Legal and Privacy Policies
Legal Disclaimer
Thank you for visiting PrimeMDGroup.com, this site is sponsored by PrimeMD Inc
1. Introduction
PrimeMD Inc. DBA PrimeMD Primarycare and Walk-ins is committed to protecting your personal and health information. As a healthcare technology company based in Ohio, we follow all applicable federal and state laws, including the Health Insurance Portability and Accountability Act (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and Ohio Revised Code Chapter 3798.
2. Legal Compliance
2.1 Federal Compliance
-
HIPAA: We follow HIPAA’s Privacy, Security, and Breach Notification Rules by:
-
Training our staff and maintaining clear policies.
-
Securing our facilities and limiting access.
-
Using encryption and secure systems.
-
Notifying affected individuals and authorities if a data breach occurs.
-
HITECH Act: We enhance HIPAA compliance by:
-
Informing you within 60 days if your data is breached.
-
Reporting large breaches to the U.S. Department of Health and Human Services (HHS) and the media.
-
COPPA: If our services involve children under 13, we get permission from a parent or guardian before collecting any personal data.
​
2.2 Ohio State Compliance
-
Ohio Revised Code Chapter 3798: We:
-
Ask for your consent before sharing your health information.
-
Follow standards for health information exchanges.
-
Notify you if your data is shared without authorization.
-
Ohio Personal Information Protection Act: We:
-
Use security measures based on risk.
-
Inform you if your personal data is compromised.
-
Ohio Mental Health and Addiction Services Laws: We apply extra protections to:
-
Behavioral health records.
-
Substance use treatment information.
-
Only share this data with your specific consent.
3. Privacy Policy
3.1 Information We Collect
We collect:
-
Personal Information: Your name, address, phone number, email, and date of birth.
-
Health Information: Your medical history, diagnoses, medications, and treatment plans.
-
Technical Information: Your IP address, device type, browser type, and usage patterns.
-
Location Information: If enabled, your location to personalize services.
​
3.2 How We Use Your Information
We use your data to:
-
Provide personalized healthcare services.
-
Communicate with healthcare providers.
-
Improve our services.
-
Meet legal and regulatory requirements.
-
Conduct research using de-identified data.
​
3.3 Sharing Your Information
We may share your data:
-
With healthcare professionals for your care.
-
With trusted vendors under signed agreements.
-
With insurers for billing.
-
With public health authorities when required.
-
With law enforcement if legally necessary.
​
3.4 Your Rights
You have the right to:
-
Access: Get a copy of your data.
-
Correction: Fix incorrect or incomplete data.
-
Deletion: Ask us to delete your data, unless we’re required to keep it.
-
Objection: Say no to certain types of data use.
-
Complaint: Contact us or regulators if you have concerns.
4. Data Retention Policy
4.1 How Long We Keep Your Data
We keep data for:
-
HIPAA Records: At least 6 years.
-
Medical Records (Ohio):
-
Adults: 6 years after your last visit.
-
Minors: Until age 19 or 6 years after your last visit, whichever is longer.
-
Medicaid: 6 years after payment.
-
Medicare: 5–10 years depending on the program.
-
Research Data: As required by research guidelines.
​
4.2 When We Pause Data Deletion
If there’s an investigation or legal issue, we hold off on deleting data until it’s resolved.
​
4.3 How We Safely Dispose of Data
We securely delete data:
-
Digital Data:
-
Using certified tools.
-
Removing encryption keys.
-
Physically destroying drives.
-
Paper Records:
-
Shredding.
-
Incineration or pulverization.
-
Documentation:
-
Keeping logs of disposal.
-
Auditing our processes.
5. Security Measures
We protect your data with:
-
Encryption: Strong encryption for stored and transmitted data.
-
Access Controls: Limited access based on roles and multi-factor authentication.
-
Monitoring: Continuous system monitoring.
-
Risk Reviews: Annual security checks.
-
Incident Response: Clear steps for handling breaches.
6. Business Associate Agreements (BAAs)
We require vendors who handle your data to:
-
Sign agreements that follow HIPAA rules.
-
Use strong security measures.
-
Help us respond to any data issues.
7. Terms of Use
By using PrimeMD, you agree to:
-
Eligibility: Be at least 18 or have parental consent.
-
Account Responsibility: Keep your login details safe.
-
Acceptable Use: Use our services responsibly.
-
Service Availability: Understand that service may be interrupted for maintenance.
-
Intellectual Property: Respect our content and technology.
-
Limitation of Liability: We’re not responsible for indirect damages, as allowed by law.
-
Modifications: We may update these terms, and continued use means you accept the changes.
8. Cookie Policy
We use cookies to improve your experience.
-
Types of Cookies:
-
Essential: Needed for basic functions.
-
Performance: Help us understand usage.
-
Functional: Remember your settings.
-
Targeting: Show relevant content.
-
Consent:
-
We ask for your permission before using non-essential cookies.
-
Managing Cookies:
-
You can change settings in your browser.
-
Turning off cookies may affect how the site works.
-
Third-Party Cookies:
-
Some cookies come from services we use.
-
We’re not responsible for their cookie practices.
9. Contact Us
If you have questions or concerns:
Email: ContactUS@PrimeMD.com
Address: PO BOX 278, Powell, OH 43065
Phone: 614-892-5365
10. Glossary of Key Terms
-
PHI (Protected Health Information): Any health information that can identify you and is used or disclosed in providing healthcare services.
-
HIPAA: A federal law that protects the privacy and security of health information.
-
HITECH Act: A law that strengthens HIPAA enforcement and promotes the use of electronic health records.
-
BAA (Business Associate Agreement): A contract between PrimeMD and third-party vendors who handle PHI, requiring them to follow HIPAA rules.
-
De-identified Data: Data that has been stripped of personal identifiers so it cannot be linked back to you.
-
Encryption: A method of protecting data by converting it into a secure format.
-
Multi-Factor Authentication: A security process that requires more than one method of verifying your identity.
-
Degaussing: A process that erases data from magnetic storage devices.
-
Cookies: Small files stored on your device that help websites remember information about you.
11. Patient-Friendly Summary
🩺 PrimeMD Privacy & Security Summary
Your privacy matters. At PrimeMD, we work hard to protect your personal and health information. Here's what you need to know:
​
What We Collect:
-
Your name, contact info, and date of birth.
-
Your health history and treatment details.
-
Info about your device and how you use our services.
-
Your location (if you allow it).
​
How We Use Your Info:
-
To provide you with personalized healthcare.
-
To communicate with your doctors.
-
To improve our services.
-
To meet legal requirements.
-
To do research (with your identity removed).
​
Who We Share With:
-
Your healthcare providers.
-
Trusted partners who help us run our services.
-
Insurance companies for billing.
-
Public health officials if required.
-
Law enforcement if legally necessary.
​
Your Rights:
-
See your information.
-
Fix mistakes.
-
Ask us to delete your data (unless we’re required to keep it).
-
Say no to certain uses of your data.
-
File a complaint if you’re concerned.
​
How Long We Keep Your Info:
-
At least 6 years, or longer if required by law.
​
How We Delete Your Info:
-
We use secure tools and methods to safely delete your data.
​
How We Protect Your Info:
-
Strong encryption.
-
Password protection and secure logins.
-
Regular security checks.
-
Fast action if there’s a data breach.
​
Cookies:
-
We use cookies to make our website work better.
-
You can choose which cookies to allow.