Privacy Policy & HIPAA Notice

Last updated: 3/8/2026

NOTICE OF PRIVACY PRACTICES

This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

YOUR HEALTH INFORMATION RIGHTS

You have the following rights regarding your protected health information (PHI):

Right to Request Restrictions: You may request restrictions on how your health information is used or disclosed for treatment, payment, or healthcare operations.
Right to Confidential Communications: You may request to receive communications by alternative means or at alternative locations.
Right to Access: You have the right to inspect and obtain copies of your health information.
Right to Amend: You may request amendments to your health information if you believe it is incorrect or incomplete.
Right to an Accounting: You have the right to receive an accounting of disclosures of your health information.
Right to Revoke Authorization: You may revoke any authorization you have given us, except to the extent we have already taken action based on that authorization.

HOW WE USE YOUR INFORMATION

Treatment

We use your health information to provide, coordinate, and manage your healthcare treatment and services. This includes sharing information with other healthcare providers involved in your care.

Payment

We use and disclose your health information to obtain payment for services provided to you, including billing, claims management, and determining insurance coverage.

Healthcare Operations

We use your health information for healthcare operations including quality assessment, staff training, business planning, and administrative activities.

DATA SECURITY & PROTECTION

We implement comprehensive security measures to protect your health information:

Encryption: All data is encrypted using industry-standard AES-256 encryption both in transit and at rest
Access Controls: Access to your information is restricted to authorized personnel only, based on job responsibilities
Audit Logging: All access to health information is logged and monitored for unauthorized access
Regular Security Updates: We perform regular security assessments and system updates
Secure Infrastructure: Our systems are hosted on secure, HIPAA-compliant cloud infrastructure
Staff Training: All staff receive regular training on HIPAA compliance and data security

PERMITTED DISCLOSURES

We may use or disclose your health information without your authorization in the following circumstances:

As required by law
For public health activities
To health oversight agencies for oversight activities
In response to court orders or legal proceedings
To law enforcement officials as required by law
To prevent or lessen serious threats to health or safety
For specialized government functions (e.g., military, national security)
For workers' compensation purposes

BREACH NOTIFICATION

In the unlikely event of a data breach involving your protected health information, we will notify you promptly as required by law, typically within 60 days of discovering the breach.

MINIMUM NECESSARY STANDARD

We follow the minimum necessary standard, meaning we only use, disclose, or request the minimum amount of health information necessary to accomplish the intended purpose.

CHANGES TO THIS NOTICE

We reserve the right to change our privacy practices and the terms of this notice. Any changes will apply to health information we already have about you as well as health information we receive in the future.

CONTACT INFORMATION

Privacy Officer: WhiteCoat MD Privacy Department

Email: privacy@whitecoat-md.com

Phone: 866-326-4896

COMPLAINTS

If you believe your privacy rights have been violated, you may file a complaint with:

WhiteCoat MD Privacy Officer at the contact information above
The Secretary of Health and Human Services

No retaliation: You will not be penalized or retaliated against for filing a complaint.

Effective Date: This notice is effective as of the date above and applies to all protected health information maintained by WhiteCoat MD.