At Expert Urology Consulting Clinic, we take your privacy and security seriously. We are committed to protecting your Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and all applicable laws. This notice outlines how we collect, store, and use your information when you receive telehealth services from our clinic.

1. Information We Collect

We collect only the necessary personal and medical information required to provide expert telehealth care, including:

✔ Personal Information (name, date of birth, contact details, payment information)

✔ Medical History & Treatment Information (submitted through Google Workspace forms)

✔ Scheduling & Communication Details (managed through Google Workspace)

We use HIPAA-compliant platforms for managing your information, appointments, and billing.

2. How We Use & Store Your Information

Your Protected Health Information (PHI) is used solely for providing medical care and related administrative functions, including:

✔ Evaluating and treating your urologic health concerns

✔ Managing scheduling, medical records, and follow-ups

✔ Processing payments and invoicing

We use three primary platforms to securely store and process your data:

🔹 Medical Intake & Updates

✔ Google Workspace (HIPAA-Compliant) is used for initial intake forms and patient updates.

✔ All patient-provided medical history, pre-appointment questionnaires, and ongoing updates are collected through Google Forms and Google Drive, which are secured under our Business Associate Agreement (BAA) with Google.

🔹 Final Medical Record Documentation

✔ SimplePractice (HIPAA-Compliant) is used for final storage of all medical records, treatment notes, and prescriptions.

✔ After your telehealth visit, all relevant information is transferred into your official patient record within SimplePractice for long-term documentation.

🔹 Scheduling & Communication

✔ Google Workspace (Gmail, Calendar, Meet) is used for appointment scheduling, confirmations, and secure email communications.

✔ Video visits are conducted through Google Meet for HIPAA-compliant telehealth sessions.

🔹 Billing & Payments

✔ All payments are securely processed through Stripe (PCI-compliant).

✔ A credit card on file is required, and charges are processed 24 hours before appointments.

3. Data Security Measures

We take data security seriously and implement industry-standard protections, including:

✔ Encrypted data storage on HIPAA-compliant platforms (Google Workspace & SimplePractice)

✔ Secure transmission of all medical records and communications

✔ Restricted access to patient data, limited to authorized personnel only

4. Your Rights & Confidentiality

✔ You have the right to request access to your medical records stored in SimplePractice.

✔ You may request corrections to your records if any information is inaccurate.

✔ You have the right to request a copy of your Privacy Practices acknowledgment at any time.