TEXOR LINK
Master Terms, Privacy, Compliance, SMS Consent, Medical Disclaimer, Data Security, and Acceptable Use Policy
Effective Date: May 1, 2026
Texor Link is a digital communication facilitation system owned and operated by Smart Prime Care Provider PLLC. Texor Link allows healthcare organizations, clinics, medical offices, hospitals, care teams, and authorized staff to send simple SMS-based follow-up links to patients or users in order to collect limited structured responses regarding healthcare-related follow-up actions such as laboratory orders, imaging orders, referrals, prescriptions, pre-procedure instructions, pre-operative tasks, paperwork, signatures, durable medical equipment, and other care-related instructions.
By accessing, receiving, clicking, responding to, submitting information through, or otherwise using Texor Link, the user, patient, healthcare organization, client, employee, contractor, representative, or any other participant acknowledges that they have read, understood, accepted, and agreed to this Master Terms, Privacy, Compliance, SMS Consent, Medical Disclaimer, Data Security, and Acceptable Use Policy.
Texor Link is intentionally designed as a limited-purpose communication and response-tracking tool. Texor Link is not a healthcare provider, not an emergency service, not an electronic health record, not a patient portal, not a clinical decision support system, not a diagnostic tool, not a treatment platform, and not a substitute for professional medical judgment.
All clinical responsibility remains solely with the licensed healthcare provider, healthcare facility, ordering clinician, and responsible care team.
1. Purpose of Texor Link
Texor Link exists to help healthcare organizations determine whether a patient has completed, not completed, not received, or needs help with a healthcare-related follow-up instruction. The primary purpose is operational visibility, communication closure, follow-up prioritization, and administrative efficiency.
Texor Link may allow a patient or user to select structured response options such as “Completed,” “Not Completed,” “Need Help,” “No Order Received,” “Delivered,” or similar limited response categories. Texor Link may also record limited metadata such as SMS delivery status, link click activity, response time, event identifier, phone number, and associated clinic or healthcare organization identifier.
Texor Link does not independently verify whether a patient response is true, clinically complete, clinically appropriate, or medically sufficient. Texor Link only records the response submitted by the user and makes that response available to the participating healthcare organization.
2. Non-Clinical Use and Medical Disclaimer
Texor Link does not provide medical advice, diagnosis, treatment, triage, medical recommendations, emergency guidance, medication advice, interpretation of laboratory results, interpretation of imaging results, referral judgment, clinical prioritization, or any professional healthcare service.
Any content sent through Texor Link is initiated by a healthcare organization or authorized user. Texor Link does not create medical orders, modify medical orders, cancel medical orders, interpret orders, or determine whether an order is appropriate.
A patient response submitted through Texor Link should not be considered a substitute for direct communication with the patient’s healthcare provider. Patients should contact their healthcare provider directly for medical questions.
Texor Link is not monitored as an emergency communication system. If a user is experiencing a medical emergency, severe symptoms, worsening condition, chest pain, shortness of breath, stroke symptoms, suicidal thoughts, severe allergic reaction, uncontrolled bleeding, severe pain, or any urgent medical concern, the user should call 911 or seek immediate emergency medical care.
Texor Link is not responsible for adverse medical outcomes, delayed care, missed care, failure to complete orders, failure to receive orders, failure to respond, technical errors, message delays, phone carrier issues, incorrect phone numbers, inaccurate patient responses, or healthcare provider follow-up decisions.
3. HIPAA and Healthcare Privacy Positioning
Texor Link may handle information that could be considered protected health information, depending on how a healthcare organization uses the platform. Under HIPAA, protected health information includes individually identifiable health information held or transmitted by covered entities or business associates. The HIPAA Privacy Rule applies to covered healthcare providers, health plans, healthcare clearinghouses, and, in certain circumstances, business associates.
When Texor Link creates, receives, maintains, or transmits protected health information on behalf of a covered entity, Texor Link may function as a business associate. HIPAA allows covered entities to disclose protected health information to business associates if satisfactory assurances exist that the business associate will use the information only for the permitted purpose, safeguard the information, and help the covered entity meet applicable obligations.
Texor Link is designed to minimize protected health information whenever reasonably possible. Texor Link should not be used to transmit detailed diagnoses, test results, full medical records, clinical notes, sensitive images, psychiatric details, substance use details, reproductive health details, HIV status, genetic information, or other highly sensitive health information unless the healthcare organization has determined that such use is lawful, necessary, properly authorized, and covered by appropriate agreements.
Texor Link’s preferred design is a minimal-data model using phone number, event ID, order category, delivery status, and structured response status only.
4. Minimum Necessary Data Policy
Texor Link follows a minimum necessary approach. The platform should collect, store, transmit, and display only the information reasonably needed to support follow-up communication.
