Privacy Policy

🔒 Privacy Overview

At PCP.CARE, we are committed to protecting your privacy and maintaining the confidentiality of your personal health information (PHI). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our healthcare platform and services.

This policy applies to all information collected through our website, mobile applications, telehealth services, and any related communications. By using our services, you acknowledge that you have read and understood this Privacy Policy.

📊 Information We Collect

🏥 Health Information

As a healthcare provider, we collect and maintain various types of health information necessary to provide you with quality medical care:

• Medical History: Previous illnesses, surgeries, medications, and treatments
• Current Health Status: Symptoms, vital signs, test results, and diagnoses
• Treatment Information: Care plans, prescriptions, and provider notes
• Insurance Information: Coverage details and billing information
• Emergency Contacts: Family members or designated contacts

👤 Personal Information

We collect personal information necessary for account management and service delivery:

• Identity Information: Full name, date of birth, Social Security number
• Contact Information: Address, phone numbers, email addresses
• Account Information: Username, password, security preferences
• Payment Information: Credit card details, billing address

💻 Technical Information

Our systems automatically collect certain technical information to improve our services:

• Device Information: Browser type, operating system, device identifiers
• Usage Data: Pages visited, time spent, feature usage patterns
• Network Information: IP address, connection type, general location
• Performance Data: Loading times, error reports, system performance

🎯 How We Use Your Information

🩺 Healthcare Services

Your health information is primarily used to provide comprehensive medical care:

• Treatment: Diagnosing conditions, developing care plans, prescribing medications
• Care Coordination: Communicating with specialists and other healthcare providers
• Appointment Management: Scheduling, reminders, and follow-up care
• Telehealth Services: Remote consultations and virtual care delivery
• Emergency Care: Providing critical information during medical emergencies

💰 Administrative Purposes

We use your information for essential administrative functions:

• Billing & Insurance: Processing claims, payment collection, insurance verification
• Account Management: Maintaining user accounts, authentication, customer support
• Legal Compliance: Meeting regulatory requirements and legal obligations
• Quality Improvement: Analyzing care outcomes and service effectiveness

🤝 Information Sharing

🏥 Healthcare Partners

We may share your health information with authorized healthcare entities:

• Specialists: Referrals to specialists and subspecialty providers
• Laboratories: Test ordering and result sharing with certified labs
• Pharmacies: Prescription information for medication dispensing
• Hospitals: Care coordination during hospital stays or emergency visits
• Insurance Providers: Claims processing and coverage verification

⚖️ Legal Requirements

In certain circumstances, we may be required to disclose information:

• Public Health: Reporting communicable diseases or safety concerns
• Legal Proceedings: Court orders, subpoenas, or legal investigations
• Safety Concerns: Preventing harm to patients or public safety
• Regulatory Compliance: Healthcare oversight and compliance audits

🛡️ HIPAA Compliance

PCP.CARE is a HIPAA-covered entity and fully complies with the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules.

🔒 Protected Health Information (PHI)

We protect all forms of PHI in accordance with HIPAA requirements:

• Electronic PHI (ePHI): Digital health records, test results, communications
• Physical PHI: Paper documents, printed reports, physical files
• Oral PHI: Verbal communications about health information

📋 HIPAA Rights

Under HIPAA, you have specific rights regarding your health information:

• Right to Access: Request copies of your health records
• Right to Amend: Request corrections to inaccurate information
• Right to Restrict: Request limitations on information use or disclosure
• Right to Accounting: Receive a list of disclosures made
• Right to Confidential Communications: Request alternative communication methods
• Right to File Complaints: Submit complaints about privacy practices

🔐 Data Security

🛡️ Technical Safeguards

We implement comprehensive technical security measures:

• Encryption: AES-256 encryption for data at rest and TLS 1.3 for data in transit
• Access Controls: Multi-factor authentication and role-based access restrictions
• Network Security: Firewalls, intrusion detection, and secure network protocols
• Data Backup: Regular encrypted backups with disaster recovery procedures
• Security Monitoring: 24/7 monitoring for suspicious activities and threats

🏢 Administrative Safeguards

Our administrative controls ensure proper information handling:

