Privacy Policy

Introduction

TrufaMED Urgent Care (“Practice,” “we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or communicate with us, including via SMS messaging.

By using our services, you agree to the terms of this Privacy Policy. If you do not agree, please do not use our services.

1.Information We Collect

We may collect the following types of information:

• Personal Information: Name, date of birth, mailing address, phone number, email address, and insurance details.
• Medical Information: Health history, treatment records, physician communications, and other health-related data.
• Payment Information: Billing details, insurance claims, and payment method information.
• Technical Information: IP address, browser type, device information, and usage patterns.
• SMS Communication Data: If you opt-in to receive SMS messages, we collect and store your phone number and message content for record-keeping and service-related notifications.

2.How We Use Your Information

We use the information collected for the following purposes:

• To provide medical care and urgent care services.
• To process payments and insurance claims.
• To send important service-related communications, including appointment reminders and follow-ups.
• To comply with legal obligations, including HIPAA regulations.
• To improve website functionality and user experience.

We do not share your mobile information with third parties for marketing purposes.

3.How We Protect Your Information

We take strict measures to safeguard your information, including:

• Data Encryption: All sensitive information is stored and transmitted using encryption protocols.
• Access Controls: Only authorized personnel have access to patient data.
• Secure Storage: We store data on secured servers with industry-standard protections.
• Routine Audits: We conduct regular security audits to identify and address vulnerabilities.

4.SMS Messaging & Mobile Information

No Third-Party Sharing of Mobile Information: TrufaMED Urgent Care does not share, sell, or rent your mobile phone number or any personal information collected through SMS messaging with third parties for their marketing purposes. Your mobile number will only be used to send you the SMS messages you have opted in to receive.

Consent-Based Communications: You may opt-in to receive SMS messages from us for appointment confirmations, reminders, and urgent updates. By providing your mobile number, you consent to receive text messages related to your healthcare and service inquiries. Message frequency may vary, and standard messaging rates apply.

Notwithstanding anything to the contrary in this privacy policy, your consent to receive SMS messages applies solely to us. It does not apply to the activities of any third party. We will not share your mobile number with any third party for their marketing or promotional purposes.

Opt-Out Option: You may opt out of SMS communications at any time by replying STOP to any message or contacting us directly.

Data Protection: We do not share your mobile information with third parties for marketing purposes. SMS data is stored securely and only accessible by authorized personnel.

5.Consumer Data Transfers

We do not sell or transfer your personal information to third parties, except in the following circumstances:

• As Required by Law: If required by court order, subpoena, or government investigation.
• Service Provision: To process payments, insurance claims, or provide necessary healthcare services (e.g., with your insurance provider).
• Business Transactions: If our business is acquired or merged, your information may be transferred under strict confidentiality agreements.

6.Preventing Unauthorized Sharing

We enforce strict policies to prevent unauthorized data sharing:

• Employee Training: Staff are trained on data privacy and HIPAA compliance.
• Access Restrictions: Only authorized personnel can access sensitive data.
• Audit Trails: All data access and modifications are logged and monitored.
• Third-Party Agreements: Vendors handling patient data must comply with strict data protection agreements.

7.Your Rights & Choices

You have the following rights regarding your personal information:

• Access & Copies: Request a copy of your health records.
• Corrections: Request corrections to inaccurate or incomplete information.
• Restrictions: Request limitations on how we use or disclose your information.
• Opt-Out: Opt out of certain communications, including SMS messaging.
• File a Complaint: If you believe your privacy rights have been violated, you can file a complaint with our Privacy Officer or the Department of Health and Human Services (HHS).

To exercise your rights, contact our Privacy Officer using the contact information in section 10 below.

8.TrufaMED Mobile App

The TrufaMED mobile app (iOS) is a private companion app for TrufaMED patients and members. In addition to the practices described above, the following applies to the app:

• Account Information: The app uses a secure patient account (email address and password) managed through Amazon Cognito. Your account identifies you so that only you can access your information.
• Information Stored by Our Systems: When you use the app, your profile (name, date of birth, contact details, address, and insurance details), appointment information, lab results, membership status, and messages you send to your care team are transmitted to and stored on our secure, access-controlled systems so we can provide your care.
• Apple Health (HealthKit): If you choose to connect Apple Health, the app reads sleep, activity, heart rate, and workout data solely to calculate your personal Wellness Score on your device. HealthKit data is not transmitted off your device, is never used for advertising or marketing, and is never sold or shared with third parties or data brokers.
• Push Notifications: If you enable notifications, a device push token is stored so we can send appointment reminders and results-ready alerts. Notifications never contain lab values or diagnoses.
• Camera & Photos: The camera is used only to scan your insurance card (text recognition happens on your device) and, optionally, to photograph documents such as your ID or insurance card. Document photos are stored encrypted on your device and are not uploaded to our servers.
• On-Device Security: Information cached in the app is stored in the device’s encrypted keychain. You can additionally enable App Lock (Face ID / passcode) in the app’s Profile settings.
• Deleting Your Data: You can delete your app data at any time from Profile → Delete My Data. This permanently removes your app profile, messages, and related app data from your device and our servers. Your clinical medical record at TrufaMED is retained as required by law and is unaffected.
• No Advertising or Sale of Data: The app contains no third-party advertising. We do not sell your personal information, and we do not share app data with third parties for marketing purposes.

9.Updates to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. Your continued use of our services constitutes acceptance of the revised policy.

10.Contact Us

If you have questions about this Privacy Policy, please contact us: