top of page

Privacy Policy

​

IMPORTANT: This document serves as both the Website Privacy Policy (for general data) and the Notice of Privacy Practices (NPP) (for health data, as required by HIPAA).

Notice of Privacy Practices (HIPAA)

 

Our Commitment to Your Protected Health Information (PHI)

Paramount Primary Doctors is a HIPAA-Covered Entity and is committed to protecting the privacy of your protected health information (PHI). This section of the policy, the Notice of Privacy Practices (NPP), describes how your medical information may be used and disclosed and how you can get access to this information.

​

 

Understanding Protected Health Information (PHI)

PHI is individually identifiable health information we collect from you or create or receive about you. It relates to your past, present, or future physical or mental health or condition, related healthcare services, or the past, present, or future payment for the provision of health care to you.

​

 

How We May Use and Disclose Your PHI Without Your Authorization

 

We may use and disclose your PHI without your written authorization for the following purposes:

  1. Treatment: We may use and disclose your PHI to provide, coordinate, or manage your health care and any related services (e.g., sharing with specialists, labs, or hospitals). Given our mobile and telehealth nature, this also includes sharing PHI through secure, HIPAA-compliant electronic communication methods for coordination of care.

  2. Payment: We may use and disclose your PHI to obtain payment for the health care services we provide (e.g., billing your health insurance company, Medicare, or other third-party payers).

  3. Health Care Operations: We may use and disclose your PHI for our own health care operations to manage our practice and ensure all patients receive quality care (e.g., quality assessment, training, and business planning).

​

 

Other PHI Uses and Disclosures Not Requiring Your Authorization

We may also use or disclose your PHI without your authorization as permitted or required by law, including: Individuals Involved in Your Care or Payment, Required By Law, Public Health Activities, Law Enforcement and Judicial Proceedings, Health and Safety, Worker’s Compensation, Coroners, Medical Examiners, and Specific Government Functions.

​

 

PHI Uses and Disclosures Requiring Your Written Authorization

We must obtain your written authorization for uses and disclosures of your PHI for purposes other than those described above, including: Marketing (except for certain face-to-face communications or gifts), Sale of PHI, and most disclosures of Psychotherapy Notes. You may revoke any authorization you provide at any time.

​

 

Your Rights Regarding Your PHI (HIPAA Rights)

 

You have the following rights regarding your PHI. To exercise any of these rights, please submit a written request to the Privacy Officer at the contact information listed below:

  • Right to Request Restrictions: You have the right to request a restriction on how we use or disclose your PHI. We must agree to a request to restrict disclosure of PHI to a health plan if you, or someone on your behalf, has paid us in full out-of-pocket for the service.

  • Right to Request Confidential Communications: You have the right to request that we communicate with you about your PHI in a certain way or at a certain location (e.g., only by mail).

  • Right to Inspect and Copy: You have the right to inspect and obtain a copy of your PHI.

  • Right to Amend: If you feel that PHI we have about you is incorrect or incomplete, you may ask us to amend the information.

  • Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures of your PHI we have made.

  • Right to a Paper Copy of This Notice: You have the right to a paper copy of this Notice.

  • Right to Be Notified of a Breach: We are required to notify you in the event of a breach of your unsecured PHI.

Website & General Data Privacy Policy

This section of the policy describes the information we collect from users of our website and how that information is used, regardless of whether it is Protected Health Information (PHI).

​

 

Information We Collect

 

We may collect the following categories of information, depending on the nature of your interaction with our website or the type of form you submit:

  • Personal Information: This may include your name, email address, phone number, postal address, and any other identifying information you provide when filling out contact forms or contacting us.

  • Employment and Educational Background: Information related to job applications, such as employment history, resume content, educational qualifications, and references.

  • Health or Sensitive Information (PHI): In certain cases, especially through online forms such as appointment, enrollment, consultation, or other service-related forms, we may collect health-related information, such as allergies, current symptoms, or other medical details that you voluntarily provide. This information is treated as PHI and is handled in strict accordance with Part I (HIPAA) of this policy.

