Privacy Policy

Personal Health Information (PHI)

We collect and maintain protected health information as necessary to provide your care:

• Name, date of birth, contact information
• Medical record number
• Admission, surgery, and discharge dates
• Treating physician and facility information
• Appointment scheduling and telehealth visit information
• Electronic medical record (EMR) system data

Communication Information

When you consent to SMS reminders:

• Mobile phone number
• Text message history (appointment reminders only)
• Consent status and preferences
• SMS opt-in/opt-out status

Account Information

• Google Workspace email address (for healthcare staff only)
• User role and permissions
• Login activity and access logs

Technical Information

• IP address and device information
• Browser type and version
• Session data and cookies
• System logs and audit trails

Consent to Receive SMS Messages

When you are admitted to the hospital, you sign discharge paperwork that includes consent to receive SMS messages from Inpatient Physician Associates, PLLC. By signing this form, you consent to receive appointment reminders, follow-up care instructions, and other transactional healthcare-related messages via text message to the mobile phone number you provide.

Consent to SMS communications is not a condition of receiving medical care. If you prefer not to receive text messages, you can opt out at any time and will continue to receive appointment reminders via phone call or email.

What We Send

We send SMS messages for the following purposes:

• Appointment scheduling and confirmation
• Appointment reminders (typically 24 hours before)
• Telehealth video visit links (Doxy.me)
• Post-discharge care instructions
• Rescheduling notifications

We do not send marketing or promotional SMS messages.

Phone Number Privacy

We will not share your mobile phone number with third parties for marketing purposes without your express consent. Your phone number is used solely for appointment reminders and care coordination, and is stored securely in compliance with HIPAA regulations.

How to Opt-Out

You can opt out of SMS messages at any time by:

• Replying STOP to any text message
• Calling us at (469) 402-3627
• Requesting opt-out during any patient interaction

When you opt out, you will receive a confirmation message and will no longer receive SMS notifications.

Technical Safeguards

• AES-256 encryption for all protected health information at rest
• TLS 1.3 encryption for all data in transit
• Secure authentication using Google Workspace OAuth
• Multi-factor authentication options
• Regular security audits and vulnerability assessments

Session Security

• Automatic session timeout after 15 minutes of inactivity
• Secure session management
• Device fingerprinting for anomaly detection

Right to Access

You have the right to inspect and obtain a copy of your health information. Contact us at (469) 402-3627 to request access.

Right to Request Restrictions

You have the right to request restrictions on how we use or disclose your health information. We are not required to agree to your request, but if we do, we will comply with it.