top of page

Privacy Policy

Information Collection & Use

HIPAA Compliance Notice

Precision Primary Care & Wellness is a HIPAA-covered entity and complies with all federal HIPAA Privacy and Security Rules and Indiana health information privacy laws (IC Title 16, Article 39). This Privacy Policy describes how we collect, use, and protect your health information.

Information We Collect

Protected Health Information (PHI):

  • Personal identifiers (name, address, phone, email, date of birth, Social Security number)

  • Medical history, current conditions, and medications

  • Laboratory test results and genetic information

  • Treatment records, clinical notes, and provider communications

  • Billing and payment information

  • Insurance information (if provided for superbills)

Website Usage Information:

  • IP address, browser type, and device information

  • Pages visited, time spent, and click patterns

  • Booking and appointment data

  • Cookies for website functionality (you can disable cookies in browser settings)

How We Use Your Information

For Treatment: We use your PHI to provide, coordinate, and manage your medical care. This includes consultations, testing, lab work, genetic analysis, wellness services, and care coordination with other providers (with your authorization).

For Payment: We use your information to process payments, generate invoices, verify HSA/FSA eligibility, create superbills for insurance reimbursement, and maintain financial records.

For Healthcare Operations: We use your information for quality improvement, staff training, business planning, appointment scheduling, compliance audits, and responding to legal requirements.

How We Do NOT Use Your Information

  • We will NOT sell your information to third parties

  • We will NOT use your information for marketing without your authorization

  • We will NOT share your information on social media

  • We will NOT disclose your information except as described in this policy or required by law

Information Sharing & Disclosure

When We May Share Your Information

With Your Authorization: We share information with family members, caregivers, or other individuals only with your explicit written permission. You control who can access your health information.

Business Associates: We may share information with third-party service providers who assist us:

  • Laboratory testing companies (for processing blood work, genetic tests)

  • Payment processors (Square - HIPAA-compliant with signed BAA)

  • IT vendors (electronic health records, website hosting)

  • Medical billing services

All business associates sign HIPAA Business Associate Agreements and are required to protect your information.

Required by Law: We may disclose PHI when required by Indiana or federal law:

  • Public health reporting (communicable diseases, immunizations)

  • Law enforcement (with valid warrant, subpoena, or court order)

  • Child or elder abuse/neglect reporting

  • Workers' compensation claims

  • Coroners, medical examiners, or funeral directors

  • Organ donation organizations (if you're a donor)

To Prevent Harm: We may disclose information without your permission to prevent serious, imminent harm to you or others, or in medical emergencies as permitted by HIPAA.

Your Privacy Rights Under HIPAA

You have the right to:

Access: Request copies of your medical records (we'll respond within 30 days; small copying fee may apply)

Amendment: Request corrections to your records if you believe information is incorrect or incomplete

Accounting of Disclosures: Receive a list of when and why we shared your information (past 6 years)

Restrictions: Request limits on how we use or disclose your information (we'll consider your request but aren't required to agree)

Confidential Communications: Request we contact you in specific ways (e.g., home phone only, work email only)

Paper Copy of Notice: Receive our full Notice of Privacy Practices at any time

Complaint: File a complaint if you believe your privacy rights were violated:

No Retaliation: You will not be retaliated against for filing a complaint or exercising your rights.

Data Security & Your Choices

How We Protect Your Information

Physical Security:

  • Secure facility with restricted access and visitor sign-in

  • Locked filing cabinets for paper records

  • Security cameras and alarm systems

  • Clean desk policy (no PHI left unattended)

Technical Security:

  • Encrypted electronic health records (256-bit encryption)

  • Password-protected systems with automatic log-off

  • Secure, HIPAA-compliant payment processing (Square with BAA)

  • Regular software security updates and patches

  • Firewall and antivirus protection

  • Secure backup systems

Administrative Security:

  • Annual HIPAA training for all staff members

  • Signed confidentiality agreements

  • Role-based access controls (staff can only access information needed for their job)

  • Regular security risk assessments

  • Written policies and procedures

  • Incident response and breach notification plan

Data Retention

  • Medical records: Retained for 7 years from last visit (Indiana law requirement)

  • Payment records: Retained for 6 years (IRS requirement)

  • After retention period, records are securely destroyed (shredded or digitally wiped)

Breach Notification

In the unlikely event of a data breach affecting your information, we will:

  • Notify you within 60 days as required by HIPAA

  • Provide details about what information was affected

  • Explain steps we're taking to prevent future breaches

  • Offer resources to protect yourself (e.g., credit monitoring if financial data affected)

Your Choices & Controls

Website Cookies: Our website uses only essential cookies for booking functionality. We don't use tracking or advertising cookies. You can disable cookies in your browser, but this may limit website features.

Marketing Communications: We may send appointment reminders, health tips, or clinic updates via email or text. You can opt out at any time by:

  • Clicking "unsubscribe" in emails

  • Replying STOP to text messages

  • Contacting us at [your email]

Patient Portal: Access to our patient portal is optional but recommended. You control your login credentials and can deactivate your account anytime.

Children's Privacy

Our services are intended for adults 18+ or minors with parental consent. We comply with Indiana parental consent laws. Parents/guardians have the right to access their minor child's records.

Changes to This Policy

We may update this Privacy Policy to reflect changes in law or our practices. Material changes will be:

  • Posted on our website 30 days before taking effect

  • Emailed to active patients

  • Available in printed form at our office

Privacy Officer Contact

For privacy questions, to exercise your rights, or to file a complaint:

Privacy Officer: Seneque Milien 

Email: precision@precisionpcw.com

Phone: 317-642-0211 Address: 8402 E 116th St, Fishers, IN 46038

Office Hours: per website

This Privacy Policy is effective as of 12/25/25 and complies with:

  • HIPAA Privacy Rule (45 CFR Part 164)

  • HIPAA Security Rule (45 CFR Part 164)

  • Indiana health information privacy laws (IC Title 16, Article 39)

  • Indiana Consumer Data Protection Act

Last Updated: 12/27/25

bottom of page