READ THE HIPAA PRIVACY POLICY FOR OUR BEVERLY HILLS PRACTICE

PRIVACY POLICY

Privé Beverly Hills (“Catherine S. Chang, MD” or “we” or “us”) has created this privacy policy (this “Privacy Policy”) in order to demonstrate its commitment to user, visitor, and customer privacy with regard to Privé Beverly Hills’ website (www.privebevhills.com) and any affiliated websites or portals (together, collectively the “Website”). Privacy on the Website is of great importance to us. Because we may gather some important information from our users, visitors, subscribers and customers (collectively “Subscribers” or “you” or “your”), we have established this Privacy Policy as a means to communicate our information gathering and dissemination practices. By accessing the Website, you acknowledge and agree to this Privacy Policy and also agree to comply with the Terms of Use, which can be accessed and reviewed at www.privebevhills.com.
YOUR PRIVACY RIGHTS/ CALIFORNIA’S SHINE THE LIGHT LAW.

Pursuant to Section 1798.83 of the California Civil Code, residents of California have the right to request from a business, with whom the California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediately preceding calendar year.

To request a copy of the information disclosed by Privé Beverly Hills pursuant to Section 1798.83 of the California Civil Code, please contact Dr. Catherine S. Chang by mail at Privé Beverly Hills, Attn.: California Privacy Rights by email at info@privebevhills.com.

PROTOCOLS FOR COMMUNICATIONS USING THE WEBSITE

Consent and Authorization: Your use of the Website constitutes your authorization for your provider(s) and office staff to communicate with you through the means provided by the Website.

MESSAGES YOU SEND

Providers and office will provide a timely response to electronic inquiries; however, response times may vary by provider. Accordingly, emergency or urgent situations requiring immediate attention should not be submitted electronically. If you do not receive a response within three (3) business days, please telephone your provider’s office to ensure the message was received.

INFORMATION WE SEND YOU

By using the Website you have elected to receive your medical information via the Website. Please contact your provider’s office if you have any further questions regarding any of your medical treatment.

SHARED INFORMATION

With the patient user’s permission, the Website allows you to share your health information with your provider and your provider’s team. By using the Website, you acknowledge and agree that Privé Beverly Hills will be collecting and storing information, in addition to the data you, your providers, or office staff input into the Website.

INFORMATION WE COLLECT

We may require Subscribers who use the Website to give us contact information, which may include, but is not limited to, the Subscriber’s name, birthdate, mailing address, phone number, email address, cookies, IP logs, and other information (collectively “Personal Information”). Besides the Personal Information, we may also collect other information regarding your use of the Website. From time to time, we may also collect or ask for additional Personal Information, which will also be expressly included herein as Personal Information. You can opt out of providing this additional information by not entering it or not using the Website, although not providing it may hinder your ability to use the Website.

We collect Personal Information, including but not limited to protected health information, and may use it and may use it in the aggregate, after we have removed any personally identifiable information. By using the Website, you acknowledge and agree that Privé Beverly Hills will be collecting and storing certain information related to the use of the Website, and Privé Beverly Hills and its designees may use that information, including in the aggregate.

We use the information that we collect to provide and maintain the Website to market our brand, to compile a database of Website users, and other ways, as we deem appropriate in our sole discretion, and to provide any other services that you and Privé Beverly Hills agree to. We may also use the information to contact you to further discuss interest in our company, the goods and services that we provide, and to send information regarding our company or partners, such as promotions and events. You may receive an email newsletter or other correspondence by providing an email address. Your email address and any Personal Information will not be disclosed to third parties unless it is to purposes which you have authorized us to do, to comply with any legal processes and/or law enforcement requests, or for treatment, healthcare operations, or payment purposes as permitted under the Health Insurance Portability and Accountability Act of 1996, and its implementing regulations, as may be amended (HIPAA).

We may also email (or send via other methods) information regarding updates to the Website, and may send a newsletter, or other correspondence. You will have an opportunity to unsubscribe to any emails or mailings by clicking on an “unsubscribe” hyperlink contained in promotional emails we send you. Even if you are removed from any such list, if you use the Website, you will continue to receive email correspondence from Privé Beverly Hills related to the Website. Any opt-out by you is not deemed valid until processed by Privé Beverly Hills. It is your obligation to verify that you have been opted-out. Privé Beverly Hills will not be liable for problems with the opt-out procedures.

If you provide credit card or other authorized payment method information to Privé Beverly Hills, you authorize Privé Beverly Hills, or a credit card processor of its choosing to receive appropriate billing information, bill such credit card, and to make such charges as applicable

Privé Beverly Hills does not wish to collect any Personal Information (or any information at all) from any persons under 13 years old. If you are under 13 years old, you may not use the Website.

REVIEWING AND UPDATING YOUR INFORMATION

If you register for an account on the Website, you may review and update your account information by logging in to your account with your username and password via the Website, as well as through additional links throughout the Website.

