HIPAA Notice of Privacy Practices

Simply U Medi Spa LLC (“Simply U MediSpa,” “we,” “us,” or “our”)
Effective Date: July 22, 2025

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1. Our Responsibilities

We are required by law to:

  • Maintain the privacy and security of your Protected Health Information (“PHI”);
  • Provide you with this Notice of our legal duties and privacy practices;
  • Follow the terms of the Notice currently in effect; and
  • Notify you promptly if a breach occurs that may have compromised the privacy or security of your PHI.

2. How We May Use and Disclose Your PHI Without Your Authorization

We typically use or share your PHI in the following ways, as permitted by HIPAA:

Treatment

We can use and share your PHI with other healthcare providers to treat you. For example, we may share information with a pharmacy, laboratory, or another specialist involved in your care.

Payment

We can use and disclose your PHI to bill and receive payment from you, your insurance company, or a third party. For example, we may share information to verify insurance coverage or obtain prior authorization.

Healthcare Operations

We can use and disclose your PHI to run our practice, improve your care, and contact you when necessary. Examples include quality assessment, staff training, licensing, and accreditation activities.

Business Associates

We may disclose PHI to third parties that perform services for us (e.g., billing, IT, telehealth platforms), provided they agree to safeguard your information as required by HIPAA.

3. Other Uses and Disclosures Allowed or Required by Law

We may disclose your PHI without your authorization in other situations, including:

  • Public Health & Safety: Preventing or controlling disease, reporting adverse events, product recalls.
  • Health Oversight Activities: Audits, inspections, investigations by government agencies.
  • Law Enforcement & Legal Proceedings: Responding to a court order, subpoena, or law enforcement request as permitted by law.
  • Research: Under limited circumstances and with required approvals/waivers.
  • Workers’ Compensation & Similar Programs: As authorized by law.
  • De-identified Information: We may use/disclose information that has been de-identified in accordance with HIPAA.
  • To Avert a Serious Threat: To reduce or prevent a serious threat to health or safety.
  • Specialized Government Functions: Military/veterans’ activities, national security, protective services.
  • Coroners, Medical Examiners, & Funeral Directors: To identify a deceased person or determine cause of death.
  • Organ & Tissue Donation: For organ/tissue procurement organizations.

We will disclose PHI when required by federal, state, or local law.

4. Uses and Disclosures Requiring Your Written Authorization

We will obtain your written authorization before we:

  • Use or disclose your PHI for most marketing purposes;
  • Sell your PHI;
  • Share psychotherapy notes (if any) except as permitted by law; or
  • Make any other use/disclosure not described in this Notice.

If you provide an authorization, you may revoke it at any time in writing. The revocation will not affect actions we already took based on your authorization.

5. Your Rights Regarding Your PHI

You have the following rights, subject to certain exceptions and requirements. To exercise these rights, contact us using the information in Section 9.

Right to Inspect and Obtain a Copy

You may request to see or get an electronic or paper copy of your medical record and other PHI we have about you. We will provide a copy or summary, usually within 30 days of your request. We may charge a reasonable cost-based fee.

Right to Request an Amendment

If you believe your record is incorrect or incomplete, you may request an amendment. We may deny your request in certain circumstances, but we will explain why in writing within 60 days.

Right to an Accounting of Disclosures

You may request a list of certain disclosures of your PHI made during the six years prior to your request date. The first list within a 12-month period is free; we may charge a reasonable fee for additional lists.

Right to Request Restrictions

You may ask us not to use or disclose certain PHI for treatment, payment, or healthcare operations. We are not required to agree, except when you pay in full out-of-pocket for a service and request that we not disclose information to your health plan about that service.

Right to Request Confidential Communications

You may request that we contact you in a specific way (e.g., home phone only) or send mail to a different address. We will accommodate reasonable requests.

Right to a Paper/Electronic Copy of This Notice

You can ask for a paper copy of this Notice at any time, even if you agreed to receive it electronically. You may also view it at: https://simplyuspa.com/hipaa-notice-of-privacy-practices

Right to File a Complaint

If you believe your privacy rights have been violated, you can file a complaint with us and/or with the U.S. Department of Health & Human Services Office for Civil Rights (OCR). We will not retaliate against you for filing a complaint.

6. Fundraising Communications

We may contact you for fundraising. You can opt out of receiving such communications at any time. Your decision will not impact your care.

7. Breach Notification

If a breach of your unsecured PHI occurs, we will notify you as required by law.

8. Changes to This Notice

We reserve the right to change the terms of this Notice and make the new Notice provisions effective for all PHI we maintain. When changes occur, we will post the updated Notice on our website and make it available upon request. The Effective Date at the top indicates when this Notice was last revised.

9. Contact Information

Privacy Officer – Simply U Medi Spa LLC
15750 New Hampshire Ct, Suite B
Fort Myers, FL 33908
Phone: 239-414-2200
Email: [email protected]

10. Acknowledgment of Receipt (For Office Use)

I acknowledge that I received a copy (electronic or paper) of Simply U Medi Spa LLC’s HIPAA Notice of Privacy Practices.

Signature: ________________________________    Date: _____________
Printed Name: _____________________________

This Notice is provided in accordance with 45 C.F.R. § 164.520. It is not intended as legal advice. Consult your attorney for specific guidance.