⚕ Legal

HIPAA Notice of
Privacy Practices

This notice describes how medical information about you may be used and disclosed, and how you can access this information.

📅 Effective Date: June 1, 2026 🔄 Last Revised: June 1, 2026

⚠ THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1 Introduction

FollowMyDoctor.com ("FollowMyDoctor," "we," "us," or "our") is a medical AI platform operated by United Valuecare, Inc. We are committed to protecting the privacy and security of your health information.

This Notice of Privacy Practices ("Notice") describes how we may use and disclose your Protected Health Information ("PHI") and your rights regarding that information. We are required by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and its implementing regulations to maintain the privacy of your PHI, to provide you with this Notice, and to notify you following a breach of your unsecured PHI.

2 What Is Protected Health Information (PHI)?

Protected Health Information includes information that:

  • Is created or received by FollowMyDoctor in the course of providing healthcare-related services;
  • Relates to your past, present, or future physical or mental health condition, the provision of healthcare to you, or the past, present, or future payment for healthcare;
  • Identifies you, or could reasonably be used to identify you.

PHI may include your name, address, date of birth, Social Security number, diagnosis, treatment records, clinical queries submitted through our platform, and any other individually identifiable health data.

3 How We May Use and Disclose Your PHI

3.1 For Treatment

We may use and disclose your PHI to provide, coordinate, or manage your healthcare and any related services. This includes sharing information with physicians, nurses, specialists, or other healthcare providers involved in your care.

3.2 For Payment

We may use and disclose your PHI so that treatment and services you receive may be billed and payment may be collected from you, an insurance company, or a third-party payer, including verifying insurance coverage or obtaining prior authorization.

3.3 For Healthcare Operations

We may use and disclose your PHI for our own healthcare operations, including:

  • Quality assessment and improvement activities;
  • Training and education of healthcare professionals;
  • Business planning, development, and management;
  • Customer service and complaint resolution;
  • Conducting or arranging for medical review and auditing functions;
  • Compliance with applicable laws and regulations.

3.4 As Required by Law

We may disclose your PHI when required to do so by federal, state, or local law, including disclosures to public health authorities, law enforcement officials, and oversight agencies as permitted under HIPAA.

3.5 For Research

We may use your de-identified health information or, with appropriate authorization or a waiver, your PHI for medical and clinical research purposes, subject to all applicable legal and ethical requirements.

3.6 Business Associates

We may share your PHI with third-party service providers ("Business Associates") who perform functions on our behalf, such as cloud hosting, data analytics, or technical support. All Business Associates are required by contract to safeguard your PHI in accordance with HIPAA.

3.7 Other Permitted Uses

  • To avert a serious threat to health or safety;
  • For organ donation purposes;
  • For workers' compensation or similar programs;
  • In response to a court order, subpoena, or discovery request;
  • For military, veterans' affairs, or national security activities as authorized by law.

4 Uses and Disclosures Requiring Your Authorization

Except as described in this Notice, we will not use or disclose your PHI without your written authorization. Uses requiring specific written authorization include:

  • Most uses and disclosures of psychotherapy notes;
  • Uses and disclosures of PHI for marketing purposes;
  • Sale of PHI;
  • Any other use or disclosure not described in this Notice.

You may revoke any authorization you provide to us at any time, in writing, except to the extent that we have already taken action in reliance on that authorization.

5 Your Rights Regarding Your PHI

🔍 Right to Access Your PHI

You have the right to inspect and obtain a copy of your PHI that we maintain in a designated record set. Requests must be made in writing. We will respond within 30 days and may charge a reasonable cost-based fee for providing copies.

✏️ Right to Request Amendment

If you believe your PHI is incorrect or incomplete, you may request an amendment in writing with a reason for the change. We may deny your request under certain circumstances.

📋 Right to an Accounting of Disclosures

You may request a list of certain disclosures of your PHI we have made, applicable to disclosures after April 14, 2003. This does not apply to disclosures for treatment, payment, or healthcare operations.

🔒 Right to Request Restrictions

You may request restrictions on use or disclosure of your PHI. We are not required to agree in most cases, but if we do, we will honor the restriction except in emergencies.

📬 Right to Request Confidential Communications

You may request that we contact you only at a specific location or by a specific method — for example, only at your work address or via encrypted email.

📄 Right to a Paper Copy of This Notice

Upon request, you have the right to receive a paper copy of this Notice even if you previously agreed to receive it electronically.

🔔 Right to Be Notified of a Breach

You will be notified without unreasonable delay and no later than 60 days following discovery of a breach of your unsecured PHI, as required by HIPAA.

6 Our Responsibilities

FollowMyDoctor is required to:

  • Maintain the privacy of your PHI;
  • Provide you with this Notice of our legal duties and privacy practices;
  • Abide by the terms of the Notice currently in effect;
  • Notify you following a breach of your unsecured PHI;
  • Not use or disclose your genetic information for underwriting purposes.

7 Security Safeguards

FollowMyDoctor employs administrative, physical, and technical safeguards to protect the confidentiality, integrity, and availability of your PHI:

🔐

End-to-End Encryption

AES-256 encryption at rest and TLS 1.3 in transit

🛡️

Zero Data Retention

Patient queries are not stored or logged on our servers

👤

Role-Based Access

PHI access restricted to authorized personnel only

📊

Audit Logging

All access to PHI is logged and regularly reviewed

SOC 2 Type II

Independently audited security controls and compliance

🔎

Regular Risk Assessments

Ongoing penetration testing and vulnerability scanning

8 Changes to This Notice

We reserve the right to change this Notice and to make the revised Notice effective for PHI we already maintain about you, as well as any PHI we receive in the future. We will post the current Notice on our website at www.FollowMyDoctor.com and will make the Notice available to you upon request.

9 Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the U.S. Department of Health and Human Services (HHS). You will not be penalized or retaliated against for filing a complaint.

To file a complaint with HHS, contact the Office for Civil Rights at www.hhs.gov/ocr/privacy or call 1-800-368-1019.

10 Contact Information

For questions about this Notice or to exercise your rights, please contact our Privacy Officer:

FollowMyDoctor Privacy Officer

FollowMyDoctor.com
A Division of United Valuecare, Inc.
Chantilly, VA & Rockville, MD

🌐 www.FollowMyDoctor.com
privacy@followmydoctor.com

U.S. Dept. of Health & Human Services

Office for Civil Rights
200 Independence Avenue SW
Washington, DC 20201

📞 1-800-368-1019
🌐 www.hhs.gov/ocr/privacy

Acknowledgment of Receipt

By using FollowMyDoctor.com, you acknowledge that you have received, read, and understood this Notice of Privacy Practices.

Return to FollowMyDoctor →