Skip to Content

Notice of Privacy Practices

Last updated: May 14, 2026

1. Information We Collect

We collect information you provide to us and information generated by your care, including:

  • Personal identification information (name, email, phone number, address, date of birth)
  • Protected Health Information (symptoms, diagnoses, treatment history, prescriptions, lab results, imaging)
  • Consultation, appointment and visit records
  • Communication preferences and consent records
  • Audit and access logs (who viewed your record, when, from where)

2. How We Use Your Information

We use your information for:

  • Treatment — providing medical care and coordinating with other providers involved in your care
  • Payment — billing, insurance claims and collecting payment for services
  • Operations — quality improvement, training, accreditation, internal audits
  • Legal and regulatory compliance
  • With your explicit authorization, for any other purpose you approve

3. Information Sharing

We do not sell your personal information. We may share your information:

  • With healthcare providers involved in your care
  • With your insurance company for payment
  • As required by law (e.g. mandatory reporting, court orders)
  • With your explicit consent
  • To protect the health and safety of you or others

Every disclosure outside treatment, payment or operations is logged in your Accounting of Disclosures.

4. Your Rights

You have the right to:

  • Access — review and request a copy of your record (download buttons in your privacy page)
  • Rectification — correct your contact details directly; submit an amendment request for clinical records
  • Erasure — request closure of your account (subject to legal retention requirements)
  • Restriction — restrict how we contact you and what data is used for marketing or research
  • Data Portability — receive your data in a structured, machine-readable format (JSON export)
  • Object — object to processing for marketing or research purposes
  • Accounting of Disclosures — view who your data has been disclosed to
  • Audit Trail — see every access to your record

5. Data Security

We protect your information with administrative, physical and technical safeguards including encryption in transit, access controls, audit logging, multi-factor authentication and password policy enforcement.

6. Data Retention

We retain your information for as long as necessary to provide services and comply with legal obligations. Clinical records are typically retained for at least 6 years after your last visit; access logs are retained for the same period.

7. Contact Us

For privacy questions or to exercise your rights, contact our Privacy Officer:

  • Email: privacy@your-clinic.example
  • Phone: +1 (555) 123-4567