Privacy Policy

Last updated: September 5, 2023

Overview

State laws and US federal law govern how MISTR, Inc., A Florida Professional Corporation, (collectively ‘we’/’us’) can use and disclose health information that ‘individually identifies’ you. This information is called ‘protected health information’ or ‘PHI’. We collect PHI when you use our App and Website and when you communicate with us. State law and US federal law specify the rights you have over your PHI.

This Privacy Policy helps you understand a) how we’ll use and share your PHI, b) what rights you have over your PHI and how to exercise your rights, c) what to do if you think we’re not complying with our legal obligations, and d) what other information we collect and share when you use the MISTR mobile application (‘the App’) or Website.

If you have any questions, please send us a message through the App or Website or call us at 747.322.0060 during business hours, Monday to Friday. Our normal business hours are 9:00am to 5:00pm Pacific Time Monday to Friday.

How We Use And Disclose Your PHI

We use and disclose your PHI to provide you with care, to run our healthcare operations, to take payment and to comply with state and US federal regulations. We implement a range of technical, administrative and physical safeguards to protect your PHI.

We use your email address to send you a range of different types of emails, including but not limited to emails that update you as to the status of your request for a prescription or laboratory test, to send you emails that alert you that there is a message waiting for you in the App or Website, to send you emails asking for feedback on your experience of using the service, and to send you emails to notify you that you may be due for a refill. We will send you marketing emails to notify you of the services we provide. We will share your email with a third party email marketing platform to enable us to send you emails.

We use your telephone number to call you if we have any questions, to leave you voice messages if you don’t answer the telephone when we call you, and to call you to ask for feedback on your experience of using the service. We also use your telephone number to send you SMS/text message notifications. If you ask us to organize for a third party pharmacy to mail your medicines, we may telephone you to take payment on behalf of the pharmacy.

To provide treatment and to run our healthcare operations and to take payment we share your PHI with selected organizations that provide us with services.

As examples, we share your PHI with organizations that help us run and maintain the technology and security infrastructure that supports the App and Website and the care we provide. We also may share your health information with medical staff who help ensure that we are providing a service that meets the appropriate standard of care.

We share your PHI and card details with our trusted online payment processors. If you choose to save your payment details to make future payments easier, our trusted payment provider will store them on our behalf. Furthermore, if you request delivery of your medicines by mail from a third party pharmacy then our trusted payment processor will always store your card details to make future payments more convenient.

We share your PHI with the pharmacy if we give you a prescription and with intermediaries who enable us to send prescriptions electronically. If you request that we organize for a third party mail order pharmacy to deliver your medicines, then we will share your PHI with the pharmacy.

If we order laboratory tests for you then we share your PHI with the lab company that runs the tests. If a laboratory test we order for you finds a ‘reportable’ infection we may be required by law to share your PHI to your county health department.

If you give us your insurance plan details and request that we organize for a third party mail order pharmacy to deliver your medicines, we’ll share your insurance details with the pharmacy.

We share your telephone number with the company that helps us send SMS/text messages. If we need to telephone you then we share your telephone number with our telecommunication provider.

We store information you provide us with whether you complete a visit or whether you do not complete a visit. We take the same precautions over your data regardless of whether you complete a visit.

We do not record video visits between our patients and our doctors. We may, however, capture a still image from the video and store that image in your medical record.

We may use your PHI to tell you about health-related products and services.

We may share your PHI with a third party if we merge, are acquired or undergo an asset sale.

Wherever possible we strive to make sure that any third parties with whom we share your PHI are legally bound by the restrictions of this Privacy Policy.

Owing to federal and state privacy laws we are generally unable to delete information from your medical record. At your request we can de-activate your secure account so that you and others can no longer access it with your username and password.

Other Information We Collect

Separate to the health information we collect, we collect technical information about how you use our App and Website. We use this information to help us improve the overall quality of the App and Website, improve the service we provide, and improve our advertising and marketing campaigns.

