1. Product Boundary: No PHI by Design
Go Live Command is an operational command platform. It is not designed, marketed, or operated as a clinical decision support system, an electronic health record, an electronic prescribing system, or any other system that stores, indexes, or transmits patient-identifying information.
Staff intake fields, knowledge articles, request notes, broadcasts, peer-answer threads, and reports are validated to keep PHI patterns (MRN, DOB, SSN, patient identifiers, payment data, and clinical-decision content) out of the platform.
2. Operational Context Only
Acceptable inputs are limited to operational context: role, unit, area, support category, urgency, callback point, device or workstation identifier, non-PHI notes, and approved workflow guidance.
Customer administrators are responsible for training staff to use the platform within this boundary and for choosing the intake channels (QR, kiosk, intranet, ATE-assisted, or approved chat connector) appropriate for their environment.
3. Business Associate Status
Where a covered entity directs Go Live Command to support operational workflows that may incidentally surface PHI despite the design intent, Go Live Command will execute a Business Associate Agreement (BAA) before production use.
A signed BAA, approved subprocessor list, and the customer's risk assessment must be on file with the customer's privacy office before broad rollout in regulated environments.
4. Safeguards In Place
Administrative safeguards include role-based access control, project activation and offboarding, session revocation, audit logging with tamper-evident hash chain, and credential rotation runbooks.
Physical and technical safeguards include TLS in transit, AES-256-GCM at rest for sensitive fields, MFA-capable identity, signed staff-intake tokens, security headers (CSP, HSTS, COOP, CORP), CSRF protection, and offsite audit archive with write-once retention where configured by the customer.
5. Breach Notification
If Go Live Command becomes aware of a use or disclosure of PHI that is not permitted by the BAA, Go Live Command will notify the affected customer in line with the BAA notification window — typically within 24 hours of detection where the customer has elected the accelerated path.
Go Live Command maintains an incident response plan with severity classification, containment runbooks, credential rotation procedures, evidence preservation, and a quarterly tabletop exercise. The incident response contact roster is provided to each regulated customer at contract signing.
6. Patient Rights and Access
Because Go Live Command is not a system of record for PHI, individual patient rights of access, amendment, accounting of disclosures, and restriction requests under the HIPAA Privacy Rule are exercised against the covered entity, not against Go Live Command.
Where a request involves operational data routed through Go Live Command, Go Live Command will support the covered entity's privacy office with audit records, configuration history, and access logs as required by the BAA.
7. Subprocessors and Data Flow
Go Live Command maintains a subprocessor inventory listing each third-party processor used to deliver the service (identity, database, email, SMS, push, object storage, monitoring, and approved integrations). The current list is available to customers under NDA.
Changes to the subprocessor list are communicated to regulated customers before a new subprocessor handles BAA-scope data. Customers retain the right to object as defined in the BAA.
8. Contact and Effective Date
Privacy and security questions, BAA requests, and subprocessor list requests should be routed to the customer's Go Live Command administrator or the Go Live Command privacy contact identified in the customer agreement.
This Notice is a public summary of the product posture. Signed customer agreements, BAAs, and the HIPAA Privacy and Security Rules control where they differ.