Sign up now

MindWeal Platform Privacy Policy

MindWeal Platform Privacy Policy

We are committed to protecting the privacy of visitors to our platform (“Platform”). This Platform is owned and operated by MindWeal Health, PLLC (“MindWeal,” “us,” “our,” or “we”). This Privacy Policy, along with our Terms & Conditions, explains how we gather and use your information as it relates to your activities on this Platform. 

If you use this Platform, you consent to our collection, use, and disclosure of your information as described in this Privacy Policy. We may change this policy without notice, and your use signifies that you agree to be bound by any changes. 

How we collect information about you

  1. We may collect technical information.

Our Platfrom’s server and management system routinely collects information about the origin and site navigation of visitors to this Platform. This data might include technical information (e.g., your processor type, processor speed, operating system type, browser type, audio devices, modem devices, video cards, page views, and protocol address). Collected technical information is not linked to any of your personal identifying information. MindWeal may use this information to manage or modify this Platform.

  1. We may collect personal information & Protected Health Information (PHI)

MindWeal only collects personally identifiable information & Protected Health Information (PHI) if you expressly provide it to us. You provide Protected Health Information (PHI) when you create an account with us, complete demographic information, complete the onboarding process, complete our health & wellness forms, questionnaires and assessments, share your medical history with your provider or interact with our staff via various communication tools. 

  1. We may use cookies.

We may use cookies to collect anonymized information about how our visitors use this Platform. This allows us to improve the Platform and personalize your visit experience. Cookies are small data text files that are sent from a server computer to your computer during a web browsing session. The cookies are typically stored on your computer’s hard drive, and websites use them to simulate a continuous connection to that site and to allow a computer to automatically identify your browser when you visit the website. Some browsers automatically accept cookies, but you may be able to prevent cookies by changing your browser’s settings. If you disable cookies, it may impair your ability to use some features of this Platform. Please visit www.allaboutcookies.org if you want to learn more about cookies. 

How we safeguard your Personal Information & Protected Health Information (PHI)

At MindWeal, we are committed to maintaining the confidentiality and security of your personal health information. As a HIPAA-compliant platform, we ensure that all your PHI is securely protected, including the information stored in our Electronic Medical Record (EMR) system. Any documents we receive by mail related to your treatment are promptly scanned, uploaded to your EMR, and the original paper document is securely shredded. Our staff is regularly trained on the importance of protecting your PHI, and only those with a legitimate “need to know” are granted access to your medical records. Staff members understand the legal and ethical obligations to protect your privacy, and any breach of these standards will result in disciplinary action in accordance with our personnel policies.

However, please note that maintaining the security of your account credentials is your responsibility. MindWeal cannot be held liable for any unauthorized access that results from your failure to protect your login information.

Communication Methods and Privacy Protections

At MindWeal, we use a variety of communication methods to enhance our services and keep you informed about your care. To ensure that these communications are secure, we have outlined the following practices:

1. Secure Messaging: We use a HIPAA-compliant, encrypted messaging system on the MindWeal platform for communications involving Protected Health Information (PHI). This ensures the security and confidentiality of your personal health data.

2. Text Messages: We will send you text messages primarily to provide updates and reminders about your appointments, as well as to notify you when a secure message has been sent through the MindWeal app. Although these messages will not include any Protected Health Information (PHI), we strongly recommend password-protecting your phone and disabling the “message preview” feature to further protect your privacy. Please review the MindWeal SMS Messaging Terms (see section below) for further details.

3. Email Communication: Emails may occasionally be sent via our EMR system or business email account. While these emails adhere to HIPAA standards, we recommend you secure your own devices to further protect your information.

4. Phone Communication: You may contact our office via phone during business hours. Voicemails will be responded to in accordance with our privacy and communication policy.

SMS Messaging Terms

1. Opting In for SMS Texting: By opting in to receive SMS messages from MindWeal, you agree to receive important notifications related to your mental health care. These messages may include: (A) Appointment reminders and confirmations (B) Reminders about pending bill (C) Account-related updates (e.g., password resets, app notifications)

How to Opt In:
You can opt in by: (A) Checking the opt-in box on the MindWeal app or website during registration (B) Replying “YES” to a text invitation sent from MindWeal.

Opting Out of SMS Texting:
You can opt out of receiving SMS messages from MindWeal at any time by: (A) Replying “STOP” to any SMS message from us. (B) Managing your SMS preferences in the MindWeal app under Settings > Notifications. Once you opt out, you will no longer receive SMS messages, except for legally required notifications or those critical to your care.

