Effective: April 10, 2026 | This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
You have the right to: request a copy of your health records, request corrections, request confidential communications, request restrictions on certain uses, receive a list of disclosures we have made, receive a paper copy of this notice, and file a complaint if you believe your privacy rights have been violated.
We may use and disclose your protected health information (PHI) for: treatment (sharing with your providers), payment (processing your charges), and healthcare operations (quality improvement, training). We will not use your PHI for marketing or sell your information.
We are required by law to maintain the privacy and security of your PHI, notify you promptly of any breach, follow the duties and privacy practices described in this notice, and not use or share your information other than as described unless you give us written permission.
We protect your PHI using: AES-256 encryption at rest, TLS 1.3 encryption in transit, role-based access controls, multi-factor authentication for providers, append-only audit logging with 6-year retention, and regular security assessments.