Texor Link should generally collect only the following limited information:
Phone number, event identifier, clinic or organization identifier, message delivery status, link click status, response selection, response timestamp, order category, and technical metadata necessary for security, audit, troubleshooting, fraud prevention, and compliance.
Texor Link should avoid collecting or displaying:
Full diagnosis, detailed symptoms, lab values, imaging results, medication details, clinical notes, insurance details, Social Security numbers, driver’s license numbers, financial account information, full medical records, highly sensitive health information, and unnecessary demographic data.
If a healthcare organization chooses to enter additional information into Texor Link, that organization is responsible for ensuring the information is necessary, lawful, permitted, secure, and consistent with applicable privacy obligations.
5. Patient Confidentiality
Texor Link must be used in a manner that protects patient confidentiality. Healthcare organizations are responsible for ensuring that only authorized workforce members access TexorLink and that patient-related information is not disclosed to unauthorized individuals.
Texor Link should not be accessed on shared, unsecured, public, or unattended devices. Authorized users should not share login credentials, export data unnecessarily, screenshot patient information without authorization, or transmit Texor Link information through unsecured channels.
Texor Link may maintain access logs, audit trails, and administrative records to help identify unauthorized access, improper use, suspicious activity, or compliance concerns.
6. SMS Communication Consent
By providing a phone number to a healthcare organization and/or interacting with Texor Link, the user consents to receive healthcare-related SMS messages from or on behalf of the healthcare organization through Texor Link. These messages may include follow-up reminders, care instruction confirmation requests, order completion questions, response links, and related operational healthcare communications.
Message and data rates may apply. Message frequency may vary. Users may opt out by replying STOP where supported. Users may request assistance by replying HELP where supported.
Texor Link does not send marketing messages unless a separate lawful marketing consent process has been established. Texor Link should be used only for healthcare-related operational communication initiated by or on behalf of the healthcare organization.
The FCC regulates interstate and international communications, and SMS/texting practices may implicate federal communications rules, including TCPA-related consent and opt-out expectations. Healthcare organizations using Texor Link are responsible for obtaining and documenting any consent required for SMS communication.
Consent to receive Texor Link messages is not a condition of receiving medical care unless otherwise permitted by applicable law and the healthcare organization’s policies.
7. SMS Content Safety Rules
SMS messages sent through Texor Link should be written with privacy and confidentiality in mind. SMS messages should not include sensitive clinical details unless legally reviewed and specifically approved.
Preferred message style:
“Your care team has a follow-up request. Please use this secure link to respond.”
Avoid messages such as:
“Your abnormal CT scan needs urgent follow-up.”
“Your HIV lab result is pending.”
“Your depression medication was not picked up.”
“Your pregnancy ultrasound referral is incomplete.”
SMS content should remain generic, limited, and discreet. Detailed clinical communication should occur through the healthcare organization’s approved secure channels.
8. User Responsibilities
Users agree to provide accurate information when responding through Texor Link. Users should not submit false responses, impersonate another person, interfere with system operations, attempt unauthorized access, bypass security controls, misuse links, forward links to unauthorized individuals, or use Texor Link for harassment, fraud, abuse, or non-healthcare purposes.
Users are responsible for maintaining access to their own phone numbers, devices, and messages. Texor Link is not responsible if a user’s phone number is incorrect, reassigned, shared, compromised, unavailable, blocked, filtered, or accessed by another person.
If a user receives a Texor Link message in error, the user should not respond with health information and should notify the sending healthcare organization or contact admin@smartprimecare.com.
9. Healthcare Organization and Client Responsibilities
Healthcare organizations using Texor Link are responsible for lawful and appropriate use of the platform. This includes obtaining patient consent where required, ensuring authorized access, training workforce members, entering only necessary information, monitoring responses, following up clinically when needed, maintaining their own medical records, and complying with HIPAA, state privacy laws, professional licensing obligations, medical record retention rules, and applicable healthcare regulations.
Texor Link does not replace the healthcare organization’s duty to follow up with patients, review results, track orders, document care, maintain medical records, or respond to urgent clinical issues.
Healthcare organizations are responsible for deciding what action, if any, should be taken based on a patient response or non-response.
10. Business Associate Agreements
Where required by HIPAA or applicable law, Texor Link may enter into a Business Associate Agreement with covered entities. Texor Link may also require appropriate agreements with vendors, contractors, developers, hosting providers, SMS providers, database providers, analytics providers, support providers, and other service providers who may create, receive, maintain, or transmit protected health information on behalf of Texor Link.
No healthcare organization should use Texor Link for protected health information unless required privacy and security agreements are in place.
11. Vendor and Infrastructure Safeguards
Texor Link may use third-party vendors for hosting, messaging, database management, authentication, monitoring, analytics, security, support, or technical operations. Texor Link will seek to use vendors that maintain appropriate security standards and, where applicable, are willing to sign Business Associate Agreements.
