Skip to main content

Privacy Policy

Effective Date: Oct 21, 2025
Last Updated: Oct 21, 2025

At Azalea Wellness for Your Best Life (“we,” “us,” “our”), your privacy and the security of your personal and health information are our highest priorities. This Privacy Policy explains how we collect, use, disclose, protect, and manage your information when you visit our website at https://www.azaleawellnessforyourbestlife.com (the “Website”), schedule appointments, receive medical care, participate in wellness programs, or interact with us through email, phone, patient portals, or other communication channels.

By using our Website or Services, you consent to the practices described in this Privacy Policy and our Notice of Privacy Practices (NPP), which is incorporated herein by reference. If you do not agree with these terms, please do not access or use our Services.

We are committed to protecting your confidentiality in accordance with:

  • The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • The Health Information Technology for Economic and Clinical Health Act (HITECH)
  • Florida State Law (e.g., Chapter 381, Patient Privacy Rights)
  • General data protection principles
  1. Information We Collect

To provide high-quality, personalized healthcare and operational support, we may collect several types of information from you.

Personal Identifiable Information (PII)

This includes any data that can be used to identify you directly. Examples include your full name, date of birth, gender identity, contact details such as email address, phone number, and mailing address, government-issued identification (such as a driver’s license for identity verification), and emergency contact information.

Protected Health Information (PHI)

As defined by HIPAA, PHI refers to any information related to your past, present, or future physical or mental health condition, the provision of healthcare services, or payment for those services. This may include your medical history, symptoms, diagnoses, treatment plans, laboratory results, imaging reports, medication lists, allergies, vital signs such as weight and blood pressure, progress notes from provider visits, and audio or video recordings of telehealth sessions if recorded with your prior consent.

Financial and Insurance Information

We collect necessary billing and payment details to process fees and manage insurance claims. This includes credit card numbers and billing addresses, handled securely through PCI-compliant payment processors, as well as insurance provider names, policy numbers, and claims-related documentation.

Technical and Usage Data

When you access our website or digital platforms, we automatically gather non-personally identifiable technical information. This includes your IP address, device type (such as smartphone, tablet, or computer), browser and operating system versions, pages viewed, time spent on site, click patterns, and referral sources (for example, whether you arrived via Google or social media). This data helps us improve website performance and user experience.

User-Generated Content

We also collect information you voluntarily submit, including secure messages through our patient portal, completed health intake forms, voice notes, photos (such as images of skin conditions), videos uploaded for clinical evaluation, and feedback from surveys or reviews.

  1. How We Use Your Information

We use your information solely for legitimate healthcare and administrative purposes essential to delivering safe, effective, and compliant care.

Your information is used to diagnose and treat medical conditions, prescribe medications, manage chronic diseases such as hormonal imbalances or obesity, and conduct virtual or in-person consultations. It allows us to coordinate your care with laboratories, pharmacies, and other providers involved in your treatment plan when authorized.

We communicate with you via email, text, or secure messaging to send appointment reminders, follow-up instructions, educational resources, and responses to your inquiries. All communications involving protected health information are sent through encrypted, secure channels.

For financial operations, we use your information to process payments, submit insurance claims, issue invoices, and resolve billing disputes. We may also use de-identified or aggregated data internally to monitor treatment outcomes, refine clinical protocols, train staff, and enhance service quality, all without linking data back to individual patients.

Additionally, we analyze website usage trends to improve functionality, prevent fraud, and ensure a seamless online experience. None of this information is sold or shared with third parties for advertising or marketing purposes.

  1. How We Protect Your Information

Safeguarding your personal and health information is a top priority. We implement strong administrative, technical, and physical protections designed to prevent unauthorized access, disclosure, alteration, or destruction of your data.

All information transmitted between your device and our systems is encrypted using industry-standard TLS/SSL protocols. Telehealth visits occur exclusively on HIPAA-compliant platforms such as Doxy.me, Zoom for Healthcare, or Jane App, which offer end-to-end encryption and secure data handling.

Access to your electronic health record is strictly limited to authorized personnel only, such as your provider, nursing staff, or billing specialists, based on their role in your care. Each team member uses unique login credentials and multi-factor authentication to access internal systems.

We maintain detailed audit logs that track who access your records and when. Our electronic health record (EHR) system is hosted by a trusted vendor that complies with HIPAA regulations and undergoes regular security assessments and penetration testing.

All employees and contractors receive annual training on HIPAA compliance, patient privacy, and cybersecurity best practices. Third-party vendors who handle your information, such as EHR providers, payment processors, labs, and pharmacies, are required to sign Business Associate Agreements (BAAs) that legally bind them to uphold the same level of privacy and security.

While we take every precaution possible, no method of transmitting data over the internet or storing it electronically is completely foolproof. We cannot guarantee absolute security, particularly given risks like phishing attacks or compromised personal devices. However, we respond promptly to any suspected breaches in accordance with legal requirements.

  1. When We Disclose Your Information

We only share your information under specific circumstances permitted by law and ethics.