2. Types of SMS Messages: You Will Receive MindWeal will send SMS messages containing the following: (A) Appointment Information: Reminders, confirmations, cancellations, or rescheduling notices. (B) Billing Reminders: Notifications about pending bills.(C) Account Alerts: Updates related to your MindWeal account, such as password resets or app updates.

3. Standard Messaging Rates: Standard message and data rates may apply based on your mobile carrier. If you need assistance, reply “HELP” to any message or contact us through the MindWeal app.

4. Privacy Protection: Your mobile information is secure and will never be shared or sold to third parties. For further details on how we protect your data, please refer to this Privacy Policy.

How we use & disclose your information.

  1. Use of Personally Identifiable Information

MindWeal may use your personally identifiable information for the following purposes: (1) to provide information about our services, including marketing materials, if you opt-in; (2) to improve our platform; and (3) to create non-personal, aggregate data for business and research purposes. We do not sell or lease your information. If you wish to opt out of promotional communications, please contact us.

  1. Use & Disclosure of Protected Health Information (PHI)

Your PHI may be used and disclosed by your physician, our office staff and others outside of our office who are involved in your care and treatment for the purpose of providing health care services to you. Your PHI may also be used and disclosed to pay your health care bills and to support the operation of your physician’s practice. Following are examples of the types of uses and disclosures of your PHI that your physician’s office is permitted to make. These examples are not meant to be exhaustive, but to describe the types of uses and disclosures that may be made by our office.

(A) Treatment: We will use and disclose your PHI to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with another provider. For example, we would disclose your PHI, as necessary, to your pediatrician or to the home health agency that provides care to you. We will also disclose PHI to other providers (physicians, mid-level providers, therapists or counselors) who may be treating you. For example, your PHI may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to diagnose or treat you. Also, we may send your progress notes to your Pediatrician or Primary Care Provider to update them about your treatment plan for mental health. In addition, we may disclose your PHI from time-to-time to another physician or health care provider (e.g., a specialist or laboratory) who, at the request of your physician, becomes involved in your care by providing assistance with your health care diagnosis or treatment to your physician.

(B) Payment: Your PHI will be used and disclosed, as needed, to obtain payment for your health care services provided by us or by another provider. This may include certain activities that your health insurance plan may undertake before it approves or pays for the health care services we recommend for you such as: making a determination of eligibility or coverage for insurance benefits, reviewing services provided to you for medical necessity, and undertaking utilization review activities. For example, obtaining approval for a hospital stay may require that your relevant PHI be disclosed to the health plan to obtain approval for the hospital admission.

(C) Health Care Operations: We may use or disclose, as needed, your PHI in order to support the business activities of your physician’s practice. These activities include, but are not limited to, quality assessment and improvement activities, employee review activities, training of medical students, licensing, fraud and abuse compliance, fundraising activities, and conducting or arranging for other business activities like business planning and development, business management and general administrative activities. For example, we may use a self-sign in kiosk at the front desk; we may call you by name in the waiting room when we are ready to serve you. We may send you text messages, leave a message on your answering machine or voicemail with general medical information and may request for you to contact us for more detailed information.

We will share your PHI with third party “business associates” that perform various activities (for example, billing or transcription services) for our practice. Whenever an arrangement between our office and a business associate involves the use or disclosure of your PHI, we will have a written contract that contains terms that will protect the privacy of your PHI.

We may use or disclose your PHI, as necessary, to provide you with information about treatment alternatives or other health-related benefits and services that may be of interest to you. You may contact our Privacy Officer to request that these materials not be sent to you.

(D) To Patient & Legal Guardians: We will disclose PHI to the patient (as clinically appropriate for their age) and to all the legal guardians listed on the chart (unless specifically restricted by law). You are required to fill out a “Request to restrict release of Information” form if any of the legal guardians is restricted by law to obtain a patient’s PHI.

  1. Uses and Disclosures of PHI Based Upon Your Written Consent

Should you wish for family members or friends to access information about your treatment, you’ll need to complete an Authorization to Release Information Form. On this form, you will provide the names of all legal guardians. Additionally, you will specify which family members or friends are permitted to receive details about your treatment.

On occasion, you might ask us to share your PHI with particular individuals or entities for specific purposes and durations. Such scenarios could involve sensitive PHI disclosures, including details about HIV status, sexually transmitted diseases, mental health treatment, or substance abuse services. Additionally, you might authorize disclosures to parties unrelated to treatment, payment, or healthcare operations, like attorneys if you’re part of litigation either personally or on behalf of another. Should you want us to proceed with these disclosures, we’ll request your signature on the relevant form to grant authorization.

