Privacy Policy

NOTICE OF PRIVACY PRACTICES

Effective Date: 04/01/2025

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

PLEASE REVIEW IT CAREFULLY.

At Sunshine Health Direct Primary Care (“we,” “our,” or “us”), we value your trust and are committed to protecting your privacy and the confidentiality of your health information. This Notice explains how we use and disclose your Protected Health Information (PHI) under Health Insurance Portability and Accountability Act (HIPAA), and outlines our broader privacy practices for all information you share with us online or in person. 

Our Legal Duty Under HIPAA, We are required by law to:

1. Maintain the privacy of your health information.
2. Provide you with this Notice of our legal duties and privacy practices.
3. Abide by the terms of the Notice currently in effect.
4. Notify you in the event of a breach involving your unsecured PHI.

HOW WE MAY USE AND DISCLOSE YOUR HEALTH INFORMATION

We may use or disclose your PHI without your written permission in the following circumstances:

1. For Treatment

We may use or share your health information to provide, coordinate, or manage your medical care. For example, we may consult with other healthcare providers, refer you to specialists, or share information with a pharmacy to fulfill a prescription.

1. For Payment

We may use or disclose your information to obtain payment for the services we provide. For example, we may submit information to your health insurance company or a billing service.

1. For Healthcare Operations

We may use and disclose your PHI to operate and improve our practice. This includes quality assessment, training, credentialing, legal advice, audits, and general administration.

1. Appointment Reminders and Treatment Alternatives

We may use your information to contact you about upcoming appointments, refill reminders, or other health-related benefits and services that may be of interest to you.

USES AND DISCLOSURES THAT MAY BE MADE WITHOUT YOUR AUTHORIZATION

We may also use or disclose your information in these circumstances, as permitted or required by law:

1. Public Health Reporting – Disease prevention, vital records, FDA reporting, etc.
2. Health Oversight Activities – Audits, inspections, and investigations.
3. Judicial and Administrative Proceedings – In response to a subpoena, court order, or legal process.
4. Law Enforcement – As required by law to report certain injuries or criminal conduct.
5. Coroners, Funeral Directors, and Organ Donation – To identify a deceased person or arrange for organ donation.
6. To Avert a Serious Threat to Health or Safety – If necessary to prevent a serious risk to a person or the public.
7. Specialized Government Functions – Military, national security, and correctional facility-related disclosures.
8. Workers’ Compensation – To comply with workers’ compensation laws.
9. Research – Under specific conditions, with safeguards.

USES AND DISCLOSURES REQUIRING YOUR WRITTEN AUTHORIZATION

We will not use or share your information for the following purposes unless you provide explicit written authorization:

1. Marketing purposes
2. Sale of your health information
3. Most uses of psychotherapy notes (if applicable)
4. Other disclosures not described in this notice

You may revoke any authorization at any time, in writing, except to the extent that action has already been taken based on the authorization.

YOUR RIGHTS REGARDING YOUR PROTECTED HEALTH INFORMATION

You have the right to:

1. Request Restrictions
   You may request limits on how we use or share your information. We are not required to agree to all restrictions, but we will accommodate reasonable requests.

1. Request Confidential Communications
   You may request that we communicate with you in a specific way (e.g., by mail or phone only).
2. Inspect and Copy Your Health Information
   You may view or request a copy of your medical records. A reasonable fee may apply.
3. Request Amendment
   You may request that we correct or amend your health record if you believe it is inaccurate or incomplete.
4. Receive an Accounting of Disclosures
   You may request a list of the disclosures we made of your health information, excluding those for treatment, payment, and operations.
5. Receive a Paper Copy of This Notice
   You are entitled to receive a physical copy of this Notice, even if you have agreed to receive it electronically.

BREACH NOTIFICATION

If a breach of your unsecured PHI occurs, we will notify you without unreasonable delay, in accordance with HIPAA.

CHANGES TO THIS NOTICE

We reserve the right to update this Notice. Changes will apply to all information we maintain and will be available on our website and in our office.

ONLINE PRIVACY POLICY

This section outlines how we collect and use information through our website and digital platforms.

1. How We Use Your Information

We collect information to:

• Process Transactions: Fulfill services or appointments you request
• Respond to Inquiries: Communicate via phone, email, or form submissions
• Send Marketing Communications: Send health tips or promotions via email or SMS (opt-out available)

2. How We Protect Your Information

We use industry-standard security protocols to protect your data during collection and transmission. While no system is completely secure, we take all reasonable measures to safeguard your information.

3. Information Disclosure to Third Parties

• We do not sell, trade, or transfer your personal information, except to:
• Trusted vendors who help us operate our website and services
• Authorities when required by law
• Protect our rights or safety, or that of others

4. Third-Party Links

Our website may link to other sites. We are not responsible for their privacy practices. Please review their policies before use.

5. Cookies and Website Analytics

Our website may use cookies to enhance user experience and track anonymous usage data (e.g., browser type, device, IP address). You can disable cookies via your browser settings.

REMARKETING

We may use remarketing tools (e.g., Google) to show ads to previous visitors. This does not involve collecting personally identifiable information.

A2P TEXT MESSAGING COMPLIANCE

By providing your mobile number, you consent to receive automated messages related to your care and services. You may opt out at any time by replying “STOP.”

CHILDREN’S ONLINE PRIVACY

We comply with the Children’s Online Privacy Protection Act (COPPA) and do not knowingly collect information from children under age 13.

INFORMATION SUBMISSION

Any personal, financial, or health-related information you voluntarily submit (via forms or email) will only be used for its intended purpose and not shared without necessity.

ONLINE PRIVACY POLICY ONLY

This policy applies solely to information collected online and not through other channels (e.g., in-person visits, phone calls).

CHANGES TO OUR PRIVACY POLICY

We may update this Privacy Policy at any time. Updates will be posted on our website with an updated effective date.

CONTACT US

If you have questions, concerns, or believe your privacy rights have been violated, please contact:

Privacy Officer:

JD Alcantara, RHIT

Address: 1337 Oceana Blvd, Suite 110, Virginia Beach, VA 23454

Phone: (757) 734-5229

Email: [email protected]

Website: www.sunshinehealthdpc.com

You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights.

We will not retaliate against you for filing a complaint.