Privacy Policy

The Wholeness Center ("we," "us," or "our") is committed to protecting the privacy and security of your personal and health information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or interact with our practice.

As a healthcare provider, we are subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations. This Privacy Policy supplements our HIPAA Notice of Privacy Practices, which provides additional detail about how we handle your Protected Health Information (PHI).

Information We Collect

Personal Information

We may collect the following personal information when you interact with us:

• Full name, date of birth, and contact information (address, phone number, email)
• Insurance information and billing details
• Emergency contact information
• Demographic information relevant to your care

Protected Health Information (PHI)

In the course of providing healthcare services, we collect and maintain health-related information, including:

• Medical history, diagnoses, and treatment plans
• Clinical notes, assessments, and treatment records
• Lab results, prescriptions, and referral information
• Mental health and behavioral health records
• Functional medicine test results and nutritional assessments

Website Usage Data

When you visit our website, we may automatically collect:

• Browser type, operating system, and device information
• Pages visited, time spent on pages, and navigation patterns
• Referring website addresses and search terms
• IP address and approximate geographic location

How We Use Your Information

Healthcare Operations

We use your personal and health information to:

• Provide, coordinate, and manage your healthcare treatment
• Process insurance claims and billing
• Communicate with you about appointments, treatment plans, and follow-up care
• Comply with legal and regulatory requirements
• Conduct quality improvement and clinical review activities

Website and Communications

We use website data and contact information to:

• Improve our website functionality and user experience
• Respond to inquiries submitted through our website or email
• Send appointment reminders and practice communications (with your consent)
• Analyze aggregate website traffic to improve our services

How We Protect Your Information

We implement comprehensive administrative, technical, and physical safeguards to protect your information, including:

• Encrypted electronic health records systems with role-based access controls
• Secure, HIPAA-compliant communication channels for patient information
• Regular staff training on privacy and security protocols
• Physical security measures for paper records and office facilities
• Business Associate Agreements with all third-party service providers who handle PHI
• Regular security assessments and risk analysis procedures
• SSL/TLS encryption for all website data transmission

Your Rights Regarding Health Information

Under HIPAA and applicable state law, you have the right to:

• Access your records — Request and obtain a copy of your health information
• Request amendments — Ask us to correct information you believe is inaccurate or incomplete
• Request restrictions — Ask us to limit how we use or disclose your information
• Receive an accounting — Obtain a list of certain disclosures we have made of your health information
• Receive confidential communications — Request that we communicate with you through specific channels or at specific locations
• File a complaint — If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services

To exercise any of these rights, please contact our Privacy Officer using the contact information provided at the end of this policy.

Cookies and Tracking Technologies

Our website uses the following types of cookies and similar technologies:

• Essential cookies — Required for basic website functionality such as navigation and secure area access. These cannot be disabled.
• Analytics cookies — Help us understand how visitors interact with our website by collecting anonymous, aggregated data. We use this information to improve our website and services.
• Preference cookies — Remember your choices and settings to provide a personalized experience.

You can manage cookie preferences through your browser settings. Please note that disabling certain cookies may affect website functionality. We do not use cookies to collect Protected Health Information.

Third-Party Services

We may use third-party services that collect or process information, including:

• Electronic Health Records (EHR) — HIPAA-compliant systems for managing patient records, secured by Business Associate Agreements
• Payment processors — PCI-compliant services for secure processing of payments and insurance claims
• Analytics providers — Tools that help us understand website usage patterns using anonymized, aggregate data
• Communication platforms — HIPAA-compliant messaging and telehealth services for patient communication

We require all third-party service providers who handle Protected Health Information to enter into Business Associate Agreements and maintain appropriate safeguards.

When We May Disclose Information

We may disclose your information in the following circumstances:

• For treatment, payment, and healthcare operations as described in our Notice of Privacy Practices
• When required by federal, state, or local law
• For public health activities and reporting
• To avert a serious threat to health or safety
• For specialized government functions (e.g., military, veterans affairs)
• In response to valid court orders or subpoenas
• With your written authorization for any other purpose

We will never sell your personal or health information. We do not share your health information for marketing purposes without your express written consent.

Children's Privacy

Our website is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13 through our website. If we provide clinical services to minors, their health information is handled in accordance with HIPAA, Colorado state law, and applicable regulations governing the privacy of minors' health records.

Changes to This Policy

We reserve the right to update this Privacy Policy at any time. When we make material changes, we will update the "Last Updated" date at the top of this page and, where appropriate, notify you through our website or other communication channels. We encourage you to review this policy periodically.