Patient XP

Privacy Policy

Effective Date: 5/29/2025

Last Updated: 5/29/2025

Introduction

Patient XP ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our digital consent and patient education platform.

HIPAA Compliance

Patient XP is fully compliant with the Health Insurance Portability and Accountability Act (HIPAA). We maintain appropriate administrative, physical, and technical safeguards to protect the privacy and security of protected health information (PHI).

Information We Collect

Personal Information

  • Name, date of birth, and contact information
  • Medical record number and insurance information
  • Surgical procedure details and medical history
  • Digital consent forms and signatures
  • Communication preferences

Usage Information

  • Device information and IP addresses
  • Browser type and operating system
  • Pages visited and features used
  • Date and time of access

How We Use Your Information

  • To facilitate digital consent processes
  • To provide educational content about your procedure
  • To communicate with you about your care
  • To coordinate with your healthcare providers
  • To improve our services and user experience
  • To comply with legal and regulatory requirements

Information Sharing and Disclosure

We may share your information only in the following circumstances:

  • Healthcare Providers: With your authorized healthcare team involved in your care
  • Legal Requirements: When required by law or court order
  • Emergency Situations: To protect health and safety in emergency circumstances
  • Business Associates: With HIPAA-compliant service providers who assist us
  • With Your Consent: When you explicitly authorize us to share information

Data Security

We implement industry-standard security measures including:

  • End-to-end encryption for all data transmission
  • Encrypted storage of all personal health information
  • Multi-factor authentication for account access
  • Regular security audits and assessments
  • Employee training on HIPAA compliance
  • Access controls and audit logs

Your Rights

Under HIPAA and applicable privacy laws, you have the right to:

  • Access your personal health information
  • Request corrections to your information
  • Request restrictions on uses and disclosures
  • Request confidential communications
  • Receive an accounting of disclosures
  • File a complaint if you believe your rights have been violated

Data Retention

We retain your personal health information in accordance with HIPAA requirements and state medical record retention laws. Generally, this means we retain records for a minimum of six years from the date of creation or last use, whichever is later.

Children's Privacy

For patients under 18 years of age, parental or guardian consent is required. We handle minors' information with additional care and in compliance with applicable laws.

Contact Us

If you have questions about this Privacy Policy or your personal information, please contact us:

Patient XP Privacy Officer

Email: privacy@patientxp.org

Phone: 1-800-XXX-XXXX

Address: [Your Address]

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.