Texor Link may rely on infrastructure safeguards such as encrypted transmission, encrypted storage, role-based access, secure authentication, restricted administrative access, logging, monitoring, backups, and vulnerability management.
The HIPAA Security Rule establishes standards for protecting electronic protected health information through administrative, physical, and technical safeguards, including confidentiality, integrity, and availability of ePHI. Texor Link’s operational safeguards should be designed around those principles.
12. Security Controls
Texor Link should implement reasonable administrative, technical, and physical safeguards, including:
Secure login for authorized clients and administrators.
Role-based access control.
Unique user accounts.
Prohibition on shared credentials.
Strong password requirements.
Multi-factor authentication where feasible.
Encryption in transit.
Encryption at rest.
Tokenized links.
No protected health information in public URLs.
Time-limited links.
Link expiration.
Audit logs.
Admin activity logs.
Clinic-level data separation.
Least-privilege access.
Secure database configuration.
Routine vulnerability review.
Incident response process.
Backup and disaster recovery planning.
Access termination when staff leave a client organization.
Workforce confidentiality obligations.
Vendor security review.
Periodic compliance review.
13. Audit Trail and Legal Evidence Preservation
Texor Link may maintain audit records to document platform activity. These records may include message creation time, message send time, SMS delivery status, failed delivery status, link click time, user response, response timestamp, account activity, login activity, administrative actions, and technical logs.
These logs may be used for compliance, quality assurance, billing, troubleshooting, operational analysis, legal defense, fraud prevention, security investigations, and contractual enforcement.
Audit logs do not prove that a patient completed a medical order unless the patient or healthcare organization separately confirms completion. Audit logs only reflect recorded platform activity.
14. Data Retention
Texor Link should retain information only as long as reasonably necessary for operational, legal, contractual, compliance, audit, security, billing, and dispute-resolution purposes.
Because Texor Link is not intended to serve as the official medical record, healthcare organizations remain responsible for maintaining their own legally required medical records.
Texor Link may delete, archive, de-identify, or anonymize information after a defined retention period. A practical retention policy may be 30 to 90 days for routine event data unless a longer period is required by contract, law, investigation, litigation hold, billing need, or compliance obligation.
15. De-Identification and Analytics
Texor Link may use aggregated, anonymized, or de-identified data for operational analytics, product improvement, reporting, quality analysis, business planning, investor reporting, internal benchmarking, and system optimization.
Texor Link should not sell identifiable patient data. Texor Link should not use identifiable patient data for advertising, marketing, profiling, or unrelated commercial purposes without lawful authorization.
16. Website Use
Texor Link’s website may provide information about the platform, product features, client use cases, pricing, demos, educational material, and contact forms. Website users agree not to misuse the website, attempt to interfere with its operation, scrape content, copy protected materials, impersonate others, submit malicious code, or use the website unlawfully.
Website content is for informational purposes only. It does not create a provider-patient relationship, attorney-client relationship, fiduciary relationship, or contractual relationship unless a separate written agreement is executed.
Texor Link may update website content, policies, pricing, features, or platform availability at any time.
17. Account Access and Authorization
Healthcare organizations are responsible for designating authorized users. Authorized users must access Texor Link only for legitimate business purposes related to their role.
Texor Link may suspend or terminate user access if there is suspected unauthorized use, security risk, policy violation, nonpayment, misuse, regulatory concern, contractual breach, or risk to patients, clients, the platform, or Smart Prime Care Provider PLLC.
18. No Guarantee of Message Delivery or Patient Response
Texor Link relies on third-party networks, phone carriers, SMS providers, internet services, device settings, user behavior, and technical infrastructure. Texor Link does not guarantee that a message will be delivered, opened, read, understood, or answered.
A message may fail due to wrong phone number, blocked sender, carrier filtering, device malfunction, changed number, poor connectivity, spam filtering, user opt-out, vendor outage, or other causes outside Texor Link’s control.
Healthcare organizations must not rely solely on Texor Link for urgent, critical, high-risk, time-sensitive, or legally mandated follow-up.
19. High-Risk Use Restrictions
Texor Link should not be used as the only communication method for:
Emergencies.
Critical lab results.
Life-threatening findings.
Abnormal imaging requiring urgent action.
Suicidal ideation.
Severe medication reactions.
Post-operative complications.
Time-sensitive cancer diagnosis communication.
High-risk pregnancy emergencies.
Stroke or cardiac symptoms.
Any situation requiring immediate clinician intervention.
In high-risk situations, healthcare organizations should use direct phone calls, secure clinical messaging, certified mail, emergency outreach, portal communication, documented escalation protocols, or other appropriate clinical workflows.
