Vibrant Skin Solutions("we," "us," or "our") is committed to protecting the privacy and security of your personal information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our services, website, and interact with us. We are compliant with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and are committed to protecting your Protected Health Information (PHI).
1. Information We CollectWe may collect the following types of information:
Personal Information: Information that identifies you directly, such as your name, address, phone number, email address, date of birth, and gender.
Medical and Health Information (PHI): Information relating to your past, present or future physical or mental health or condition, payment for healthcare, or provision of healthcare that identifies you, including your medical history, lab results, treatment plans, and medication information.
Payment Information:Information necessary to process payments, such as credit card or bank account details (note: we use secure, third-party payment processors and do not store complete credit card numbers).
Website Usage Information: Information about how you use our website, such as IP address, browser type, device information, and pages visited.
Information Collected during Consultations: notes from verbal, virtual or written forms.
Other Information: Any other information you voluntarily provide to us.
2. How We Use Your Information.We use your information for the following purposes:
Providing Services: To provide you with medical consultations, treatment plans, hormone replacement therapy, weight management services, aesthetic procedures, and any other services you request.
Communication: To communicate with you about appointments, treatment plans, test results, billing, and other matters related to our services.
Payment Processing: To process your payments for services.
Record Keeping: To maintain accurate records of your treatment.
Website Improvement: To improve our website, diagnose technical problems, and enhance your user experience.
Legal Compliance: To comply with applicable laws, regulations, and legal processes.
Internal Operations: For our internal business purposes, such as data analysis, audits, and service development.
3. How We Share Your Information-We may share your information with the following:
Healthcare Professionals: Our staff and medical professionals who are involved in your care.
Service Providers: Third-party vendors who assist us with payment processing, data storage, website hosting, and other operational tasks.
Regulatory Agencies: As required by law, such as for reporting certain diseases or adverse events, and to fulfill compliance with HIPAA.
Legal Purposes: When we believe it is necessary to comply with legal obligations or protect the rights, property, or safety of our organization, our clients, or others.
Business Transfer: In the event of a merger, acquisition, or sale of our practice, your information may be transferred to the new entity.
Authorization: We will only share your information if you have authorized us to share.
Emergency Situations: In the event of a medical emergency, we may share limited information to aid in your care.
4. Your Rights and Choices: You have the following rights and choices regarding your personal information:
Access:You have the right to access and review your medical and personal information.
Correction:You have the right to request corrections to any inaccurate or incomplete information we hold about you.Restrictions:You have the right to request restrictions on how we use or disclose your information. (Please note we will make all effort to accommodate your request, but cannot restrict the use if needed for medical treatment or required by law)
Opt-Out:You can opt-out of receiving promotional emails. (Please note this will not effect emails required for your treatment)
HIPAA Rights:You have specific rights under HIPAA to access, amend, or request an accounting of disclosures of your PHI. You can also file a complaint with the government.Data
Deletion:You can request we delete your data, although we may not be able to delete certain records for compliance reasons or during active treatment.
5. Data Security
We take data security seriously and have implemented reasonable measures to protect your information from unauthorized access, disclosure, alteration, or destruction. These measures include:
Secure servers Encryption of sensitive data during transmission Regular security audits HIPAA compliant policies. While we use reasonable efforts to protect your information, no security measures are perfect.
6. Data Retention:
We will retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including providing you with services, complying with legal obligations, and resolving disputes. We may be required to retain medical records for a certain period due to state and federal regulations.
7. HIPAA Compliance
We are committed to protecting your health information (PHI) as required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). We maintain policies and procedures to ensure the confidentiality, integrity, and security of your PHI. This includes:
Limited access to your PHI to authorized personnel only.Training our staff in HIPAA requirements.Using secure and compliant methods for storing and transmitting your PHI.Ensuring your rights under HIPAA are respected.
8. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. We will post any changes on our website and, if required, will notify you directly. Your continued use of our services after any changes constitutes your acceptance of the updated policy.
9. Contact Information
If you have any questions or concerns about this Privacy Policy or your personal information, please contact us at Vibrant Skin Solutions.
8191 N. Lombard St, Unit 109
Portland OR, 97203
503-427-8207
[email protected]