HIPAA

HIPAA NOTICE OF PRIVACY PRACTICES

Prime Medispa
Your Information. Your Rights. Our Responsibilities.

This HIPAA Notice of Privacy Practices describes how your medical information (PHI) may be used and disclosed and how you can access this information. Please review it carefully.

What is PHI (Protected Health Information)?

Protected Health Information (PHI) includes any individually identifiable health information created, stored, transmitted, or maintained by a HIPAA-covered entity or its business associates. PHI includes information such as:

  • Medical histories

  • Treatment plans

  • Health records

  • Billing details

  • Identifying information tied to your health

The 18 identifiers considered PHI under HIPAA include:
Names, dates (except year), telephone numbers, geographic data, fax numbers, Social Security numbers, email addresses, medical record numbers, account numbers, health plan beneficiary numbers, certificate/license numbers, vehicle identifiers, web URLs, device identifiers, IP addresses, full-face photographs, biometric identifiers, and any other unique identifying number or code.

YOUR RIGHTS

You have the right to:

  • Get a copy of your health and claims records

  • Request corrections to your health and claims records

  • Request confidential communications

  • Limit what information we use or share

  • Receive a list of disclosures

  • Receive a copy of this notice

  • Choose someone to act for you

  • File a complaint if you believe your rights were violated

YOUR CHOICES

You may choose how we share certain information in situations such as:

  • Communicating with family, friends, or others involved in your care

  • Disaster relief

  • Marketing communications

  • Requests to sell your personal information (which we do not do)

OUR USES & DISCLOSURES

We may use and share your information to:

  • Provide and coordinate your treatment

  • Run our organization

  • Process payments

  • Administer programs related to your care

  • Support public health and safety efforts

  • Conduct health-related research

  • Comply with state and federal law

  • Assist with organ/tissue donation

  • Assist coroners, medical examiners, or funeral directors

  • Manage workers’ compensation, law enforcement, and other government requests

  • Respond to lawsuits and legal actions

DETAILED EXPLANATION OF YOUR RIGHTS

Get a copy of your health records

  • You may request to view or obtain a copy of your health and claims records.

  • We will provide records or a summary within 30 days. A reasonable fee may apply.

Request corrections

  • If you believe information is incorrect or incomplete, you may request a correction.

  • If we cannot make the correction, we will provide a written explanation within 60 days.

Request confidential communications

  • You may request that we contact you by alternative means or at an alternate address.

  • We will accommodate reasonable requests.

Request limits on what we share

  • You may request restrictions on the use or disclosure of your health information.

  • We are not required to agree if it may affect your care.

Request a list of disclosures

  • You may request a list of disclosures made in the past six years, excluding those for treatment, payment, or healthcare operations.

Receive a copy of this notice

  • You may request a paper copy at any time.

Choose someone to act for you

  • Legal guardians or individuals with medical power of attorney may act on your behalf.

File a complaint

You may file a complaint if you believe your rights are violated by contacting: primemedisparvc@gmail.com

Or the U.S. Department of Health and Human Services:
200 Independence Avenue, S.W.
Washington, D.C. 20201
1-877-696-6775

We will not retaliate against you for filing a complaint.

YOUR CHOICES (DETAILED)

You may choose whether we:

  • Share information with family or friends involved in your care

  • Share information during emergencies or disaster relief

If you cannot express your preference (such as unconsciousness), we may act in your best interest.

We will not share without your written permission:

  • Information for marketing

  • Sale of your information

OUR USES & DISCLOSURES (DETAILED)

Treatment

We can share information with professionals involved in your care.

Running Our Organization

We use your information to operate safely and efficiently.

Paying for Services

We may share your information with our payment processor, Vagaro, to complete transactions.

Research

We may use or share information for approved health research.

Complying with the Law

We share information when required by federal or state law.

Public Health & Safety

Including:

  • Preventing disease

  • Reporting adverse reactions

  • Reporting suspected abuse or neglect

  • Helping reduce imminent threats

Law Enforcement & Government Requests

Includes workers’ compensation, law enforcement investigations, health oversight agencies, and specialized government functions.

Legal Action

We may share information in response to court orders or subpoenas.

OUR RESPONSIBILITIES

We are required to:

  • Maintain the privacy and security of your PHI

  • Inform you promptly if a breach occurs

  • Follow the terms of this notice

  • Only share information as outlined here unless you authorize additional uses in writing

CHANGES TO THIS NOTICE

We may update this notice. Revised versions will be posted on our website: https://rvcprimemedispa.com

A printed copy will be provided upon request.

EFFECTIVE DATE

Revised: December 2025

CONTACT INFORMATION

For questions, concerns, or requests regarding this notice, contact:

Prime Medispa
📍 220 Sunrise Hwy
Rockville Centre, NY 11570
📧 primemedisparvc@gmail.com
(516) 596-8084