  • Usage Information: We may collect information about your interactions with our website and services, such as your IP address, browser type, operating system, and browsing behavior.

  • Cookies: We use cookies and similar tracking technologies to collect information about your browsing preferences, such as the pages you visit, the links you click, and other actions you take on our website.

  • Other Information You Voluntarily Provide: Any information you choose to share with us through open-form text fields or uploaded documents.​

 

How We Use Your Information

 

We process personal data based on one or more of the following: your consent, the need to perform a contract or respond to your inquiries, compliance with legal obligations, or our legitimate business interests.

We may use your personal information for the following purposes:

  • Communication & Service: To communicate with you, respond to your inquiries, and fulfill the specific service or transaction you initiated (e.g., appointment scheduling).

  • Maintenance & Improvement: To provide and maintain our products and services, and to improve and personalize your experience on our website.

  • Analytics: To monitor and analyze website usage and trends (e.g., through Google Analytics).

  • Marketing: To send you marketing communications, promotions, and updates if you have provided your consent.

  • Security & Legal Compliance: To comply with legal obligations, respond to lawful requests from authorities, and to detect, prevent, and address fraud, security risks, or technical issues.

​

 

Sharing Your Information

 

We do not sell your personal data. However, we may share your information with third parties in the following cases:

  • Authorized Personnel or Service Providers: Your information may be accessed by authorized personnel or third-party service providers (Business Associates) strictly for the purpose of fulfilling your requests, processing transactions, or maintaining our website and services. Any sharing of PHI with Business Associates is governed by a Business Associate Agreement (BAA) to ensure HIPAA compliance.

  • Legal Requirements: We may disclose your information if required by law, such as in response to a court order, legal process, or a request from government authorities.

  • Third-Party Tools and Analytics: We may use third-party services (e.g., Google Analytics) that help us understand how visitors interact with our website. These tools may collect information such as IP address, browser type, and page activity, and may use cookies or tracking technologies.

​

 

Data Security

 

We implement appropriate technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. Sensitive data, such as health-related information (PHI), is subject to additional security controls to help ensure its confidentiality and integrity in accordance with HIPAA Security Rule standards.

​

 

Data Retention

 

We retain personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by applicable law (e.g., medical record retention laws in Arizona). When personal data is no longer needed, we take appropriate steps to securely delete, anonymize, or de-identify it.

​

 

Children’s Privacy

 

Our website is not intended for use by children under the age of 13. For child-related medical services, we may collect personal information from minors only when necessary to fulfill a specific service request (e.g., appointment scheduling) and only with verifiable consent from a parent or legal guardian.

Your Rights & Contact Information

 

 

Your General Data Rights

 

Depending on your location and applicable law, you may have the right to:

  • Request access to, correction of, or deletion of your personal information.

  • Request restriction of processing of your data, subject to legal exceptions.

  • Withdraw previously granted consent.

  • Object to or restrict certain data uses of your data.

  • Opt out of receiving promotional communications.

To exercise these rights, please contact us using the information below.

​

 

Changes to This Privacy Policy

 

We may update this Privacy Policy & Notice of Privacy Practices from time to time. Any updates will be posted on this page, and the “Effective Date” will be updated accordingly.

​

 

Questions or Complaints

 

If you have questions about this policy, or if you believe your privacy rights have been violated, you may contact our Privacy Officer.

You may also file a complaint with the Secretary of the Department of Health and Human Services (HHS) at 200 Independence Avenue, S.W., Washington, D.C. 20201. We will not retaliate against you for filing a complaint.

 

Paramount Primary Doctors maintains a comprehensive compliance program that strictly prohibits the exchange of any form of remuneration for patient referrals.

All financial arrangements with referring providers are structured to ensure compliance with the Anti-Kickback Statute (AKS) and Stark Law, meaning that:

  • Payments are at fair market value for legitimate, documented services (e.g., leases, professional services).

  • Compensation does not take into account the volume or value of any patient referrals or business generated between the parties.

Our commitment is to ethical, legal, and patient-centered healthcare practices.

​​

bottom of page