How Do You Protect My Data and Privacy?
When you choose to work with us for your GLP-1 or dual-agonist (GLP-3/retatrutide) treatment, you’re trusting us with sensitive medical and personal information. We take that responsibility seriously. Your privacy and data security are fundamental to our practice, and we comply with all applicable federal and state regulations protecting patient health information. Understanding how we safeguard your data should give you confidence in our commitment to your confidentiality.
HIPAA Compliance and Protected Health Information
We are a HIPAA-compliant healthcare provider. The Health Insurance Portability and Accountability Act (HIPAA) is the federal law that establishes national standards for protecting patient health information. We follow all HIPAA requirements in handling your medical records, test results, consultation notes, and any other protected health information (PHI).
Under HIPAA, you have rights regarding your health information. You have the right to access your medical records, request corrections, understand how your information is used, and receive an accounting of disclosures. We can provide you with copies of your health records upon request, typically within 30 days.
How We Collect and Use Your Information
When you enroll with us, we collect information necessary for your care, including:
- Medical history: Previous diagnoses, medications, allergies, and family health history
- Contact information: Name, email, phone number, and mailing address
- Health measurements: Weight, height, blood pressure, and other clinical data
- Insurance information: Policy numbers and coverage details (only used for billing and coverage verification)
- Consultation notes: Records from your telehealth visits with our providers
We use this information exclusively for your medical care, treatment planning, medication management, billing, and customer support. We never sell your data to third parties, and we don’t use your information for marketing purposes without your explicit consent.
Data Security Measures
We employ comprehensive security measures to protect your information from unauthorized access, disclosure, or misuse:
- Encryption: All data transmitted between your device and our servers is encrypted using industry-standard SSL/TLS protocols
- Secure storage: Patient records are stored in secure, encrypted databases with access controls
- Access controls: Only authorized clinical and administrative staff can access your health information, and access is limited to what’s necessary for their role
- Regular audits: We conduct regular security audits and vulnerability assessments to identify and address potential risks
- Employee training: Our team receives regular training on HIPAA compliance, data security, and patient privacy
- Incident response: We have protocols in place to respond immediately to any suspected data breaches
How We Share Your Information
We only share your health information when necessary for your care or as required by law. Permissible sharing includes:
- Specialty pharmacies: We share prescription information and relevant medical history with our partnered pharmacies to fill and manage your prescriptions
- Insurance companies: We submit necessary medical information to your insurance for billing and prior authorization
- Other providers: With your consent, we can share relevant information with your primary care doctor or other healthcare providers
- Legal requirements: If required by law (such as court orders or government health investigations), we may disclose limited information
We require all third parties who receive your information to maintain the same level of confidentiality and security that we do.
Telehealth Platform Security
Your telehealth consultations are conducted using HIPAA-compliant video conferencing platforms. These platforms use end-to-end encryption to protect the privacy of your video visits. Session recordings are never made without your explicit consent, and any recordings are stored securely and deleted according to our retention policies.
Your Privacy Rights
As a patient, you have several important privacy rights:
- Access: You can request and receive copies of your medical records at any time
- Amendments: You can request corrections or amendments to your health information if you believe it’s inaccurate
- Accounting: You can request a record of who has accessed or received your health information
- Privacy notices: You have the right to receive our Privacy Notice, which explains our privacy practices in detail
- Confidential communications: You can request to receive health information at an alternative address or phone number
Data Retention and Deletion
We retain your health records for the duration of your treatment and for a period thereafter as required by law (typically 6-7 years depending on state regulations). If you request deletion of your account or health records, we will comply with HIPAA requirements while considering any legal obligations to maintain your records.
Questions About Your Privacy
If you have questions about how we protect your data, our privacy practices, or your rights regarding your health information, we’re here to help. You can review our full Privacy Notice on our documentation page, explore more details in our FAQ section, or contact our privacy team with specific questions.
We’re committed to maintaining the highest standards of privacy and security. Your trust in us is essential, and protecting your personal health information is a core value of our organization.
Disclaimer: Results vary. Eligibility determined by a licensed provider. This privacy statement outlines our data protection practices. For our complete Privacy Notice and detailed HIPAA policies, please review our formal documentation or contact us directly.
