How AAAI protects your sensitive recovery information
We understand the deeply personal nature of substance use recovery. Your health information deserves the highest level of protection, and AAAI was designed from the ground up with healthcare-grade security to ensure your data remains confidential, secure, and under your control.
As a compliance monitoring platform serving individuals in recovery, we recognize our responsibility to safeguard every piece of information you entrust to us—from drug test results and meeting logs to care team communications.
Your recovery data belongs to you. We will never sell, share, or disclose your information without your explicit consent.
AAAI operates in compliance with the Health Insurance Portability and Accountability Act (HIPAA), the federal standard for protecting sensitive patient health information. In addition, because our platform specifically handles substance use disorder (SUD) records, we adhere to 42 CFR Part 2—the federal regulation that provides an extra layer of confidentiality protection for SUD treatment records beyond standard HIPAA requirements.
Administrative safeguards including workforce training and access management policies
Physical safeguards for all systems that store or process health information
Technical safeguards including encryption, access controls, and audit logging
Business Associate Agreements (BAAs) with all third-party service providers
Regular risk assessments and security reviews
42 CFR Part 2 protections ensuring SUD records receive enhanced confidentiality beyond standard HIPAA
All data transmitted between your device and our servers is protected with TLS/SSL encryption, ensuring your information cannot be intercepted during transmission.
Your stored data is secured with AES-256 encryption—the same standard used by financial institutions and government agencies to protect classified information.
Role-based access ensures that care team members only see information relevant to their role. All access is authenticated and authorized before any data is shared.
Our platform is hosted on SOC 2 compliant cloud infrastructure with continuous monitoring, intrusion detection, and regular security assessments.
We only collect information necessary for compliance monitoring—nothing more
Documents and records are only shared with people you explicitly authorize
Care team members see only the data relevant to their specific role
All access to your records is logged in a complete audit trail
Your data is retained only as long as needed for your program and applicable legal requirements
We never sell your data or use it for advertising purposes
As an AAAI user, you have the right to:
Access your own data and request copies of your records at any time
Request corrections to any inaccurate information in your profile
Control who can view your information and revoke access at any time
Contact us with any privacy concerns at support@aaaiusa.com
This page describes AAAI's data security practices and commitments. It is not a legal contract and does not constitute the full Privacy Policy, which will be available separately.
Our security practices may be updated as standards and technologies evolve. Users will be notified of any material changes to how their information is handled.
We are happy to answer any questions about how we protect your information.
Contact Us