Legal

Privacy Policy

Effective Date: March 1, 2026

PrimeHealth (“we,” “our,” or “us”) is committed to protecting your privacy and the security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our website or use our telehealth services.

If you are a patient, please also review the HIPAA section below, which describes your rights regarding your Protected Health Information (PHI).

1. Information We Collect

a. Information You Provide

  • Contact information: name, email, phone number, mailing address, and state of residence.
  • Health and medical information: symptoms, medical history, current medications, lab results, and other health data you provide during intake or consultations.
  • Account credentials: username and password for the patient portal.
  • Payment information: billing address and payment card details processed by our secure payment processor. We do not store full card numbers.
  • Communications: messages, questions, or feedback you send via the portal, email, or phone.

b. Information Collected Automatically

  • IP address, browser type, operating system, and pages visited.
  • Cookies and similar tracking technologies to maintain sessions and analyze usage.
  • Approximate geographic location (state/region).

c. Information from Third Parties

  • Laboratory results from partner labs or external providers you authorize.
  • Pharmacy dispensing information from our fulfillment partners.

2. How We Use Your Information

  • Provide, operate, and improve our telehealth services and patient portal.
  • Process intake forms, schedule consultations, and coordinate care between providers and pharmacies.
  • Send appointment reminders, lab result notifications, prescription updates, and care team messages via SMS and email.
  • Respond to inquiries and provide customer support.
  • Comply with legal and regulatory obligations, including HIPAA.
  • Detect fraud, abuse, and security threats.
  • Analyze aggregate, de-identified data to improve our services and clinical protocols.
  • Send marketing communications — only with your consent where required by law. You may opt out at any time.

3. HIPAA Notice of Privacy Practices

As a covered healthcare entity under HIPAA, we maintain the privacy of your Protected Health Information (PHI) and provide you this notice of our legal duties and privacy practices.

How We May Use and Disclose PHI

  • Treatment: We share PHI with physicians, nurse practitioners, pharmacies, and labs involved in your care.
  • Payment: We may use PHI to bill and collect payment for services.
  • Healthcare Operations: We may use PHI for quality review, training, and administrative functions.
  • As Required by Law: We may disclose PHI to comply with applicable federal or state laws.

We will not sell your PHI. We will not disclose PHI for marketing purposes without your express written authorization.

Your HIPAA Rights

  • Access: Inspect and obtain a copy of your medical records.
  • Correction: Request correction of inaccurate or incomplete PHI.
  • Accounting of Disclosures: Request a list of disclosures we have made of your PHI.
  • Restrictions: Request restrictions on certain uses and disclosures of your PHI.
  • Revoke Authorization: Revoke any authorization you have given, in writing, at any time.

To exercise these rights, contact us at the information in Section 10. You may also file a complaint with the U.S. Department of Health and Human Services at hhs.gov/hipaa/filing-a-complaint. We will not retaliate against you for filing a complaint.

4. How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: Vendors who assist in operating the platform (cloud hosting, payment processing, SMS delivery, lab services) under confidentiality agreements.
  • Business Associates: HIPAA Business Associates under a signed Business Associate Agreement (BAA).
  • Legal Requirements: When required by law, court order, or government authority.
  • Safety: When necessary to prevent serious harm to you or others.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, subject to the same privacy protections.

5. Data Security

We implement industry-standard safeguards to protect your information, including:

  • Encryption of data in transit (TLS) and at rest (AES-256).
  • Role-based access controls limiting PHI access to authorized personnel only.
  • Immutable audit logging of all data access and modifications.
  • AWS infrastructure covered under a HIPAA Business Associate Agreement with Amazon Web Services.

In the event of a data breach affecting your PHI, we will notify you as required by the HIPAA Breach Notification Rule.

6. Data Retention

We retain medical records for a minimum of 7 years from the date of service (or as required by applicable state law). Non-medical personal data is retained as long as necessary to fulfill the purposes described in this Policy or as required by law.

7. SMS / Text Message Communications

By providing your phone number and submitting an intake or lead form, you consent to receive informational SMS messages related to your inquiry and care. Message and data rates may apply. Reply STOP to opt out at any time. Reply HELP for assistance.

8. Children's Privacy

Our services are intended for adults 18 years of age and older. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with information, contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated Policy on this page with a revised Effective Date. Continued use of our services after changes become effective constitutes your acceptance of the updated Policy.

10. Contact Us

If you have questions, concerns, or requests related to this Privacy Policy or your rights under HIPAA, please contact our Privacy Officer:

PrimeHealth

Phone: (954) 445-8144

Email: mike@diametrics.ai