Privacy Policy

Naturae Wellness ("we," "our," or "us") is committed to protecting your privacy and maintaining the confidentiality of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with us.

This policy applies to all services provided by Naturae Wellness, including but not limited to:

• Healthcare consultations and treatments
• Telehealth and virtual care services
• Corporate wellness programs
• Preventive health screenings
• Mental health and counseling services
• Our website and online platforms

Personal Health Information (PHI)

We collect and maintain personal health information as necessary to provide healthcare services, including:

• Medical history and current health conditions
• Medications and allergies
• Treatment plans and progress notes
• Test results and diagnostic information
• Insurance and billing information
• Emergency contact information

Personal Information

We also collect personal information to facilitate our services:

• Name, address, phone number, and email address
• Date of birth and demographic information
• Employment information (for corporate wellness programs)
• Payment and billing information
• Communication preferences

Technical Information

When you use our website or digital services, we may collect:

• IP address and device information
• Browser type and version
• Usage patterns and preferences
• Cookies and similar tracking technologies
• Location data (with your consent)

We use your information for the following purposes:

Healthcare Services

• Providing medical care and treatment
• Coordinating care with other healthcare providers
• Maintaining medical records
• Scheduling appointments and follow-ups
• Prescription management
• Emergency medical situations

Administrative Purposes

• Processing payments and insurance claims
• Quality assurance and improvement
• Compliance with legal and regulatory requirements
• Internal audits and risk management
• Staff training and education

Communication

• Appointment reminders and health alerts
• Treatment updates and care instructions
• Health education and wellness tips
• Service announcements and updates
• Response to inquiries and support requests

We may share your information in the following circumstances:

With Your Consent

We will share your information when you have given us explicit consent to do so.

Healthcare Operations

• Other healthcare providers involved in your care
• Specialists and consultants
• Laboratories and diagnostic centers
• Pharmacies for prescription fulfillment
• Insurance companies for claims processing

Legal Requirements

• Court orders and legal proceedings
• Public health authorities
• Law enforcement (when required by law)
• Regulatory agencies and oversight bodies
• Workers' compensation programs

Business Associates

We may share information with third-party service providers who assist us in our operations, including:

• IT support and cloud storage providers
• Billing and payment processors
• Legal and accounting services
• Marketing and communication platforms

All business associates are required to sign agreements ensuring they protect your information according to HIPAA standards.

Under HIPAA, you have specific rights regarding your protected health information (PHI):

Your HIPAA Rights

• Right to Access: You can request copies of your medical records
• Right to Amend: You can request corrections to your medical records
• Right to Restrict: You can request limits on how we use or share your information
• Right to Confidential Communications: You can request we contact you in a specific way
• Right to an Accounting: You can request a list of disclosures we've made
• Right to File a Complaint: You can file complaints about our privacy practices

Notice of Privacy Practices

We provide a separate Notice of Privacy Practices that details how we use and disclose your health information. This notice is available:

• At our office reception desk
• On our website
• Upon request by calling our office
• During your first visit

We implement comprehensive security measures to protect your information:

Technical Safeguards

• 256-bit SSL encryption for data transmission
• Advanced firewall and intrusion detection systems
• Regular security audits and vulnerability assessments
• Secure cloud storage with redundant backups
• Multi-factor authentication for staff access
• Automatic session timeouts

Physical Safeguards

• Secure facilities with controlled access
• Locked filing cabinets for paper records
• Security cameras and alarm systems
• Secure disposal of confidential information
• Clean desk policy

Administrative Safeguards

• Regular staff training on privacy and security
• Role-based access controls
• Incident response procedures
• Business associate agreements
• Regular policy reviews and updates

You have the following rights regarding your personal information:

We use cookies and similar technologies to enhance your experience on our website:

Types of Cookies We Use

• Essential Cookies: Required for website functionality
• Performance Cookies: Help us understand how visitors use our site
• Functional Cookies: Remember your preferences and settings
• Marketing Cookies: Used to deliver relevant advertisements (with consent)

Managing Cookies

You can control cookies through:

• Your browser settings
• Our cookie consent banner
• Third-party opt-out tools
• Privacy settings on your device

We work with trusted third-party services to provide our healthcare services:

Healthcare Partners

• Electronic Health Record (EHR) systems
• Laboratory and diagnostic services
• Pharmacy networks
• Telehealth platforms
• Medical device manufacturers

Technology Providers

• Cloud hosting services (HIPAA-compliant)
• Payment processors
• Communication platforms
• Analytics and monitoring tools
• Security services

All third-party services are carefully vetted and required to maintain appropriate privacy and security standards. We have business associate agreements with all healthcare-related third parties.

We retain your information for different periods based on the type of information and legal requirements:

Medical Records

• Adult patients: 7 years after last treatment
• Minor patients: Until age 25 or 7 years, whichever is longer
• Mental health records: 7 years after last treatment
• Immunization records: Permanently

Administrative Records

• Billing and insurance: 7 years
• Appointment records: 3 years
• Marketing communications: Until opt-out
• Website analytics: 2 years

Secure Disposal

When retention periods expire, we securely dispose of information using:

• Secure shredding for paper records
• Cryptographic erasure for electronic data
• Physical destruction of storage media
• Certificate of destruction documentation

We are committed to protecting the privacy of children and comply with the Children's Online Privacy Protection Act (COPPA):

Children Under 13

• We do not knowingly collect personal information from children under 13 without parental consent
• Parents can review, modify, or delete their child's information
• We limit collection to information necessary for healthcare services
• Special protections apply to sensitive health information

Adolescent Patients (13-17)

• We respect adolescent privacy rights under state and federal law
• Certain services may be provided without parental consent
• We follow state-specific requirements for adolescent healthcare
• Parents may have limited access to certain information

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

• Email notification to registered users
• Prominent notice on our website
• Posted notice in our office
• Direct mail for significant changes

Your Options

• Review changes before they take effect
• Contact us with questions or concerns
• Opt-out of non-essential services if desired
• Request a copy of the previous policy

Continued use of our services after policy changes indicates your acceptance of the updated terms.

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Filing Complaints

You also have the right to file a complaint with:

• U.S. Department of Health and Human Services: www.hhs.gov/ocr/privacy/
• California Department of Public Health: www.cdph.ca.gov
• California Attorney General: oag.ca.gov