20. Patient Non-Response
Patient non-response does not mean refusal of care, completion of care, medical stability, or absence of risk. It only means that no response was recorded in Texor Link.
Healthcare organizations remain responsible for determining whether additional outreach is required.
21. “Completed” Response Limitation
If a user selects “Completed,” that response reflects only the user’s statement. Texor Link does not verify completion with a laboratory, imaging center, pharmacy, referral office, hospital, insurance carrier, or medical record system unless separately integrated and validated.
Healthcare organizations should verify completion independently where clinically or legally necessary.
22. “No Order Received” Response Limitation
If a user selects “No Order Received,” Texor Link records the user’s response and may alert the healthcare organization. Texor Link does not determine whether the order was actually sent, received, processed, faxed, transmitted, authorized, approved, or available.
Healthcare organizations are responsible for investigating and resolving order transmission issues.
23. “Need Help” Response Limitation
If a user selects “Need Help,” Texor Link may notify the healthcare organization according to platform settings. Texor Link does not provide real-time triage and does not guarantee immediate response.
Patients with urgent needs should contact their healthcare provider directly or seek emergency care when appropriate.
24. Payment, Subscription, and Client Terms
If Texor Link is provided under a paid arrangement, payment terms, subscription fees, cancellation rules, refunds, service levels, and client obligations may be governed by a separate written agreement.
Use of Texor Link may be suspended for nonpayment, misuse, security risk, or violation of terms.
25. Intellectual Property
The Texor Link name, logo, design, workflow, software, dashboard, SMS flow, event tracking method, content, templates, documentation, interface, and related materials are owned by Smart Prime Care Provider PLLC or its licensors unless otherwise stated.
Users and clients may not copy, reproduce, reverse engineer, resell, sublicense, imitate, scrape, duplicate, modify, or commercially exploit Texor Link without written permission.
26. Marketing Claims and Outcome Limitations
Texor Link may describe operational benefits such as improved visibility, reduced manual follow-up burden, faster response capture, or better identification of patients needing outreach. Such statements are not guarantees.
Texor Link does not guarantee improved clinical outcomes, reduced readmissions, reduced malpractice risk, reduced penalties, improved quality scores, patient adherence, cost savings, revenue increase, staffing reduction, or regulatory compliance.
Any return-on-investment estimates, staffing estimates, completion-rate estimates, or impact metrics are illustrative unless supported by a specific written analysis.
27. Limitation of Liability
To the fullest extent permitted by law, Smart Prime Care Provider PLLC, Texor Link, its owners, officers, employees, contractors, vendors, affiliates, representatives, and licensors shall not be liable for indirect, incidental, consequential, special, punitive, exemplary, or economic damages arising from use of Texor Link.
This includes damages related to missed follow-up, delayed communication, failed SMS delivery, incorrect patient response, unauthorized access, patient non-compliance, clinical deterioration, medical outcomes, data loss, service interruption, vendor failure, cybersecurity events, or client misuse.
Texor Link’s liability, if any, shall be limited to the amount paid by the client for Texor Link services during the applicable period, unless otherwise required by law or separately agreed in writing.
28. Indemnification
Clients, healthcare organizations, and authorized users agree to defend, indemnify, and hold harmless Smart Prime Care Provider PLLC, Texor Link, its owners, officers, employees, contractors, vendors, affiliates, representatives, and licensors from claims, damages, losses, liabilities, penalties, costs, and expenses arising from misuse of the platform, unauthorized disclosure, improper SMS consent, inaccurate data entry, clinical decisions, failure to follow up, violation of law, workforce misuse, breach of this policy, or use of Texor Link outside its intended purpose.
29. Breach and Incident Response
Texor Link will maintain a process for identifying, investigating, containing, mitigating, and documenting suspected security incidents. If a breach or reportable incident occurs, Texor Link will follow applicable legal, contractual, and regulatory notification obligations.
Depending on the facts, privacy incidents may implicate HIPAA breach notification obligations, state breach notification laws, contractual notice requirements, or other regulatory frameworks. The FTC also enforces consumer protection laws against deceptive or unfair business practices, and certain health data products may implicate FTC health data rules where HIPAA does not apply.
30. Changes to This Policy
Texor Link may update this Master Policy from time to time. Updated versions may be posted on the website or otherwise made available. Continued use of Texor Link after updates means the user or client accepts the updated version.
31. Governing Law
This policy and use of Texor Link shall be governed by the laws of the Commonwealth of Virginia, without regard to conflict-of-law principles. Any disputes shall be resolved in appropriate courts located in Virginia unless another venue is required by law or agreed in a separate written contract.
32. Contact
Questions regarding Texor Link, privacy, security, compliance, or this policy may be sent to:
Smart Prime Care Provider PLLC
4103 Lafayette Blvd
Fredericksburg, VA 22408
Email: admin@smartprimecare.com