THIRD PARTY WEBSITES

The Website may contain links to other Websites. We are not responsible for the privacy practices or the content of these other Websites. You will need to check the policy statement of these others Websites to understand their policies. When you access a linked site you may be disclosing private information. It is your responsibility to keep such information private and confidential.

COOKIES

When you view the Website, we may store some information on your computer’s hard drive. This information will be in the form of a “Cookie.” Most web browsers automatically accept Cookies, but you can change your browser to prevent that. Without accepting a Cookie, your use of the Website may be affected.

SECURITY

Please note that our forms are encrypted to protect your privacy. Once the information is sent to our Website, it is kept in secure databases where it is not available to other users on the internet. Commented [AB1]

Commented [AB1]: Confirm that the contact forms are encrypted, if not, they need to be to comply with HIPAA. Also confirm that information is kept in a secure HIPAA-compliant database (i.e., G Suite).

Privé Beverly Hills periodically reviews and modifies, where appropriate, its security policies and procedures. We use reasonable care to protect your personally identifiable and confidential information provided by you to our site. Privé Beverly Hills has in place security policies and procedures that seek to mitigate this risk of the unauthorized access of your information. Commented [AB2]

Commented [AB2]: These security policies and procedures will be included in the HIPAA policies and procedures that I’m drafting now.

Please note that non-protected health information may be transported over an open network, such as the internet or e-mail, and may be accessible to anybody. We cannot guarantee the confidentiality of any communication or material transmitted via such open networks. When disclosing any personal information via an open network, you should remain mindful of the fact that it is potentially accessible to others, and consequently, can be collected and used by others without your consent. In particular, while individual data packets are often encrypted, the names of the sender and recipient are not. Even if both the sender and recipient are located in the same country data may also be transmitted via such networks to other countries regularly and without controls, including to countries that do not afford the same level of data protection as your country of domicile.

Your data may be lost during transmission or may be accessed by unauthorized parties. We do not accept any liability for direct or indirect losses as regards the security of your Personal Information or data during its transfer via internet. Please use other means of communication if you think this is necessary or prudent for security reasons.

YOUR OBLIGATION REGARDING THE SECURITY OF INFORMATION

In order to help ensure that your information can only be accessed by you, and those you authorize, a confidential user name and password will be required to log in to access your Personal Information on the Website. As a Website user, your role in maintaining the security of your and your provider’s (as applicable) general information and medical information includes following common sense, such as keeping your login identification name and password confidential. In the event you access and service requiring a user name and password, you are solely responsible for keeping such user name and password strictly confidential.

DISCLAIMER OF WARRANTY

PLEASE NOTE THAT, BY ITS VERY NATURE, A WEBSITE CANNOT BE ABSOLUTELY PROTECTED AGAINST INTENTIONAL OR MALICIOUS INTRUSION ATTEMPTS. FURTHERMORE, PRIVE BEVERLY HILLS DOES NOT CONTROL THE DEVICES OR COMPUTERS OR THE INTERNET OVER WHICH YOU MAY CHOOSE TO SEND CONFIDENTIAL PERSONAL INFORMATION AND CANNOT, THEREFORE, PREVENT SUCH INTERCEPTIONS OF COMPROMISES TO YOUR INFORMATION WHILE IN TRANSIT TO PRIVE BEVERLY HILLS.

THEREFORE, PRIVE BEVERLY HILLS HEREBY MAKES NO GUARANTEE AS TO SECURITY, INTEGRITY OR CONFIDENTIALITY OF ANY INFORMATION TRANSMITTED TO OR FROM THIS WEBSITE OR STORED WITHIN THIS WEBSITE.

BEYOND OUR REASONABLE CARE TO SAFEGUARD YOUR INFORMATION WHILE IN TRANSIT, PRIVE BEVERLY HILLS CANNOT AND DOES NOT GUARANTEE THE ABSOLUTE SECURITY OF ELECTRONIC COMMUNICATIONS OR TRANSMISSIONS BECAUSE ANY TRANSMISSION MADE OVER THE INTERNET BY ANY ORGANIZATION OR ANY INDIVIDUAL RUNS THE RISK OF INTERCEPTION.

IN ADDITION, WE HEREBY MAKE NO GUARANTEE AS TO SECURITY, INTEGRITY, OR CONFIDENTIALITY OF ANY INFORMATION TRANSMITTED TO OR FROM THIS WEBSITE, OR STORED WITHIN THIS WEBSITE.

BY USING THE WEBSITE, YOU ACCEPT THESE TERMS.

ADDITIONAL INFORMATION

This Policy is part of the Terms of Use of the Website and any use of the Website is governed by those Terms of Use. Questions regarding this Privacy Policy or the practices of the Website should be directed to PRIVE BEVERLY HILLS by emailing such questions to info@privebevhills.com.

EFFECTIVE DATE AND UPDATES TO OUR PRIVACY POLICY

This Policy is effective as of June 1, 2021. If we make any material changes to this Privacy Policy, we will post a notice on this Website notifying users of the changes. In some cases, we also may send an email notifying users of the changes. You should check this Website periodically to see if any recent changes to this Privacy Policy have occurred.