Privacy Policy

1. Introduction

Your privacy is very important to us. This Privacy Policy and HIPAA Notice describes how we collect, use, store, and protect your personal and health information when you use our telehealth services, including scheduling appointments via Acuity Scheduling and telehealth sessions via Zoom. We are committed to complying with the Health Insurance Portability and Accountability Act (HIPAA).

2. Information We Collect

When you use our services, we may collect:

  • Personal Information: name, date of birth, email, phone number, billing information.

  • Health Information (Protected Health Information, PHI): medical history, appointment details, notes, and other information necessary to provide care.

  • Technical Information: IP address, browser type, device information for website usage (non-PHI).

3. How We Use Your Information

Your information is used solely for:

  • Scheduling and managing telehealth appointments.

  • Providing medical care and communicating with you regarding your care.

  • Billing and payment processing.

  • Compliance with legal requirements, including HIPAA.

We do not sell or share your PHI for marketing purposes.

4. How We Protect Your Information

We use administrative, technical, and physical safeguards to protect your information, including:

  • Secure, encrypted connections (HTTPS/TLS) for all online forms and website pages.

  • HIPAA-compliant third-party services for scheduling and telehealth (Acuity HIPAA plan, Zoom for Healthcare).

  • Limited access to your information to authorized personnel only.

  • HIPAA-compliant email systems for communication regarding PHI.

Important: We do not store PHI directly on Squarespace, as it is not HIPAA-compliant. All PHI is collected and stored only in HIPAA-compliant systems.

5. Your Rights under HIPAA

As a patient, you have the right to:

  • Access and request a copy of your PHI.

  • Request corrections to your PHI.

  • Receive an accounting of disclosures of your PHI.

  • Request restrictions on how your PHI is used or disclosed.

  • File a complaint if you believe your privacy rights have been violated.

To exercise these rights, please contact:
Shannon Hamilton at (HIPAA-compliant email)

6. Use of Third-Party Services

We use third-party providers to deliver services:

  • HIPAA-compliant email providers – for secure communication of PHI.

All third-party providers have signed Business Associate Agreements (BAAs) with us to ensure your PHI is protected.

7. Email & Communication

All emails containing PHI are sent via HIPAA-compliant systems.
We will never send PHI via unsecured email. Any appointment confirmations or health information sent by email will either:

  • Direct you to a secure portal, or

  • Be encrypted per HIPAA standards.

    8. Contact Us

    If you have questions or concerns about your privacy or this notice:

    Accessible Health Connection
    Email: [HIPAA-compliant email]