WALK-INS WELCOME | OPEN 7 DAYS A WEEK
Book Appointment

Privacy Policy

Last Updated: June 17th, 2025

I. INTRODUCTION

Miami Beach Urgent Care (“MBUC,” “we,” “our,” or “us”) respects and is firmly committed to protecting your privacy. This Privacy Policy (the “Policy”) describes how we collect, use, store, disclose, and protect personal and health-related information about users of our website, https://blog.miamibeachurgentcare.com (the “Site”), and any affiliated applications, digital services, and portals owned and operated by MBUC (collectively, the “Services”).

This Policy applies to all individuals who access our Services, including patients, caregivers, healthcare professionals, and general visitors. By using our Services, you signify that you have read, understood, and agreed to the practices described in this Policy. If you do not agree to this Policy, please discontinue use of our Services immediately.

II. LEGAL FRAMEWORK AND GOVERNING COMPLIANCE

This Policy is designed to be compliant with:

  • The Health Insurance Portability and Accountability Act of 1996 (HIPAA)

     

  • The Health Information Technology for Economic and Clinical Health Act (HITECH)

     

  • Applicable state medical privacy laws (including Florida statutes)

     

  • The California Consumer Privacy Act (CCPA), where applicable

     

  • Federal Trade Commission (FTC) guidelines

     

  • General Data Protection Regulation (GDPR) for data subjects in the European Economic Area, if and to the extent applicable

     

MBUC adheres to the principle of minimum necessary use and disclosure of protected health information (PHI) and ensures lawful processing under U.S. and international privacy frameworks.

III. INFORMATION WE COLLECT

MBUC collects the following categories of information through its digital and physical services:

A. Personally Identifiable Information (PII)

Includes but is not limited to:

  • Full name

     

  • Date of birth

     

  • Mailing address

     

  • Email address

     

  • Phone number

     

  • Insurance provider details

     

  • Social Security Number (only when required for lawful healthcare processing)

     

  • Emergency contact information

     

B. Protected Health Information (PHI)

Collected in accordance with HIPAA:

  • Medical history, diagnoses, symptoms, prescriptions, test results

     

  • Appointments and treatment plans

     

  • Provider notes and clinical observations

     

  • Intake and consent forms

     

  • Insurance billing and claim submissions

     

  • Telehealth communication content

     

C. Non-Identifiable Technical and Device Data

Collected automatically:

  • IP address and geolocation (approximate)

     

  • Browser and device information

     

  • Session duration, page visits, navigation paths

     

  • Referral URLs

     

  • Cookies and analytics identifiers

     

D. Aggregated and De-identified Data

We may anonymize your data for operational, research, or benchmarking purposes. Once de-identified per HIPAA and industry standards, this data is no longer subject to PHI protections.

IV. HOW WE USE YOUR INFORMATION

Your data may be used in the following ways:

A. Clinical Care and Medical Operations

  • Scheduling, treating, and following up on patient visits

     

  • Administering medication, IV therapy, and diagnostics

     

  • Referring to specialists or labs as needed

     

  • Coordinating care across health providers

     

B. Payment and Reimbursement Processing

  • Submitting insurance claims

     

  • Verifying coverage and pre-authorizations

     

  • Processing credit card or ACH payments

     

  • Managing co-pays, billing questions, and disputes

     

C. Website and Digital Platform Management

  • Providing access to patient portals or online booking

     

  • Troubleshooting, load balancing, and server security

     

  • Managing user accounts and contact preferences

     

D. Marketing and Patient Outreach

  • Sending appointment reminders, newsletters, or service updates

     

  • Providing information on new treatments or urgent care enhancements

     

  • NOTE: We do not sell your information. Any direct marketing will comply with opt-in/opt-out consent requirements per applicable law.

     

E. Research, Quality Assurance, and Public Health

  • Participating in de-identified population health studies

     

  • Improving healthcare delivery based on user behavior and outcomes

     

  • Reporting public health concerns (e.g., infectious disease outbreaks)

     

V. DISCLOSURE OF INFORMATION

We may disclose your information under the following lawful circumstances:

A. To Healthcare Providers and Staff

  • With your treating physicians, nurses, labs, and clinical support

     

  • Across integrated electronic health record (EHR) systems

     

B. To Business Associates

Third parties (e.g., billing services, cloud providers, CRM platforms) contracted to perform services on our behalf are required by law and written agreement to maintain the privacy and security of your data.