Technical information we collect and may share with Facebook, Google, Steel House Inc, AppsFlyer Ltd., Microsoft (Bing Ads) and Zopim Technologies Pte Ltd / Zendesk Inc includes information about your mobile device or computer, including but not limited to unique device identifiers and the operating system and browser you use, and information about when and how you use the App or Website, including specific pages you visit, and information about your general location when you use the App and Website, including but not limited to your internet protocol address and MAC address. Facebook, Google, Steel House Inc, AppsFlyer Ltd., Microsoft and Zopim Technologies Pte Ltd / Zendesk Inc are not bound by the terms of this Privacy Policy as to how they use technical information about you but are instead bound by the Facebook, Google Analytics, AppsFlyer Ltd., Microsoft Bing Ads and Zopim Technologies Pte Ltd / Zendesk Inc Terms of Use and Privacy Policies that are available on their respective websites.

We use 3rd party vendor re-marketing tracking cookies, including the Google Adwords and Steel House and Facebook tracking cookies. This means we will continue to show ads to you across the internet. The third-party vendors will place cookies on web browsers in order to serve ads based on past visits to our website. Third party vendors, including Google and Steel House and Facebook, use cookies to serve ads based on a user’s prior visits to your website. This allows us to make special offers and continue to market our services to those who have shown interest in our service.

We do not respond to ‘do not track’ signals in your browser.

Risk Of Sending Unencrypted Emails

The emails we send you are not secure because they are unencrypted. Other people may be able to read and forward the emails we send you and the emails you send us. Emails we send you may include a wide range of identifiers that include but aren’t limited to your name, your email address, your visit number, your patient number, the date you used our service etc.

When you create an account on the App or Website we ask you to give us your email address. We send an email to the email address you give us. If you give us an incorrect email address we will unknowingly send an email to the wrong person.

Risk Of Sending Unencrypted SMS/Text Messages

The SMS/text messages we send you are not secure because they are unencrypted. Other people may be able to read and SMS/text messages we send you and any SMS/text messages you send us.

SMS/text messages we send you will include your telephone number. It will be clear that SMS/text messages we send you have come from MISTR.

If you send us a picture of your insurance card using SMS/text message then it is important that you understand that the messages are not encrypted in transit.

Risk Of Storing PHI On Your Mobile

When you use the App or Website there is a risk that your PHI will be stored unencrypted on your mobile. We take a variety of technical safeguards to make sure that your PHI does not leak onto your mobile but we cannot guarantee that these safeguards work.

Risk Of Our Systems Getting Hacked And Compromised

We take a number of administrative, technical and physical safeguards to look after the PHI that we hold electronically on our servers. But despite these safeguards, no system is full-proof and we cannot guarantee that our systems and your PHI will not be hacked or otherwise compromised by unauthorized third parties.

The Rights You Have Over Your PHI

Right to obtain a copy of your medical record. We are allowed to charge you a fee if we think it’s appropriate.

Right to request that we limit how we use and share your PHI. There may be occasions when we cannot agree to your request.

Right to request that we change or update information held in your medical record. There may be occasions when we cannot agree to your request.

Right to request how we send you PHI. The electronic nature of our service limits our ability to agree to such requests.

Right to an accounting of the disclosure of your PHI. You are entitled to one ‘disclosure accounting’ in a 12-month period at no charge. An accounting does not include disclosures to carry out treatment, healthcare operations or payment. We are allowed to charge a fee for any additional accounting in a 12-month period.

Right to a paper copy of this Privacy Policy. The electronic nature of our service limits our ability to agree to such requests.

How to contact MISTR to Use your Rights

Please write to us at: The Privacy Officer, MISTR, 1521 Alton Road, #463, Miami Beach, FL 33139

How to complain

To submit a complaint to MISTR you need to submit your complaint in writing to:

The Privacy Officer, MISTR, 1521 Alton Road, #463, Miami Beach, FL 33139

In addition you can complain to:

Secretary of the U.S. Department of Health and Human Services
Office of Civil Rights
200 Independence Avenue, SW, Room 509F HHH Building, Washington, DC 20201

For additional information, call (800) 368-1019 or U.S Office of Civil Rights (866) 627-7748 (Voice) or (866) 788-4989 (TTY)

No retaliation

We will not retaliate against you for filing a complaint.

Effective date

This Notice is effective dated
November 15, 2018.

Changes to this notice

If we change the terms of this Privacy Policy then we will post the new Privacy Policy on our App and Website. Any new Privacy Policy will apply to all PHI that we maintain, including PHI that was created prior to the change.