• Privacy Training: Regular HIPAA training for all staff members
• Business Associate Agreements: Contracts with all third-party vendors
• Incident Response: Procedures for handling security breaches
• Regular Audits: Periodic security assessments and compliance reviews

🏥 Physical Safeguards

We protect physical access to information and systems:

• Facility Security: Controlled access to offices and data centers
• Workstation Controls: Secured computers and mobile devices
• Media Protection: Secure handling and disposal of storage media

⚖️ Your Privacy Rights

📱 Access & Control

You have comprehensive rights regarding your personal information:

• Data Access: View, download, or receive copies of your information
• Data Portability: Transfer your data to another healthcare provider
• Data Correction: Request updates to inaccurate or incomplete information
• Communication Preferences: Choose how and when we contact you
• Marketing Opt-out: Unsubscribe from promotional communications

🗑️ Data Deletion

Subject to legal and medical record retention requirements:

• Account Deletion: Request removal of your account and associated data
• Information Removal: Delete specific pieces of non-essential information
• Retention Periods: Understand how long we retain different types of data

📞 How to Exercise Your Rights

To exercise any of your privacy rights:

1. Online Portal: Use your patient portal to submit requests
2. Email: Send requests to [email protected]
3. Phone: Call our privacy hotline during business hours
4. Mail: Send written requests to our mailing address

🍪 Cookies & Tracking

🔧 Essential Cookies

We use necessary cookies for basic website functionality:

• Authentication: Maintaining your login session securely
• Security: Protecting against fraud and unauthorized access
• Preferences: Remembering your settings and preferences
• Load Balancing: Ensuring optimal website performance

📊 Analytics Cookies

We use analytics to improve our services (with your consent):

• Usage Analytics: Understanding how you use our platform
• Performance Monitoring: Identifying and fixing technical issues
• Feature Development: Improving existing features and developing new ones

🎯 Marketing Cookies

Optional cookies for personalized experiences:

• Personalization: Customizing content based on your interests
• Health Education: Providing relevant health information and resources
• Service Recommendations: Suggesting relevant healthcare services

🤝 Third-Party Services

🏥 Healthcare Partners

We work with trusted healthcare partners who are bound by strict confidentiality agreements:

• Electronic Health Records: HIPAA-compliant EHR system providers
• Laboratory Services: Certified labs for test processing and results
• Telehealth Platform: Secure video conferencing for virtual appointments
• Prescription Services: Licensed pharmacy partners for medication delivery
• Medical Devices: Connected health device manufacturers and data processors

💳 Payment Processors

Financial transactions are handled by PCI-compliant payment processors:

• Credit Card Processing: Secure payment gateway providers
• Insurance Verification: Real-time eligibility and benefits verification
• Billing Services: HIPAA-compliant medical billing partners

☁️ Technology Services

Our technical infrastructure relies on secure, compliant service providers:

• Cloud Hosting: HIPAA-compliant cloud infrastructure providers
• Data Analytics: Privacy-focused analytics and reporting tools
• Communication: Secure messaging and notification services
• Security Services: Cybersecurity monitoring and threat detection

🔄 Policy Updates

📢 Notification Process

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements:

• Email Notification: We'll send advance notice to your registered email address
• Website Notice: Prominent notification on our website and patient portal

⏰ Implementation Timeline

Policy changes follow a structured timeline:

• 30-Day Notice: Advance notification for most policy updates
• 60-Day Notice: Extended notice for significant changes affecting your rights
• Immediate Effect: Emergency changes for security or legal compliance
• Grandfathering: Existing data governed by previous terms when appropriate

📱 Staying Informed

To stay current with our privacy practices:

• Version History: Review previous versions and changes on our website
• Summary of Changes: Clear explanations of what has changed and why
• Privacy Dashboard: Monitor your privacy settings and data usage

📞 Contact Information

🏛️ Regulatory Authorities

If you believe your privacy rights have been violated, you may file complaints with:

• U.S. Department of Health and Human Services: HHS HIPAA Complaint Portal
• Florida Department of Health: Florida DOH Website
• Office for Civil Rights: OCR Complaint Process