  1. Additional Authorized and Necessary Uses and Disclosures Exempt from Requiring Your Consent or Input

We reserve the right to utilize or reveal your PHI in the circumstances outlined below, even without seeking your authorization or allowing you a chance to express agreement or dissent. These circumstances encompass:

(A) Emergencies: If you are incapacitated and require emergency medical treatment, we will use and disclose your PHI to ensure you receive the necessary medical services. We will attempt to obtain your consent as soon as practical following your treatment.

(B) Communication barriers: If we try but cannot obtain your consent to use or disclose your PHI because of substantial communication barriers and your physician, using his or her professional judgment, infers that you consent to the use and disclosure, we will make the use or disclosure.

(C) Required By Law: We may use or disclose your PHI to the extent that the use or disclosure is required by law. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. You will be notified, if required by law, of any such uses or disclosures.

(D) Public Health: We may disclose your PHI for public health activities and purposes to a public health authority that is permitted by law to collect or receive the information. For example, a disclosure may be made for the purpose of preventing or controlling disease, injury or disability.

(E) Communicable Diseases: We may disclose your PHI, if authorized by law, to a person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading the disease or condition.

(F) Health Oversight: We may disclose PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies that oversee the health care system, government benefit programs, other government regulatory programs and civil rights laws.

(G) Abuse or Neglect: We may disclose your PHI to a public health authority that is authorized by law to receive reports of child abuse or neglect. In addition, we may disclose your PHI if we believe that you have been a victim of abuse, neglect or domestic violence to the governmental entity or agency authorized to receive such information. In this case, the disclosure will be made consistent with the requirements of applicable federal and state laws.

(H) Food and Drug Administration: We may disclose your PHI to a person or company required by the Food and Drug Administration for the purpose of quality, safety, or effectiveness of FDA-regulated products or activities including, to report adverse events, product defects or problems, biologic product deviations, to track products; to enable product recalls; to make repairs or replacements, or to conduct post marketing surveillance, as required.

(I) Legal Proceedings: We may disclose PHI in the course of any judicial or administrative proceeding, in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized), or in certain conditions in response to a subpoena, discovery request or other lawful process.

(J)  Law Enforcement: We may also disclose PHI, so long as applicable legal requirements are met, for law enforcement purposes. These law enforcement purposes include (1) legal processes and otherwise required by law, (2) limited information requests for identification and location purposes, (3) pertaining to victims of a crime, (4) suspicion that death has occurred as a result of criminal conduct, (5) in the event that a crime occurs on the premises of our practice, and (6) medical emergency (not on our practice’s premises) and it is likely that a crime has occurred.

(K) Coroners, Funeral Directors, and Organ Donation: We may disclose PHI to a coroner or medical examiner for identification purposes, determining cause of death or for the coroner or medical examiner to perform other duties authorized by law. We may also disclose PHI to a funeral director, as authorized by law, in order to permit the funeral director to carry out their duties. We may disclose such information in reasonable anticipation of death. PHI may be used and disclosed for cadaveric organ, eye or tissue donation purposes.

(L) Research: We may disclose your PHI to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your PHI.

(M) Criminal Activity: Consistent with applicable federal and state laws, we may disclose your PHI, if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. We may also disclose PHI if it is necessary for law enforcement authorities to identify or apprehend an individual.

(N) Military Activity and National Security: When the appropriate conditions apply, we may use or disclose PHI of individuals who are Armed Forces personnel (1) for activities deemed necessary by appropriate military command authorities; (2) for the purpose of a determination by the Department of Veterans Affairs of your eligibility for benefits, or (3) to foreign military authority if you are a member of that foreign military services. We may also disclose your PHI to authorized federal officials for conducting national security and intelligence activities, including for the provision of protective services to the President or others legally authorized.

(O) Workers’ Compensation: We may disclose your PHI as authorized to comply with workers’ compensation laws and other similar legally established programs.

(P) Inmates: We may use or disclose your PHI if you are an inmate of a correctional facility and your physician created or received your PHI in the course of providing care to you.

(Q) DHHS: We must disclose your PHI to you upon request and to the Secretary of the U.S. Department of Health & Human Services to investigate or determine our compliance with the privacy laws.

This Platform is not intended for children under the age of 18.