C. To Insurance Providers and Government Payors

  • For payment and pre-authorization purposes

     

  • For Medicaid/Medicare or private carrier billing

     

D. When Required by Law

  • Subpoenas, court orders, or regulatory audits

     

  • Reporting child abuse, neglect, or domestic violence

     

  • Cooperating with law enforcement under lawful warrants

     

E. To Public Health Authorities

  • COVID-19 or communicable disease reporting

     

  • Product recalls, vaccine distribution, and immunization tracking

     

F. In Case of Emergencies

  • To protect a patient’s life or the safety of others

     

G. As Part of a Sale, Merger, or Acquisition

Your data may be transferred as part of an asset sale, merger, or similar transaction, subject to confidentiality and privacy protections.

VI. COOKIES, TRACKING TECHNOLOGIES, AND ANALYTICS

We use industry-standard tools such as cookies, web beacons, session storage, and third-party services (e.g., Google Analytics, Meta Pixel) to:

  • Measure site traffic and performance

     

  • Identify trends in site behavior

     

  • Serve contextual advertising (never linked to PHI)

     

  • Secure our systems against bot traffic and DDoS attacks

     

Users may control cookies via browser settings. Note that disabling cookies may impair certain features of our Site.

VII. TELEHEALTH AND ELECTRONIC COMMUNICATIONS

All communications conducted through our telehealth platforms, including video, phone, SMS, and patient portals, are encrypted and secured using industry-leading technologies. However, patients are advised to:

  • Use secure Wi-Fi or networks

     

  • Avoid public computers for medical communications

     

  • Notify us immediately if a device with access to PHI is lost or stolen

     

VIII. DATA SECURITY MEASURES

We implement administrative, physical, and technical safeguards in compliance with HIPAA Security Rule standards, including but not limited to:

  • SSL encryption on all data transmission

     

  • Multi-factor authentication for internal systems

     

  • Role-based access control

     

  • Firewalled, HIPAA-compliant cloud hosting

     

  • Regular security audits and penetration testing

     

  • Breach notification protocols per HITECH

     

Despite these efforts, no method of transmission or storage is completely secure. By using our services, you accept this inherent risk.

IX. RETENTION OF PERSONAL INFORMATION

We retain your personal and health information for as long as necessary to fulfill the purposes outlined in this Policy, or as required by law. For example:

  • Florida law requires retention of medical records for at least 5 years

     

  • Insurance claims and billing data may be retained for audit purposes for 7+ years

     

Data destruction is performed in accordance with NIST standards.

X. YOUR RIGHTS

Subject to applicable law, you may have the right to:

  • Access your health data (right to know)

     

  • Request amendments to incorrect or incomplete information

     

  • Receive an accounting of disclosures

     

  • Restrict certain uses and disclosures (e.g., to insurers)

     

  • Opt-out of marketing communications

     

  • Request confidential communications (e.g., phone only)

     

  • Request deletion (where legally permissible)

     

  • Designate a personal representative or legal proxy

     

To exercise these rights, email privacy@blog.miamibeachurgentcare.com or submit a written request to:

Privacy Officer
Miami Beach Urgent Care
1329 Alton Road., Miami Beach, FL 33139
(305) 344-CARE (2273)

XI. CHILDREN’S PRIVACY

We do not knowingly collect information from children under 13 without verifiable parental or legal guardian consent. If we learn that such data has been inadvertently collected, we will delete it promptly.

XII. THIRD-PARTY LINKS AND INTEGRATIONS

Our Site may contain links to third-party websites or integrations (e.g., maps, Calendly, social media). We are not responsible for the privacy practices or content of these external sites. Please review their policies separately.

XIII. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy at our sole discretion. Material changes will be posted prominently on our Site and may be communicated via email or pop-up notification. Your continued use of our Services after changes constitutes acceptance.

XIV. CONTACT US

For questions, complaints, or data access requests related to this Policy:

Miami Beach Urgent Care
Attn: Privacy Department
Email: privacy@blog.miamibeachurgentcare.com
Phone:(305) 344-CARE (2273)
Website: https://blog.miamibeachurgentcare.com

You may also file a complaint with the U.S. Department of Health & Human Services Office for Civil Rights (OCR):
https://ocrportal.hhs.gov | Toll-Free: 1-800-368-1019

We will not retaliate against you for exercising your privacy rights.