Welcome to the website located at www.wholebodyhealthmedical.com (collectively, the “Websites”), developed and operated by Colorado Medical Services LLC and Colorado Medical Management LLC dba Whole Body Health Medical (“Company”, “we”, “our”, or “us”). This Privacy Policy is intended to inform you about how Company collects, uses, and protects your personally identifiable information (“PII”) and other information in operating the Websites.
How do the Websites Work?
The Websites provide visitors (“Visitors”, “you” or “your”) who are at least eighteen (18) years of age access to our store and medical services. By using the Websites, you consent to the collection and use of your PII by Company as described herein. Company reserves the right to change how we handle the information we collect and process through the Websites at any time. We will update this Privacy Policy to reflect any changes, and such changes will take effect immediately once posted.
What type of PII does Company collect and
how do we use it?
For www.wholebodyhealthmedical.com:
In addition to the basic PII mentioned above, we may collect health-related information and other sensitive data necessary for providing medical services. This information is protected under the Health Insurance Portability and Accountability Act (HIPAA), and we maintain HIPAA compliance for all operations on this website. All patient records will be stored in a secure HIPAA-compliant system managed and hosted by Aesthetic Record EMR.
How do we use your PII?
Company may use your PII for the following purposes:
• Fulfilling orders and providing requested services
• Processing payments
• Communicating with you about your orders or services
• Marketing and promotional purposes
• Improving our Websites and services
• Complying with legal obligations
Company may provide your PII to entities who work on behalf of or with us. These entities may use your PII to help fulfill your requests in connection with the Websites. For instance, we may transfer information collected at checkout, including PII, to service providers and other third parties who assist us in billing and order fulfillment.
Marketing Communications
We may use your PII to send you promotional materials about our products and services. You may opt out of receiving marketing communications at any time by following the unsubscribe instructions included in each communication or by contacting us directly.
Under what other circumstances may we release PII?
We may also release your PII if we believe such release is necessary to:
• Comply with the law (e.g., a legal process or a statutory authorization)
• Apply or enforce our customer agreements
• Protect our rights or property
• Protect Visitors from fraudulent, abusive, or unlawful use of the Websites
• Address a situation where we reasonably believe that a danger to any person requires disclosure of such PII
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All the above categories exclude text messaging originator opt in data and consent; this information will not be shared with any third parties.
What other information does Company collect?
We also collect anonymous and aggregate information from you about your preferences in navigating the Websites by using cookies, action tags, and other methods. Cookies are small text files that identify your computer. We may use cookies to, among other things:
• Monitor Website usage
• Customize Website features
• Identify your computer’s operating system and browser
• Complete transactions
• Analyze website performance
In addition, we use third-party analytics tools such as Google Analytics and Shopify to help us understand how visitors use our Websites.
An action tag is a small, graphic image on a webpage that is designed to allow the website owner or a third party to monitor who is visiting a website by collecting the IP address of the computer to which the tag is sent, the URL of the webpage that the tag comes from, and the time that such webpage was viewed. Tags may be associated with cookie information.
We may use such anonymous and aggregate information for promotional and analytical purposes. If you do not want to be identified by us, you can set your browser to warn you before accepting cookies and refuse cookies when your browser alerts you to their presence. You can also adjust the settings in your browser to refuse all cookies.
How do we store information?
For www.wholebodyhealthmedical.com:
We maintain HIPAA compliance for all operations on this website, including appropriate administrative, technical, and physical safeguards to protect the privacy and security of your health information.
Please note that despite our efforts to safeguard information provided to us, we cannot guarantee that such information will not be disclosed or accessed by accidental circumstances or by the unauthorized acts of others.
For www.wholebodyhealthmedical.com and services provided by Colorado Medical Services LLC and Colorado Medical Management LLC dba Whole Body Health Medical (“Company,” “we,” “our,” or “us”):
NOTICE OF PRIVACY PRACTICES / PROTECTED HEALTH INFORMATION (PHI)
We understand the importance of protecting your medical information. This Notice describes how we may use and disclose your Protected Health Information (“PHI”), your rights regarding your PHI, and our legal duties under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).
Protected Health Information includes information about your health condition, medical treatment, prescriptions, payment for healthcare services, laboratory testing, telehealth visits, and identifying information connected to your healthcare.
How We May Use and Disclose PHI
We may use and disclose your PHI for purposes including, but not limited to:
Treatment
We may use and disclose PHI to provide, coordinate, or manage your healthcare and related services. This includes communications between providers, pharmacies, laboratories, telehealth providers, medical assistants, and other healthcare personnel involved in your care.
Payment
We may use and disclose PHI to obtain payment for healthcare services provided to you, including billing, payment processing, collections, claims management, and verification of eligibility or benefits where applicable.
