Last updated: November 15, 2018
State laws and US federal law govern how MISTR, Inc., A Florida Professional Corporation, (collectively ‘we’/’us’) can use and disclose health information that ‘individually identifies’ you. This information is called ‘protected health information’ or ‘PHI’. We collect PHI when you use our App and Website and when you communicate with us. State law and US federal law specify the rights you have over your PHI.
If you have any questions, please send us a message through the App or Website or call us at 747.322.0060 during business hours, Monday to Friday. Our normal business hours are 9:00am to 5:00pm Pacific Time Monday to Friday.
How We Use And Disclose Your PHI
We use and disclose your PHI to provide you with care, to run our healthcare operations, to take payment and to comply with state and US federal regulations. We implement a range of technical, administrative and physical safeguards to protect your PHI.
We use your email address to send you a range of different types of emails, including but not limited to emails that update you as to the status of your request for a prescription or laboratory test, to send you emails that alert you that there is a message waiting for you in the App or Website, to send you emails asking for feedback on your experience of using the service, and to send you emails to notify you that you may be due for a refill. We will send you marketing emails to notify you of the services we provide. We will share your email with a third party email marketing platform to enable us to send you emails.
We use your telephone number to call you if we have any questions, to leave you voice messages if you don’t answer the telephone when we call you, and to call you to ask for feedback on your experience of using the service. We also use your telephone number to send you SMS/text message notifications. If you ask us to organize for a third party pharmacy to mail your medicines, we may telephone you to take payment on behalf of the pharmacy.
To provide treatment and to run our healthcare operations and to take payment we share your PHI with selected organizations that provide us with services.
As examples, we share your PHI with organizations that help us run and maintain the technology and security infrastructure that supports the App and Website and the care we provide. We also may share your health information with medical staff who help ensure that we are providing a service that meets the appropriate standard of care.
We share your PHI and card details with our trusted online payment processors. If you choose to save your payment details to make future payments easier, our trusted payment provider will store them on our behalf. Furthermore, if you request delivery of your medicines by mail from a third party pharmacy then our trusted payment processor will always store your card details to make future payments more convenient.
We share your PHI with the pharmacy if we give you a prescription and with intermediaries who enable us to send prescriptions electronically. If you request that we organize for a third party mail order pharmacy to deliver your medicines, then we will share your PHI with the pharmacy.
If we order laboratory tests for you then we share your PHI with the lab company that runs the tests. If a laboratory test we order for you finds a ‘reportable’ infection we may be required by law to share your PHI to your county health department.
If you give us your insurance plan details and request that we organize for a third party mail order pharmacy to deliver your medicines, we’ll share your insurance details with the pharmacy.
We share your telephone number with the company that helps us send SMS/text messages. If we need to telephone you then we share your telephone number with our telecommunication provider.
We store information you provide us with whether you complete a visit or whether you do not complete a visit. We take the same precautions over your data regardless of whether you complete a visit.
We do not record video visits between our patients and our doctors. We may, however, capture a still image from the video and store that image in your medical record.
We may use your PHI to tell you about health-related products and services.
We may share your PHI with a third party if we merge, are acquired or undergo an asset sale.
Owing to federal and state privacy laws we are generally unable to delete information from your medical record. At your request we can de-activate your secure account so that you and others can no longer access it with your username and password.
Other Information We Collect
Separate to the health information we collect, we collect technical information about how you use our App and Website. We use this information to help us improve the overall quality of the App and Website, improve the service we provide, and improve our advertising and marketing campaigns.
We do not respond to ‘do not track’ signals in your browser.
Risk Of Sending Unencrypted Emails
The emails we send you are not secure because they are unencrypted. Other people may be able to read and forward the emails we send you and the emails you send us. Emails we send you may include a wide range of identifiers that include but aren’t limited to your name, your email address, your visit number, your patient number, the date you used our service etc.
When you create an account on the App or Website we ask you to give us your email address. We send an email to the email address you give us. If you give us an incorrect email address we will unknowingly send an email to the wrong person.
Risk Of Sending Unencrypted SMS/Text Messages
The SMS/text messages we send you are not secure because they are unencrypted. Other people may be able to read and SMS/text messages we send you and any SMS/text messages you send us.
SMS/text messages we send you will include your telephone number. It will be clear that SMS/text messages we send you have come from MISTR.
If you send us a picture of your insurance card using SMS/text message then it is important that you understand that the messages are not encrypted in transit.
Risk Of Storing PHI On Your Mobile
When you use the App or Website there is a risk that your PHI will be stored unencrypted on your mobile. We take a variety of technical safeguards to make sure that your PHI does not leak onto your mobile but we cannot guarantee that these safeguards work.
Risk Of Our Systems Getting Hacked And Compromised
We take a number of administrative, technical and physical safeguards to look after the PHI that we hold electronically on our servers. But despite these safeguards, no system is full-proof and we cannot guarantee that our systems and your PHI will not be hacked or otherwise compromised by unauthorized third parties.
The Rights You Have Over Your PHI
Right to obtain a copy of your medical record. We are allowed to charge you a fee if we think it’s appropriate.
Right to request that we limit how we use and share your PHI. There may be occasions when we cannot agree to your request.
Right to request that we change or update information held in your medical record. There may be occasions when we cannot agree to your request.
Right to request how we send you PHI. The electronic nature of our service limits our ability to agree to such requests.
Right to an accounting of the disclosure of your PHI. You are entitled to one ‘disclosure accounting’ in a 12-month period at no charge. An accounting does not include disclosures to carry out treatment, healthcare operations or payment. We are allowed to charge a fee for any additional accounting in a 12-month period.
How to contact MISTR to Use your Rights
Please write to us at: The Privacy Officer, MISTR, 1521 Alton Road, #463, Miami Beach, FL 33139
How to complain
To submit a complaint to MISTR you need to submit your complaint in writing to:
The Privacy Officer, MISTR, 1521 Alton Road, #463, Miami Beach, FL 33139
In addition you can complain to:
Secretary of the U.S. Department of Health and Human Services
Office of Civil Rights
200 Independence Avenue, SW, Room 509F HHH Building, Washington, DC 20201
For additional information, call (800) 368-1019 or U.S Office of Civil Rights (866) 627-7748 (Voice) or (866) 788-4989 (TTY)
We will not retaliate against you for filing a complaint.
This Notice is effective dated
November 15, 2018.
Changes to this notice