Biohack Wellness Medical Clinic
Effective Date: September 22, 2025
Last Updated: September 22, 2025
1. INTRODUCTION
Biohack Wellness Medical Clinic (“we,” “us,” “our,” or “Company”) is committed to protecting your privacy and maintaining the confidentiality of your personal health information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our mobile application (“App”) and receive our medical services.
As a healthcare provider, we are required to comply with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable privacy laws. This policy should be read in conjunction with our HIPAA Notice of Privacy Practices.
2. INFORMATION WE COLLECT
Personal Information:
• Full name, date of birth, address, phone number, email address
• Social Security Number (for insurance verification and billing purposes)
• Emergency contact information
• Government-issued identification
Health Information (Protected Health Information – PHI):
• Medical history, symptoms, diagnoses, and treatment plans
• Prescription and medication information
• Laboratory results and test outcomes
• Appointment records and clinical notes
• Biometric data and health assessments
• Treatment preferences and health goals
Insurance Information:
• Insurance carrier and policy details
• Insurance card images (front and back)
• Coverage verification data
• Billing and payment information
• Claims and authorization records
Technical Information:
• Device identifiers, IP addresses, operating system
• App usage data and analytics
• Location data (if location services are enabled)
• Push notification preferences
3. HOW WE USE YOUR INFORMATION
We use your information for the following purposes:
Treatment:
• Providing medical care and wellness services
• Coordinating care with other healthcare providers
• Managing appointments and treatment plans
• Monitoring health progress and outcomes
Payment:
• Processing insurance claims and verifications
• Billing for services rendered
• Managing payment plans and financial assistance
• Fraud prevention and detection
Healthcare Operations:
• Quality assurance and improvement
• Staff training and competency assessment
• Compliance monitoring and auditing
• Business analytics and operational efficiency
Legal and Regulatory Compliance:
• Meeting HIPAA and other healthcare regulations
• Responding to legal processes and government requests
• Maintaining required medical records
• Reporting as required by law
4. INFORMATION SHARING AND DISCLOSURE
We may share your information in the following circumstances:
With Your Authorization:
• When you provide written consent
• For purposes you specifically approve
Without Your Authorization (as permitted by law):
• Treatment: With healthcare providers involved in your care
• Payment: With insurance companies, billing services, and collection agencies
• Healthcare Operations: With business associates and service providers
• Legal Requirements: When required by law, court orders, or regulatory agencies
• Public Health: For disease prevention, reporting, and public safety
• Emergency Situations: To prevent serious harm to you or others
Business Associates:
We may share information with third-party service providers who assist with:
• Insurance verification and billing services
• Cloud storage and data hosting
• App development and technical support
• Analytics and quality improvement services
All business associates sign HIPAA-compliant agreements to protect your information.
5. DATA SECURITY AND PROTECTION
We implement comprehensive security measures to protect your information:
Technical Safeguards:
• End-to-end encryption for data transmission
• Secure data storage with encryption at rest
• Multi-factor authentication for access
• Regular security audits and vulnerability assessments
• Secure API connections and data protocols
Administrative Safeguards:
• HIPAA compliance training for all staff
• Access controls based on job responsibilities
• Regular privacy and security policy updates
• Incident response and breach notification procedures
• Background checks for employees with access to PHI
Physical Safeguards:
• Secure facilities with controlled access
• Encrypted devices and secure workstations
• Proper disposal of devices and media
• Environmental controls and monitoring
6. YOUR PRIVACY RIGHTS
Under HIPAA and applicable privacy laws, you have the right to:
Access:
• Request copies of your health information
• Review your medical records
• Obtain an accounting of disclosures
Amendment:
• Request corrections to your health information
• Add statements to your medical record
Restriction:
• Request limits on how we use or share your information
• Opt-out of certain communications
Confidential Communications:
• Request communications through alternative means
• Specify preferred contact methods
Portability:
• Obtain your health information in electronic format
• Direct transmission to another healthcare provider
Complaints:
• File complaints about our privacy practices
• Contact the Department of Health and Human Services
7. MOBILE APP SPECIFIC PROVISIONS
Device Permissions:
Our app may request access to:
• Camera (for insurance card scanning and document upload)
• Photo library (for uploading health-related images)
• Location services (for appointment reminders and clinic directions)
• Push notifications (for appointment and health reminders)
• Contacts (for emergency contact information)
Data Storage:
• Sensitive data is encrypted and stored securely
• Local device storage is minimized and encrypted
• Cloud storage complies with HIPAA requirements
• Data backups are encrypted and access-controlled
Third-Party Integrations:
• Insurance verification services
• Payment processing platforms
• Appointment scheduling systems
• Health monitoring device integrations
8. CHILDREN’S PRIVACY
Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13 without parental consent. For patients aged 13-17, we obtain appropriate consent as required by law.
9. INTERNATIONAL DATA TRANSFERS
Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with applicable privacy laws.
10. DATA RETENTION
We retain your information as required by:
• HIPAA and healthcare regulations (minimum 6 years)
• State medical record retention laws
• Legal and regulatory requirements
• Legitimate business purposes
When information is no longer needed, it is securely destroyed according to our data retention policy.
11. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy to reflect changes in our practices or applicable laws. We will notify you of material changes through:
• App notifications
• Email communications
• Posted notices in our clinic
• Updates to our website
12. CONTACT INFORMATION
For questions about this Privacy Policy or to exercise your privacy rights, contact:
Biohack Wellness Medical Clinic
Privacy Officer
9245 Sky Park Court, Suite 130
San Diego, California 92123
Email: contact@biohackwellnessclinic.com
Website: biohackwellness.com
HIPAA Complaints:
You may also file complaints with:
U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
Website: www.hhs.gov/ocr/privacy/hipaa/complaints/
13. EFFECTIVE DATE
This Privacy Policy is effective as of September 22, 2025 and applies to all information collected through our App and services.