XiPillarSign In

Privacy Policy

Version 1.0Effective: March 12, 2026

11. Overview

XiPillar is a HIPAA-compliant case management platform operated for Texas Cornerstone Services ("TCS"). This Privacy Policy describes how we collect, use, store, and protect information entered into the platform, including Protected Health Information (PHI) as defined under HIPAA (45 CFR Parts 160 & 164).

22. Information We Collect

Account Information

Name, email address, job title, and authentication credentials for staff accounts.

Client Records (PHI)

Names, dates of birth, contact information, case notes, session records, and service plans.

System Logs

Access logs, audit trails, and session activity data collected for security per HIPAA §164.312(b).

33. How We Use Information

We use the collected information to provide case management services, maintain compliance with federal and state laws, and ensure the security of PHI. We do not sell or rent client information to third parties.

  • To provide case management and counseling support services
  • To maintain compliance with HIPAA, HITECH, and Texas law
  • To generate audit logs for security monitoring
  • To support authorized staff in delivering client services

44. HIPAA Compliance

XiPillar is designed to support HIPAA compliance requirements through robust access controls, automatic session termination, detailed audit logging, and encryption of all data in transit.

Access Controls (§164.312(a)(1))Automatic Logoff (§164.312(a)(2)(iii))Audit Controls (§164.312(b))Transmission Security (§164.312(e)(1))

55. Data Security

Client data is stored in a secured cloud database with row-level security policies ensuring authorized access only. All data is encrypted at rest and in transit using industry-standard protocols.

Compliance Concerns

For questions about this Privacy Policy or to report a privacy concern, contact your organization's designated Privacy Officer or system administrator.

← Back to Sign In