Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. This Notice is provided as required by HIPAA and implementing regulations, as amended by the HITECH Act.
Who We Are
Premier Solutions & Weight Loss ("we," "us," or "our") is a licensed healthcare provider and medical weight loss clinic based in Lakeland, Florida, offering both in-person and telemedicine services. We are a covered entity under HIPAA and are required by law to maintain the privacy of your protected health information (PHI), provide you with this Notice, and notify you following a breach of your unsecured PHI.
This Notice applies to all PHI created, received, maintained, or transmitted by Premier Solutions & Weight Loss in connection with any healthcare service โ including in-person visits and all telemedicine encounters. All workforce members, employees, contractors, and vendors acting on our behalf are bound by the terms of this Notice.
Your Protected Health Information
"Protected Health Information" (PHI) is any individually identifiable health information we create, receive, maintain, or transmit that relates to your past, present, or future physical or mental health, the healthcare we provide, or payment for that care โ in any format (paper, electronic, or verbal). PHI we collect and maintain includes:
- Personal identifiers: Name, date of birth, address, phone number, email address
- Medical history & clinical records: Health intake forms, provider notes, diagnoses, and treatment plans
- Weight loss & metabolic data: Weight history, BMI, body composition, and lab results
- Prescription records: Medications prescribed including GLP-1 therapies and weight loss medications
- Billing & payment records: Insurance information, payment history, and financial records related to your care
- Telemedicine records: Virtual visit documentation, asynchronous communications, and digital intake submissions
- Clinical photos & images: Progress photos taken or received for clinical monitoring purposes
How We Use & Disclose Your PHI
The table below summarizes the primary ways we use and disclose your PHI. We use the minimum necessary PHI for each purpose.
| Purpose | Description | Auth Required? |
|---|---|---|
| Treatment | Coordinating your care with other licensed providers, pharmacies, labs, and specialists involved in your treatment. | No |
| Payment | Using or disclosing PHI to bill you, process claims, or obtain payment โ including to billing vendors under BAA. | No |
| Healthcare Operations | Internal quality improvement, staff training, NABP accreditation activities, audits, and general practice management. | No |
| Appointment Reminders | Contacting you via phone, text, or email to remind you of upcoming in-person or telemedicine appointments. | No |
| Public Health Reporting | Disclosures to public health authorities as required by federal or Florida state law. | No |
| Required by Law | Disclosures compelled by court orders, valid subpoenas, or other legal mandates meeting HIPAA standards. | No |
| Business Associates | Sharing PHI with vendors (telemedicine platform, billing service, EHR provider) who have signed a HIPAA Business Associate Agreement. | No |
| Serious Safety Threat | Disclosure to prevent or lessen a serious and imminent threat to your health or safety or that of the public. | No |
| Marketing | Using PHI for marketing where we receive financial remuneration unrelated to your direct care. | Yes |
| Sale of PHI | Transferring or selling your PHI to any third party for their independent use. | Yes |
| All Other Disclosures | Any use or disclosure not described in this Notice or otherwise permitted by HIPAA. | Yes |
Permitted Uses Without Your Authorization
In addition to treatment, payment, and operations, HIPAA permits the following uses and disclosures without your written authorization:
- Workers' Compensation โ as required by applicable state law
- Health Oversight Activities โ to government agencies conducting audits, inspections, or licensure activities under health oversight law
- Judicial & Administrative Proceedings โ in response to court orders, subpoenas, or other lawful process meeting HIPAA requirements
- Law Enforcement โ under limited, specific circumstances permitted or required by applicable federal or Florida law
- Coroners, Medical Examiners & Funeral Directors โ as necessary and authorized by law
- Organ Procurement โ to organizations involved in organ, eye, or tissue donation and transplantation
- Research โ with appropriate protections, waivers, or de-identification in place as required by HIPAA
- Military & National Security โ to authorized federal authorities as permitted by law
Uses & Disclosures Requiring Your Written Authorization
The following always require your separate written authorization โ even if you have previously authorized other types of disclosures:
- Marketing โ most marketing communications, particularly where we receive financial remuneration
- Sale of PHI โ we will never sell your PHI without your explicit written consent
- Psychotherapy notes โ where applicable, always require separate authorization under HIPAA
You may revoke any written authorization at any time by submitting a written request to our Privacy Officer. Revocation does not affect actions already taken in reliance on the prior authorization before we received the revocation.
Your Privacy Rights
To exercise any of the following rights, submit a written request to our Privacy Officer at the contact information in Section 11.