Healthcare Operations
We may use and disclose PHI for healthcare operations, including quality assessment, training, licensing, credentialing, auditing, compliance activities, fraud prevention, business management, customer service, and administrative operations.
Telehealth and Electronic Communications
We may use electronic systems, including HIPAA-compliant telehealth platforms, electronic medical records, email, SMS/text messaging, and patient portals to communicate with you regarding your care, appointments, prescriptions, laboratory services, and treatment recommendations.
Business Associates and Service Providers
We may disclose PHI to third-party service providers or business associates who perform services on our behalf, including electronic medical record providers, laboratories, pharmacies, payment processors, telehealth platforms, and technology vendors. These parties are contractually required to protect your PHI in compliance with HIPAA.
Legal and Regulatory Requirements
We may disclose PHI when required by federal, state, or local law, court order, subpoena, public health authority, law enforcement request, licensing board inquiry, or other legal process.
Public Health and Safety
We may disclose PHI to prevent or lessen a serious threat to health or safety, report adverse drug reactions, comply with FDA requirements, or respond to public health investigations.
Appointment Reminders and Service Communications
We may contact you regarding appointments, follow-up care, prescription information, treatment options, wellness services, or healthcare-related benefits and services that may be of interest to you.
Your Rights Regarding PHI
You have the following rights regarding your Protected Health Information:
Right to Access and Obtain Copies
You have the right to inspect and request a copy of your medical records and PHI maintained by us, subject to limited legal exceptions.
Right to Request Amendments
You may request that we amend or correct your PHI if you believe the information is inaccurate or incomplete.
Right to Request Restrictions
You may request restrictions on certain uses or disclosures of your PHI. While we are not required to agree to all requested restrictions, we will comply when required by law.
Right to Confidential Communications
You may request that we communicate with you through alternative means or at alternative locations.
Right to Receive an Accounting of Disclosures
You may request a list of certain disclosures of your PHI made by us, as permitted under HIPAA.
Right to Receive a Copy of This Notice
You have the right to receive a paper or electronic copy of this Notice of Privacy Practices at any time.
Right to Revoke Authorization
Where disclosure is based upon your authorization, you may revoke that authorization in writing at any time, except to the extent action has already been taken in reliance on the authorization.
How to Exercise Your Rights
To exercise any of your rights regarding your PHI, please contact us using the information below:
Email: support@wholebodyhealthmedical.com
Phone: 720-681-6190
We may require identity verification before processing requests related to PHI.
Complaints
If you believe your privacy rights have been violated, you may file a complaint with us by contacting:
Privacy Officer
Whole Body Health Medical
Email: support@wholebodyhealthmedical.com
Phone: 720-681-6190
You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.
Our Legal Duties
We are required by law to:
- Maintain the privacy and security of your Protected Health Information
- Provide you with this Notice of Privacy Practices
- Notify you following a breach of unsecured PHI when required by law
- Follow the terms of the Notice currently in effect
- Comply with all applicable federal and Colorado privacy and healthcare laws
We maintain administrative, technical, and physical safeguards designed to protect the confidentiality, integrity, and security of PHI, including the use of HIPAA-compliant systems and vendors where applicable.
Medical Record Retention
Medical records and PHI are retained in accordance with applicable federal and Colorado law and regulatory requirements.
Changes to This Notice
We reserve the right to modify this Notice of Privacy Practices at any time. Updated versions will be posted on our website and become effective upon posting.
Data Retention
We retain your PII for as long as required by federal and/or Colorado law, whichever retention period is longer. This includes:
• Information related to transactions: minimum of 7 years for tax purposes
• Medical records: as required by applicable state and federal health information regulations
• Account information: as long as your account is active or as needed to provide services
International Users
Our services are intended for users located within the United States only. We do not sell products internationally and do not specifically market to individuals outside the United States.
Policies Regarding Children
You must be eighteen (18) years of age or older to use our Websites, create an account, make purchases, or receive services from us. We do not knowingly collect personal information from individuals under 18 years of age.
Your Rights Regarding Your Information
For www.wholebodyhealthmedical.com:
Customers can update personal information stored on this website by logging into their profile. You may request access to, correction of, or deletion of your personal information by contacting us using the information provided below.
California Residents:
If you are a California resident, you may have additional rights under the California Consumer Privacy Act (CCPA)/California Privacy Rights Act (CPRA) regarding your personal information.
Contact Information
If you wish to remove PII that you have submitted to Company, or if you have questions or concerns about any of our information collection or handling practices, please contact us:
Email: support@wholebodyhealthmedical.com
Updates to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. The date at the top of this Privacy Policy indicates when it was last updated.