

Patients may unsubscribe using the unsubscribe link provided within email communications.

Phone Call Opt‑Out

Patients may contact MeaeCare support to request removal from phone communications.

MeaeCare will process opt‑out requests promptly.

7. SMS Communication Policy

MeaeCare SMS communications are one‑way messages used for operational notifications.

SMS messages may include:
• Appointment confirmations
• Appointment reminders
• Screening notifications
• Follow‑up reminders
• Service‑related updates
• Marketing communications (if consented)

SMS communications will not contain Protected Health Information (PHI). Messages are sent through Microsoft Azure Communication Services and may be automatically triggered based on scheduling activity.

8. Email Communication Policy

Email communications may be used for appointment confirmations, reminders, screening notifications, service updates, and marketing communications.

Email communications must be sent through approved secure MeaeCare email systems.

Protected Health Information

Email communications will not contain PHI unless a patient explicitly requests medical results via email and provides consent to receive those results electronically.

9. Phone Call Communication Policy

MeaeCare representatives may contact patients by phone for appointment scheduling, reminders, screening coordination, customer support, and healthcare service outreach.

Phone calls may involve limited PHI, including confirmation of appointment type, screening service, and scheduling details. Employees must verify the identity of the individual before discussing any PHI.

10. Communication Hours

Live phone calls from MeaeCare personnel are conducted during 9:00 AM – 5:00 PM Pacific Standard Time.

SMS and email communications may be automatically generated based on scheduling events. Automated reminders may be sent outside business hours when triggered by scheduling activity but will be delivered at reasonable times appropriate for patient notifications.

11. Employee Communication Restrictions

Employees and agents of MeaeCare must not:

• Use personal phones to contact patients
• Send SMS messages outside approved systems
• Use personal email accounts for patient communication
• Communicate PHI through SMS
• Contact patients outside approved processes
• Circumvent consent requirements

All patient communications must occur through approved MeaeCare communication systems.

12. Security and Data Protection

MeaeCare maintains strict security controls including secure communication platforms, authentication controls, access management, communication logging, and data retention policies to ensure compliance with HIPAA and industry security standards.

13. Call Recording and Communication Logs

All phone calls may be recorded. SMS communications and email communications are logged for quality assurance, compliance, and operational improvement. Communication records may be retained according to MeaeCare data retention policies.

14. Compliance Monitoring

MeaeCare reserves the right to monitor communications to ensure compliance with internal policies, privacy regulations, and security requirements. Violations of this policy may result in disciplinary action, including termination.

15. Policy Updates

MeaeCare may update this Communications Policy periodically to reflect regulatory, operational, or technology changes. Personnel will be notified of significant policy updates.