HealtrixBack

HIPAA Notice of Privacy Practices

Last updated: March 26, 2026

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1. Our Commitment to Your Privacy

At Healtrix, we are committed to maintaining the privacy of your Protected Health Information (PHI). PHI is any information about your physical or mental health, healthcare provision, or payment that identifies you. This notice describes our legal duties and privacy practices regarding your PHI.

2. How We May Use and Disclose Your Health Information

We may use or disclose your health information for the following purposes:

  • Treatment: We use your questionnaire responses (PHQ-9, GAD-7, etc.) and scores to assess your health status and coordinate your clinical care.
  • Healthcare Operations: We use your information to operate our portal efficiently, improve the quality of our clinical services, and conduct internal business management.
  • Legal Requirements: We may disclose information when required by law, such as to respond to a court order or to report public health risks.
  • De-Identified Data: We may use de-identified information for research purposes, ensuring that the data can no longer be linked back to you.

3. Your Rights Regarding Your PHI

You have the following rights regarding the health information we maintain about you:

  • Right to Inspect and Copy: You have the right to access and receive a copy of your clinical records.
  • Right to Amend: If you feel the health information we have about you is incorrect or incomplete, you may ask us to amend it.
  • Right to an Accounting of Disclosures: You may request a list of certain disclosures we have made of your PHI.
  • Right to Request Restrictions: You have the right to request a limit on the health information we use or disclose about you.
  • Right to Confidential Communications: You have the right to request that we communicate with you about health matters in a certain way or at a certain location.

4. Safeguards and Security

We have implemented comprehensive administrative, technical, and physical safeguards to ensure the confidentiality, integrity, and availability of your electronic PHI:

  • End-to-End Encryption: All data is encrypted in transit and at rest.
  • Audit Trails: We maintain detailed logs of all access to health data to prevent and detect unauthorized use.
  • Multi-Factor Authentication: We use secure authentication methods to verify identity before granting access.
  • Business Associate Agreements: We ensure all third-party partners (e.g., Vercel, Neon) comply with HIPAA security standards.

5. Breach Notification

In the event of a breach of your unsecured health information, we are required by law to notify you without unreasonable delay and in no case later than 60 days following the discovery of the breach.

6. Filing a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the Department of Health and Human Services (HHS). You will not be penalized for filing a complaint.

7. Contact Information

For any questions regarding this notice or your privacy rights, please contact:

Privacy Officer
Healtrix
Email: privacy@healtrix.clinic