1. Purpose and Commitment
The Lounge at Healdsburg (“we,” “our,” “the Lounge”) is committed to protecting the privacy and confidentiality of our patients’ personal, medical, and financial information. We comply fully with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Confidentiality of Medical Information Act (CMIA), and applicable federal and state privacy regulations governing medical spas and healthcare entities.
2. Protected Health Information (PHI)
Protected Health Information (PHI) includes any information that identifies you and relates to your health condition, treatment, or payment. Examples include medical history, diagnoses, procedures, medications, photographs, contact information, and insurance data.
3. How We Use and Disclose Your Information
We use and disclose PHI only as permitted by law and primarily for treatment, payment, healthcare operations, and legal compliance. We do not sell, rent, or share patient information for marketing purposes.
4. Patient Rights
Patients have the right to access their medical records, request corrections, receive disclosure logs, request restrictions, and file privacy complaints without retaliation. Requests may be submitted to our Privacy Officer at privacy@theloungehealdsburg.com.
5. Employee and Contractor Responsibilities
All employees, nurses, and contractors are required to maintain strict confidentiality, access only the minimum necessary information, and comply with annual HIPAA training. Violations may result in disciplinary action or termination.
6. Data Security
We use secure EMR systems, encrypted communications, and password-protected access for PHI. Physical records are stored in locked areas, and all data destruction follows secure protocols.
7. Telehealth and Electronic Communication
Telehealth services are provided via encrypted, HIPAA-compliant platforms. Email or text messages are limited to appointment coordination unless authorized otherwise.
8. California Consumer Privacy Act (CCPA) Notice
Non-medical personal information collected by The Lounge is subject to CCPA protections. Patients have the right to know, delete, or opt out of non-medical data collection. Contact privacy@theloungehealdsburg.com to exercise these rights.
9. Updates to This Policy
This Privacy Policy may be updated periodically to reflect regulatory or operational changes. The most current version will be available in our office and on our website.
10. Contact Information
Privacy Officer
The Lounge at Healdsburg – Aesthetics, Hydration & Wellness
Healdsburg, California 95448
Email: privacy@theloungehealdsburg.com