This Platform is not intended or designed to attract children under the age of eighteen, and we do not collect personally identifiable information from any person whom we know to be under the age of eighteen. If we inadvertently come to possess personally identifiable information about a child under the age of eighteen, we will not knowingly disclose that information to any third party.

Security of third-party Websites/ Platforms/ Apps.

MindWeal may provide links in this Platform to unaffiliated third-party websites/platforms/apps. If you follow these links, you demonstrate your agreement that we are not responsible for and do not control the information on these websites/platforms/apps. Prior to following any third-party link, you should review that website’s/platfrom’s/app’s privacy policy and terms of use, as your visit to the website/platform/app may bind you to those third-party terms and policies. 

How we monitor social media.

MindWeal may be active on social media, and we encourage your participation in our social media channels. This may include our blog(s), Facebook, Instagram, TicTok, Twitter, Tumblr, YouTube, LinkedIn, and other channels (collectively, our “social media”). We may expand or narrow our available social media channels without notice, and this policy applies to our activities on any social media outlet, on this Platform, and on those websites and social media accounts that you access through our affiliates. 

Your participation in our social media channels demonstrates your agreement that MindWeal may monitor and remove any postings or content that, in its sole discretion, we deem to be inappropriate. 

1. Our social media activity does not constitute health advice.

Our social media postings and content do not constitute medical or healthcare advice, and they are not a substitute for the advice of a licensed healthcare professional who is familiar with your health history. Even if the posting user is a licensed healthcare professional, their comments should not be construed as personal health advice. If you have a medical concern, you should always personally consult with a healthcare provider. Please contact us directly to schedule an appointment. In an emergency, you should call 911.

2. We prohibit certain content on our social media.

Your activity on MindWeal’s social media is public, and information shared on social media often cannot be unshared. Your decision to post something may be irrevocable, or incapable of being undone. Please be cautious not to disclose personally identifiable information, such as your location, medical history, or financial information.

Accordingly, you alone are responsible for your activity on MindWeal’s social media. You specifically agree not to: (1) misrepresent yourself or use another person’s identity; (2) engage in harassment, defamation, personal attacks, spam, offensive content, or illegal activities; or (3) publish illegal, obscene, defamatory, threatening, unlawful, disruptive, profane, harassing, or abusive content.

3. We have no duty to monitor our social media accounts.

MindWeal may, but has no affirmative duty to, oversee its social media accounts. Your use signifies your understanding that MindWeal may monitor, prohibit, restrict, block, suspend, terminate, or delete your access to its social media at any time. We may review, edit, and/or delete anything you publish on its social media without notice and in our sole discretion. 

4. Visitors may reproduce postings on our social media.

If you post content on MindWeal’s social media, you provide us with a non-exclusive, royalty-free, and worldwide license to reproduce, distribute, edit, reformat, publish, or display the content for any purpose. You acknowledge that MindWeal cannot and does not control the conduct of other visitors to its social media, who may reproduce visitors’ posts without permission.

The opinions expressed by individuals who are unaffiliated with MindWeal do not reflect the opinions of MindWeal.

This Privacy Policy is hereby incorporated into this Platform Terms & Conditions.

This Privacy Policy is hereby incorporated into our Terms & Conditions. By using this Platform, you signify that you have read, understood, and agree to be bound by this Privacy Policy and the Terms & Conditions. Do not use this Platform if you do not agree to this. Your continued use of this Platform signifies your agreement to any changes that MindWeal may make to this Privacy Policy or to our Terms & Conditions. 

Not Subject to the European Union’s General Data Protection Regulation (“GDPR”).

The European Union (“EU”) has adopted the General Data Protection Regulation (“GDPR”). The GDPR is an expansive data privacy and protection framework of laws designed to protect the personal data of individuals located in the EU. The GDPR applies to an entity that maintains an establishment in the EU if it processes personal data in the context of that EU establishment.

MindWeal neither maintains an establishment in the EU nor conducts any form of an effective or real exercise of activity through stable arrangements. Likewise, MindWeal does not conduct any processing activities related to any offering of goods or services to data subjects in the EU, nor does it envisage offering goods or services to data subjects in the EU. Finally, MindWeal does not process the personal data of data subjects in the EU related to monitoring the behavior of data subjects as their behavior takes place within the EU. 

MindWeal primarily markets to, interacts with, seeks to attract, and provides services to people and companies in the United States.

“Do Not Track” feature.

