How we collect, use, and protect your information
Effective Date: April 14, 2026
Addiction Accountability Adherence Initiative (“AAAI,” “we,” “us,” or “our”) provides a compliance monitoring platform that supports individuals in substance use disorder (SUD) recovery, their care teams, and their loved ones. This Privacy Policy describes the information we collect through AAAIusa.com and our associated services (the “Service”), how we use and share that information, and the choices and rights you have.
Because we handle sensitive health information, portions of the Service are governed by the Health Insurance Portability and Accountability Act (HIPAA) and 42 CFR Part 2. For a technical description of our safeguards, see our HIPAA Compliance & Data Security page.
When you register, we collect your name, email address, password (stored in hashed form), and the role you select (Client, Professional, or Support).
For users enrolled as Clients, we collect information necessary to monitor compliance with a recovery program, which may include:
Substance test results and testing dates
Meeting attendance logs (e.g., AA, NA, SMART Recovery)
Documents you upload (treatment records, evaluations, correspondence)
Compliance notes and evaluations submitted by authorized care team members
Care team directory information you choose to share
We automatically collect limited technical information such as IP address, browser type, device identifiers, and log data describing how you interact with the Service. This information is used for security, abuse prevention, and to maintain service quality.
To provide and operate the compliance monitoring Service you enrolled in
To allow authorized care team members to coordinate around your recovery program
To authenticate users, enforce role-based access, and secure the platform
To maintain audit logs required under HIPAA and 42 CFR Part 2
To communicate with you about your account, program, or service updates
To comply with legal obligations and respond to valid legal requests
To improve the Service through aggregated, de-identified analytics
We do not sell your personal information or health information, and we do not use it for advertising purposes.
Protected health information (PHI) handled through the Service is safeguarded under HIPAA. Substance use disorder treatment records receive the additional protections of 42 CFR Part 2, which generally prohibits disclosure of SUD records without specific, written consent.
Our HIPAA Compliance & Data Security page describes the administrative, physical, and technical safeguards we apply to PHI, including encryption at rest and in transit, access controls, and Business Associate Agreements with our service providers.
We share information only in the following circumstances:
With your explicit, written consent — for example, when you authorize a professional or support contact to view your records
With members of the care team you have enrolled, limited to the data their role requires
With service providers (e.g., hosting, database, email) that operate under Business Associate Agreements and confidentiality obligations
When required by law, valid subpoena, court order, or as permitted by 42 CFR Part 2
To protect the safety of a user or another person in a genuine emergency, to the extent permitted by law
In connection with a merger, acquisition, or sale of assets, subject to the same privacy commitments
Your recovery data belongs to you. We will never sell, rent, or trade your information.
We retain your information for as long as your account is active and for as long as necessary to provide the Service, comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements. When information is no longer required, we delete or de-identify it in a secure manner. You may request deletion of your account and associated records at any time, subject to retention periods required by law.
Depending on your jurisdiction and the nature of your records, you may have the right to:
Access the personal and health information we hold about you
Request correction of inaccurate or incomplete information
Request deletion of your information, subject to legal retention requirements
Revoke consent previously given to share information with a care team member
Receive a copy of your records in a portable format where applicable
File a complaint with us or with the U.S. Department of Health and Human Services
To exercise these rights, contact us at support@aaaiusa.com. We will respond within the timeframes required by applicable law.
We use strictly necessary cookies and similar technologies to keep you signed in, remember your preferences, and secure your session. We do not use third-party advertising cookies, and we do not track you across other websites for marketing purposes.
You can control cookies through your browser settings. Disabling essential cookies may prevent you from signing in or using parts of the Service.
The Service is intended for users 18 years of age and older. We do not knowingly collect personal information from children under 13. If we learn we have collected such information, we will delete it. Parents or guardians who believe their child has provided us information may contact us at support@aaaiusa.com.
We may update this Privacy Policy from time to time to reflect changes in our practices, the law, or the Service. When we make material changes, we will notify users by email or through an in-product notice and update the Effective Date above. Continued use of the Service after changes become effective constitutes acceptance of the revised policy.
This Privacy Policy is provided for informational purposes and is not legal advice. AAAI is a compliance monitoring platform, not a healthcare provider. If you have questions about how your records are handled by a specific clinician, care team member, or treatment program, please contact that provider directly.
We are happy to answer any questions about how your information is collected, used, or protected.
Contact Us