hipaa - Aethra Care PPLC

Section 01

Our Legal Duties and Commitment to Your Privacy

Legal Obligations

AETHRA CARE PLLC ("we," "us," or "our") is required by law to maintain the privacy of your protected health information (PHI) and to provide you with this notice of our legal duties and privacy practices. We are legally obligated to:

Maintain the privacy and security of your protected health information
Provide you with notice of our legal duties and privacy practices regarding your PHI
Follow the terms of the notice currently in effect
Notify you if we are unable to agree to a requested restriction on the use or disclosure of your PHI
Accommodate reasonable requests to communicate health information by alternative means or at alternative locations

Federal and State Law Compliance

AETHRA CARE PLLC complies with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), its implementing regulations including the HIPAA Privacy Rule (45 CFR Part 164, Subpart E) and Security Rule (45 CFR Part 164, Subpart C), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and all applicable Florida state laws governing the privacy and security of health information.

Our Commitment Beyond Legal Requirements

Beyond our legal obligations, AETHRA CARE PLLC is committed to protecting the privacy and security of your protected health information through comprehensive policies, procedures, and safeguards that meet or exceed federal and state requirements. This HIPAA Compliance Statement outlines our practices regarding the collection, use, disclosure, and protection of your health information in accordance with these legal obligations.

Section 02

What is Protected Health Information (PHI)?

Protected Health Information includes any individually identifiable health information that we create, receive, maintain, or transmit in connection with providing healthcare services to you. This includes information in any form — electronic, written, or oral — that relates to:

Your past, present, or future physical or mental health condition
Healthcare services provided to you
Payment for healthcare services
Information that could reasonably identify you when combined with health information

Section 03

How We Collect PHI

We may collect your PHI through various means, including:

Information you provide during registration, consultations, and treatment
Medical records and documentation from healthcare encounters
Communication through our secure messaging platform
Data from medical devices or health monitoring applications
Information from other healthcare providers involved in your care
Insurance and payment processing information

Section 04

How We Use and Disclose PHI

We use and disclose your PHI only as permitted by HIPAA and other applicable laws.

Treatment

Providing virtual urgent care, primary care, and asynchronous healthcare services
Coordinating care with other healthcare providers
Consulting with specialists or other medical professionals
Managing your ongoing healthcare needs

Payment

Processing payments and billing for services provided
Collecting payment for healthcare services

Healthcare Operations

Quality assurance and improvement activities
Staff training and education
Business planning and administration
Legal and compliance activities
Customer service and support

Other Permitted Uses

We may also use or disclose your PHI without your authorization when required or permitted by law, including for public health activities and reporting, health oversight activities, judicial and administrative proceedings, law enforcement purposes, emergency circumstances to protect health and safety, research activities when properly authorized, workers' compensation cases, and coroners, medical examiners, and funeral directors.

Section 05

Your Rights Under HIPAA

You have the following rights regarding your PHI:

Right to Access

You have the right to inspect and obtain copies of your PHI that we maintain about you, with certain limited exceptions.

Right to Amend

You have the right to request that we amend PHI about you that you believe is incorrect or incomplete.

Right to Accounting of Disclosures

You have the right to receive an accounting of certain disclosures of your PHI that we have made.

Right to Request Restrictions

You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or healthcare operations.

Right to Confidential Communications

You have the right to request that we communicate with you about your health matters in a certain way or at a certain location.

Right to Breach Notification

You have the right to be notified in the event of a breach of your unsecured PHI.

Right to File a Complaint

You have the right to file a complaint with us or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated.

Section 06

Security Safeguards

We implement comprehensive administrative, physical, and technical safeguards to protect your PHI:

Administrative

Designated Privacy and Security Officers
Workforce training on HIPAA compliance
Access controls and user authentication procedures
Incident response and reporting procedures
Regular risk assessments and security evaluations

Physical

Secure facilities and workstations
Controlled access to areas containing PHI
Proper disposal of PHI-containing materials
Device and media controls

Technical

Encryption of PHI in transit and at rest
Secure user authentication and access controls
Audit logs and monitoring systems
Automatic logoff procedures
Regular software updates and security patches

Section 07

Business Associate Agreements

We maintain Business Associate Agreements (BAAs) with all third-party vendors and service providers who may have access to your PHI. These agreements ensure that our business associates also comply with HIPAA requirements and maintain appropriate safeguards for your health information.

Section 08

Telehealth and Virtual Care Privacy

For our virtual care services, we implement additional privacy protections:

Use of HIPAA-compliant telehealth platforms
Secure video conferencing with end-to-end encryption
Protected messaging systems for asynchronous care
Secure storage of virtual consultation records
Patient identity verification procedures

Section 09

Data Retention and Disposal

We retain your PHI only as long as necessary for treatment, payment, healthcare operations, and legal requirements. When PHI is no longer needed, we dispose of it securely through:

Secure deletion of electronic files
Shredding of physical documents
Destruction of storage media
Certificate of destruction documentation

Section 10

Breach Notification

In the unlikely event of a breach of your unsecured PHI, we will:

Conduct a thorough investigation
Notify affected individuals within 60 days
Report to the U.S. Department of Health and Human Services
Notify media when required by law
Take corrective action to prevent future breaches

Section 11

Contact Information

To exercise your rights, request information, or file a complaint, please contact our Privacy Officer:

Privacy Officer

Email: privacy@vyta.co

Phone: (813) 725-0931

Attn: Privacy Officer
15289 Amberly Dr
Tampa, FL 33647

Section 12

Filing Complaints

If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer (contact information above) or with the federal government:

U.S. Department of Health and Human Services

Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201

Phone: (877) 696-6775

Website: www.hhs.gov/ocr

Non-Retaliation: We will not retaliate against you for filing a complaint.

Section 13

Changes to This Statement

We reserve the right to change this HIPAA Compliance Statement at any time. Any changes will be effective immediately upon posting on our website. We will provide notice of material changes as required by law.

Section 14

Acknowledgment

By using our services, you acknowledge that you have received and understand this HIPAA Compliance Statement and our Notice of Privacy Practices.