With your written or electronic authorization, we may disclose your information to family members, caregivers, or other healthcare providers you designate, for example, to coordinate ongoing care or involve loved ones in your wellness journey.

Under HIPAA, we are allowed to share your protected health information without additional authorization for Treatment, Payment, and Healthcare Operations (TPO). This includes sending lab orders to diagnostic facilities like Quest Diagnostics or Labcorp, transmitting prescriptions to specialty pharmacies such as Alto Pharmacy or Kugler Health, submitting claims to your insurance company, or consulting with clinical peers to ensure optimal care.

We may also disclose information when required by law, such as responding to a valid court order, subpoena, or investigation by law enforcement. In cases involving suspected abuse, neglect, or threats to public health (such as communicable disease reporting), we are obligated to report to appropriate authorities.

If there is an immediate threat to your safety or someone else’s, we may share necessary information with first responders, hospitals, or close contacts to prevent harm.

In rare instances, such as if our practice is sold, merged, or transferred, your information may be included among the assets passed to the new owner. Any such transfer would occur under strict confidentiality agreements and in compliance with HIPAA.

We never sell, rent, lease, or trade your personal or health information to marketers, advertisers, or data brokers.

  1. Cookies and Tracking Technologies

Our Website uses cookies and similar tracking technologies to enhance your browsing experience, analyze traffic patterns, and optimize site performance.

Essential cookies are necessary for basic functions such as logging in, completing forms, or processing payments. These cannot be disabled without affecting core functionality.

Performance cookies help us understand how visitors use our site, for instance, which pages are most popular or where users encounter errors. This data is collected anonymously through tools like Google Analytics and does not identify individuals.

Functional cookies allow the site to remember preferences such as language or region settings. You may disable non-essential cookies through your browser settings at any time.

We do not use advertising cookies or engage in behavioral tracking across websites. We do not partner with third-party ad networks or collect data for targeted marketing purposes.

You have full control over cookie preferences via your web browser. However, disabling certain cookies may limit your ability to use parts of our Website effectively.

  1. Children’s Privacy

Our Services are intended for adults aged 18 years and older. We do not knowingly collect personal information from children under the age of 18. If we discover that a minor has submitted information without proper parental consent, we will promptly delete the data from our systems.

Parents or guardians seeking care for dependent minors must register on their behalf and provide formal authorization during the intake process.

  1. Your Privacy Rights

Under HIPAA and applicable state laws, including Florida statutes, you have important rights regarding your health information. You may exercise these rights at any time by contacting us via email or phone.

You have the right to inspect and obtain a copy of your medical records in electronic or paper format. Requests are typically fulfilled within 30 days, with one possible 30-day extension if justified.

If you believe any information in your record is inaccurate or incomplete, you may request an amendment. While we are not always required to make the change, we must document your request and our response.

You may ask for a list of certain disclosures of your PHI made by us over the past six years, excluding those made for treatment, payment, or healthcare operations, or where you previously authorized the disclosure.

You can request restrictions on how your information is used or disclosed, such as asking that we only contact you by email, but we are not obligated to agree unless the restriction involves a disclosure to a health plan for services paid out-of-pocket in full.

You also have the right to request confidential communications, such as receiving notices at an alternative email or phone number.

At any time, you may request a paper copy of this Privacy Policy or our Notice of Privacy Practices. You may also revoke prior authorizations to disclose your information, though revocation does not apply to actions already taken.

To protect your identity, we may require verification before fulfilling requests involving sensitive data.

  1. Retention of Information

We retain your personal and health information for as long as necessary to fulfill the purposes outlined in this policy, meet legal obligations, resolve disputes, and enforce agreements.

In accordance with Florida law, adult medical records must be retained for at least seven years from the date of your last service. For pediatric patients, records are kept until the patient reaches the age of 19, plus an additional seven years.

After the required retention period ends, your information is either securely destroyed or de-identified so it can no longer be linked to you.

  1. International Data Transfers

All data collected through our Website and Services is stored and processed entirely within the United States. We do not transfer personal or health information to servers or entities located outside the U.S.

  1. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. When we make updates, we will revise the “Last Updated” date at the top of this page.

If changes significantly affect your rights or how we handle your data, we will notify registered patients via email and post a prominent notice on our Website. Your continued use of our Services after the updated policy takes effect constitutes your acceptance of the revised terms.

We encourage you to review this page regularly to stay informed about how we protect your privacy.

  1. Contact Us

If you have questions about this Privacy Policy, wish to exercise your privacy rights, or want to report a concern about the handling of your information, please contact:

Azalea Wellness for Your Best Life
Attn: Privacy Officer
Email: info@azaleawellnessforyourbestlife.com
Phone:
Mailing Address:

  1. Notice of Privacy Practices (NPP) Acknowledgment

As required by federal law, all new patients must review and sign a separate Notice of Privacy Practices form during onboarding. This document outlines in detail how your health information may be used and disclosed, and confirms your understanding of your rights.

Electronic acknowledgment is documented in your patient record and maintained for compliance purposes.

Thank you for trusting Azalea Wellness with your health journey.

We are dedicated to safeguarding your privacy so you can focus on feeling and living your best life.