For some web browsers, a “Do Not Track” feature is available to signal that you do not want the websites that you visit to track your online activity. How browsers communicate and respond to the Do Not Track feature is not yet uniform. For this reason, like with many other websites, MindWeal’s Platform does not currently respond to or alter its practices in response to a Do Not Track signal. By your continued use of our Platform, you acknowledge and understand that third parties may collect personal information regarding your online activities over time and across different websites when you visit MindWeal’s Platform, or other websites and services. To find out more about the “Do Not Track” feature, you may visit http://www.allaboutdnt.com.

Your Rights

Here is an outline of your rights regarding your PHI, along with a concise explanation of how you can exercise these rights.

(A) Right of access to your PHI: You have the right to inspect and copy your PHI. This means you may inspect and obtain a copy of PHI about you for so long as we maintain the PHI. You may obtain your medical record that contains medical and billing records and any other records that your physician and the practice use for making decisions about you. As permitted by federal or state law, we may charge you a reasonable copy fee for a copy of your records. Under federal law, however, you may not inspect or copy the following records: psychotherapy notes; information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding; and laboratory results that are subject to law that prohibits access to PHI. Also, your right of access may be limited if providing certain PHI to you may endanger the health or safety of yourself or others. Depending on the circumstances, a decision to deny access may be reviewable. In some circumstances, you may have a right to have this decision reviewed. To request access to your PHI, please request in writing to our Privacy Officer by filling out the form “Request to Release of Information to self” available to you on request.

(B) Right to restrict release of your PHI: You may also request that any part of your PHI not be disclosed to family members or friends who may be involved in your care or for notification purposes as described in this Notice of Privacy Practices. Your request must state the specific restriction requested and to whom you want the restriction to apply. Your physician is not required to agree to a restriction that you may request. If your physician does agree to the requested restriction, we may not use or disclose your PHI in violation of that restriction unless it is needed to provide emergency treatment. With this in mind, please discuss any restriction you wish to request with your physician. To request a restriction of your PHI, please request in writing to our Privacy Officer by filling out the form “Request to restrict Release of Information” available to you on your request. 

(C) Right to confidential communications: You have the right to request to receive confidential communications from us by alternative means or at an alternative location. We will accommodate reasonable requests. We will not require an explanation of your reasons for the request, but we will ask that you specify the alternative address or other method of contact and that you inform us of how payment for our medical services will be handled. Please make this request in writing to our Privacy Officer.

(D) Right to amend PHI: You may have the right to have your physician amend your PHI. This means you may request an amendment of PHI about you in a designated record set for so long as we maintain this information. In certain cases, we may deny your request for an amendment. If we deny your request for amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal. Please contact our Privacy Officer if you have questions about amending your medical record. We will respond to your request as soon as possible, but no later than 30 days from the date of your request.

(E) Right to accounting of disclosures: You have the right to receive an accounting of certain disclosures we have made, if any, of your PHI for up-to 6 years prior to the date of your request. This right applies to disclosures for purposes other than treatment, payment or health care operations as described in this Notice of Privacy Practices. It excludes disclosures we may have made to you if you authorized us to make the disclosure, for a facility directory, to family members or friends involved in your care, or for notification purposes, for national security or intelligence, to law enforcement (as provided in the privacy rule) or correctional facilities, as part of a limited data set disclosure. The right to receive this information is subject to certain exceptions, restrictions, and limitations. Please make your request in writing to our privacy officer if you wish to receive an accounting of certain disclosures. We will respond to your request as soon as possible, but no later than 30 days from the date of your request.

(F) Right to obtain a copy of our Privacy Policy: You may access MindWeal Health Platform Privacy Policy at www.MindWeal.com. You have the right to request a paper copy of this notice, even if you have agreed to receive it electronically. We may periodically update this policy, and you can obtain the most recent version at any time by contacting our office, requesting one at your next appointment, or accessing it on our website.

Complaints

If you feel that your privacy rights have been breached by us, you have the option to lodge a complaint with either us or the Secretary of Health and Human Services. To file a complaint with us, please notify our Privacy Officer. This can be done by completing the contact form on our website, or by emailing contact@MindWeal.com and addressing it to the Privacy Officer. Rest assured, there will be no retaliation from our side for raising a complaint. Our Privacy Officer will address your concerns and respond within 30 days from the receipt of your complaint. For any additional inquiries regarding privacy practices, please feel free to reach out to your provider.

Your agreement and acknowledgment.

By your continued use of MindWeal’s Platform, you understand and acknowledge that you have read and understood MindWeal Platform Privacy Policy and SMS Messaging Terms, and you agree to be bound to them.