Right to Access & Copies
Inspect and obtain a copy of your PHI held in our designated record sets. We respond within 30 days. A reasonable fee may apply for non-electronic copies.
Right to Amend
Request amendments to PHI you believe is inaccurate or incomplete. We may deny the request with written explanation. You may submit a statement of disagreement.
Right to Accounting of Disclosures
Request a list of certain disclosures of your PHI made within the six years prior to your request, with limited exceptions for TPO disclosures.
Right to Request Restrictions
Request restrictions on how we use or disclose your PHI. We must comply with requests to restrict disclosures to a health plan for care paid for entirely out-of-pocket.
Right to Confidential Communications
Request we contact you by an alternative method or at an alternative location. We will honor reasonable requests without requiring explanation.
Right to Electronic Access
Request an electronic copy of your PHI held electronically and direct us to transmit it to another provider or entity of your choice.
Right to Breach Notification
Be notified if your unsecured PHI is breached. We will notify you within 60 days of discovery with details of the incident and steps taken.
Right to a Paper Notice
Receive a paper copy of this Notice at any time upon request, even if you previously agreed to receive it electronically. No charge.
Our Duties
Premier Solutions & Weight Loss is required by law to:
- Maintain the privacy and security of your PHI
- Provide you with this Notice of our privacy practices
- Abide by the terms of this Notice currently in effect
- Not use or disclose your PHI inconsistently with this Notice without your authorization, except as required by law
- Notify you without unreasonable delay following a breach of your unsecured PHI
- Train all workforce members on HIPAA privacy requirements and enforce compliance
- Execute Business Associate Agreements with all vendors who access PHI on our behalf
- Implement appropriate administrative, physical, and technical safeguards to protect electronic PHI
- Apply the minimum necessary standard when using or disclosing your PHI
Breach Notification
If we discover a breach of your unsecured PHI, we will notify you without unreasonable delay and no later than 60 calendar days after discovery. Our breach notification will include:
- A description of what occurred, including the date of the breach and date of discovery
- The types of PHI involved in the breach
- Steps you should consider to protect yourself from potential harm
- What we are doing to investigate, mitigate harm, and prevent future breaches
- Contact information for further questions
Where a breach affects 500 or more Florida residents, we will also notify the Secretary of HHS and prominent media outlets in the affected area without unreasonable delay.
Telemedicine & Digital Privacy
The full protections of this Notice extend to all telemedicine encounters. Our specific digital privacy commitments include:
๐ Encrypted Platforms Only
All telemedicine visits use HIPAA-compliant, end-to-end encrypted platforms. We do not use consumer video applications for clinical encounters.
๐ Secure Website Transmission
Our website uses HTTPS with active SSL/TLS encryption. All PHI submitted electronically is transmitted over secure, encrypted channels only.
๐ Business Associate Agreements
All technology vendors and service providers who access your PHI have signed HIPAA-compliant Business Associate Agreements with us.
๐ฅ No Recording Without Consent
Telemedicine sessions are never recorded without your explicit, prior written consent. You may decline recording at any time.
๐๏ธ Secure Record Storage
Telemedicine records are stored in access-controlled, auditable electronic systems subject to HIPAA Security Rule requirements โ the same as in-person records.
๐ Patient Privacy Guidance
We recommend conducting telemedicine visits in a private location and using headphones to protect the confidentiality of your encounter.
Changes to This Notice
We reserve the right to modify this Notice at any time. Changes apply to all PHI we maintain, including PHI received before the change. If we make a material change, we will post the revised Notice on our website, make printed copies available in our clinic, and notify established patients via email or at their next scheduled visit. The effective date of the current version appears at the top of this page.
Contact Us & How to File a Complaint
For questions about this Notice, to exercise your privacy rights, or to report a concern about how your PHI has been handled, please contact our Privacy Officer. We will not retaliate against you for raising concerns or filing a complaint.
Privacy Officer Contact
Submit all HIPAA-related requests, rights exercises, and complaints to the Privacy Officer.
Attn: Privacy Officer
As soon as practicable for all others
๐๏ธ Filing a Complaint with HHS Office for Civil Rights
If your concern is not resolved after contacting us, you may file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR):
- Online: www.hhs.gov/ocr/complaints
- Phone: 1-800-368-1019 | TDD: 1-800-537-7697
- Fax: 202-619-3818
- Mail: Office for Civil Rights, U.S. Dept. of Health and Human Services, 200 Independence Ave S.W., Washington, D.C. 20201
We are prohibited by law from retaliating against you for filing a complaint with us or with the Office for Civil Rights.
