Whole Health Holistic Medicine Privacy Policy

Effective Date: 1 January 2025

This Privacy Policy describes how Whole Health Holistic Medicine ("we," "us," or "our") collects, uses, discloses, and safeguards the personal information of our patients ("you" or "your").

1. Information We Collect

We may collect the following types of information:

  • Personal Information:

    • Health Information: This includes Protected Health Information (PHI) as defined by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), such as:

      • Medical history

      • Diagnoses

      • Treatment plans

      • Medications

      • Lab results

      • Insurance information

    • Contact Information: Name, phone number, email address, mailing address

    • Demographic Information: Age, gender, date of birth

    • Financial Information: Payment information (credit card numbers, billing addresses) processed through Stripe

  • Information Collected Through Electronic Health Records (EHR):

    • Our EHR system may collect and store additional health information, such as:

      • Appointment schedules

      • Communication records

      • Images (e.g., X-rays, scans)

  • Information Collected by AI Medical Scribe:

    • During patient consultations, an AI medical scribe may be used to transcribe and document patient interactions. This may include:

      • Spoken words

      • Medical terminology

      • Patient responses

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing Healthcare Services:

    • To diagnose, treat, and prevent diseases

    • To develop and manage your treatment plans

    • To coordinate care with other healthcare providers

  • Billing and Insurance Purposes:

    • To process insurance claims

    • To bill for services rendered

    • To collect payments

  • EHR Management:

    • To maintain accurate and up-to-date health records

    • To improve the quality of care

    • To conduct research and quality improvement activities

  • AI Medical Scribe:

    • To improve the efficiency and accuracy of medical documentation

    • To support clinical decision-making

  • Communication:

    • To send appointment reminders

    • To provide important health information

    • To respond to your inquiries

3. Disclosure of Your Information

We may disclose your information in the following circumstances:

  • To Other Healthcare Providers:

    • With your consent or as required by law

    • For treatment purposes

    • For health plan operations

    • For healthcare oversight activities

  • To Health Plans:

    • For insurance claims processing and reimbursement

  • To Business Associates:

    • To entities that perform functions on our behalf (e.g., billing services, data storage)

  • As Required by Law:

    • To comply with legal and regulatory obligations (e.g., subpoenas, court orders)

  • For Public Health Purposes:

    • To report communicable diseases or other public health threats

4. HIPAA Compliance

We are committed to complying with all applicable provisions of HIPAA. We maintain appropriate safeguards to protect the confidentiality, integrity, and availability of PHI.

5. EHR Security

Our EHR system is protected by robust security measures, including:

  • Access Controls:

    • Usernames and passwords

    • Role-based access controls

  • Data Encryption:

    • Encryption of data both at rest and in transit

  • Regular Security Audits:

    • To identify and address potential vulnerabilities

6. AI Medical Scribe

  • Data Privacy:

    • The AI model is trained on de-identified data to protect patient privacy.

    • Patient data is not stored or shared with third parties without proper authorization.

  • Data Security:

    • The AI system has robust security measures in place to protect patient data from unauthorized access.

  • Transparency:

    • We will be transparent with patients about the use of AI medical scribes in their care.

7. Stripe Payments: https://stripe.com/privacy

  • Payment Processing:

    • Stripe processes all credit card payments securely and in accordance with industry best practices.

  • Data Security:

    • Stripe employs advanced security measures to protect your payment information, such as tokenization and encryption.

  • Data Privacy:

    • Stripe adheres to strict data privacy regulations and only uses your payment information for processing transactions.

8. Your Rights

  • Access to Your Information:

    • You have the right to access and review your medical records.

  • Correction of Your Information:

    • You have the right to request corrections to any inaccuracies in your medical records.

  • Privacy Preferences:

    • You may update your contact preferences at any time.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the updated policy on our website.   ‘

10. Contact Us

If you have any questions or concerns about this Privacy Policy, please contact us at:  

(813) 656-8600

lynn@wholehhm.com