Privacy Policy
Last Updated: June 17th, 2025
I. INTRODUCTION
Miami Beach Urgent Care (“MBUC,” “we,” “our,” or “us”) respects and is firmly committed to protecting your privacy. This Privacy Policy (the “Policy”) describes how we collect, use, store, disclose, and protect personal and health-related information about users of our website, https://blog.miamibeachurgentcare.com (the “Site”), and any affiliated applications, digital services, and portals owned and operated by MBUC (collectively, the “Services”).
This Policy applies to all individuals who access our Services, including patients, caregivers, healthcare professionals, and general visitors. By using our Services, you signify that you have read, understood, and agreed to the practices described in this Policy. If you do not agree to this Policy, please discontinue use of our Services immediately.
II. LEGAL FRAMEWORK AND GOVERNING COMPLIANCE
This Policy is designed to be compliant with:
- The Health Insurance Portability and Accountability Act of 1996 (HIPAA)
- The Health Information Technology for Economic and Clinical Health Act (HITECH)
- Applicable state medical privacy laws (including Florida statutes)
- The California Consumer Privacy Act (CCPA), where applicable
- Federal Trade Commission (FTC) guidelines
- General Data Protection Regulation (GDPR) for data subjects in the European Economic Area, if and to the extent applicable
MBUC adheres to the principle of minimum necessary use and disclosure of protected health information (PHI) and ensures lawful processing under U.S. and international privacy frameworks.
III. INFORMATION WE COLLECT
MBUC collects the following categories of information through its digital and physical services:
A. Personally Identifiable Information (PII)
Includes but is not limited to:
- Full name
- Date of birth
- Mailing address
- Email address
- Phone number
- Insurance provider details
- Social Security Number (only when required for lawful healthcare processing)
- Emergency contact information
B. Protected Health Information (PHI)
Collected in accordance with HIPAA:
- Medical history, diagnoses, symptoms, prescriptions, test results
- Appointments and treatment plans
- Provider notes and clinical observations
- Intake and consent forms
- Insurance billing and claim submissions
- Telehealth communication content
C. Non-Identifiable Technical and Device Data
Collected automatically:
- IP address and geolocation (approximate)
- Browser and device information
- Session duration, page visits, navigation paths
- Referral URLs
- Cookies and analytics identifiers
D. Aggregated and De-identified Data
We may anonymize your data for operational, research, or benchmarking purposes. Once de-identified per HIPAA and industry standards, this data is no longer subject to PHI protections.
IV. HOW WE USE YOUR INFORMATION
Your data may be used in the following ways:
A. Clinical Care and Medical Operations
- Scheduling, treating, and following up on patient visits
- Administering medication, IV therapy, and diagnostics
- Referring to specialists or labs as needed
- Coordinating care across health providers
B. Payment and Reimbursement Processing
- Submitting insurance claims
- Verifying coverage and pre-authorizations
- Processing credit card or ACH payments
- Managing co-pays, billing questions, and disputes
C. Website and Digital Platform Management
- Providing access to patient portals or online booking
- Troubleshooting, load balancing, and server security
- Managing user accounts and contact preferences
D. Marketing and Patient Outreach
- Sending appointment reminders, newsletters, or service updates
- Providing information on new treatments or urgent care enhancements
- NOTE: We do not sell your information. Any direct marketing will comply with opt-in/opt-out consent requirements per applicable law.
E. Research, Quality Assurance, and Public Health
- Participating in de-identified population health studies
- Improving healthcare delivery based on user behavior and outcomes
- Reporting public health concerns (e.g., infectious disease outbreaks)
V. DISCLOSURE OF INFORMATION
We may disclose your information under the following lawful circumstances:
A. To Healthcare Providers and Staff
- With your treating physicians, nurses, labs, and clinical support
- Across integrated electronic health record (EHR) systems
B. To Business Associates
Third parties (e.g., billing services, cloud providers, CRM platforms) contracted to perform services on our behalf are required by law and written agreement to maintain the privacy and security of your data.
C. To Insurance Providers and Government Payors
- For payment and pre-authorization purposes
- For Medicaid/Medicare or private carrier billing
D. When Required by Law
- Subpoenas, court orders, or regulatory audits
- Reporting child abuse, neglect, or domestic violence
- Cooperating with law enforcement under lawful warrants
E. To Public Health Authorities
- COVID-19 or communicable disease reporting
- Product recalls, vaccine distribution, and immunization tracking
F. In Case of Emergencies
- To protect a patient’s life or the safety of others
G. As Part of a Sale, Merger, or Acquisition
Your data may be transferred as part of an asset sale, merger, or similar transaction, subject to confidentiality and privacy protections.
VI. COOKIES, TRACKING TECHNOLOGIES, AND ANALYTICS
We use industry-standard tools such as cookies, web beacons, session storage, and third-party services (e.g., Google Analytics, Meta Pixel) to:
- Measure site traffic and performance
- Identify trends in site behavior
- Serve contextual advertising (never linked to PHI)
- Secure our systems against bot traffic and DDoS attacks
Users may control cookies via browser settings. Note that disabling cookies may impair certain features of our Site.
VII. TELEHEALTH AND ELECTRONIC COMMUNICATIONS
All communications conducted through our telehealth platforms, including video, phone, SMS, and patient portals, are encrypted and secured using industry-leading technologies. However, patients are advised to:
- Use secure Wi-Fi or networks
- Avoid public computers for medical communications
- Notify us immediately if a device with access to PHI is lost or stolen
VIII. DATA SECURITY MEASURES
We implement administrative, physical, and technical safeguards in compliance with HIPAA Security Rule standards, including but not limited to:
- SSL encryption on all data transmission
- Multi-factor authentication for internal systems
- Role-based access control
- Firewalled, HIPAA-compliant cloud hosting
- Regular security audits and penetration testing
- Breach notification protocols per HITECH
Despite these efforts, no method of transmission or storage is completely secure. By using our services, you accept this inherent risk.
IX. RETENTION OF PERSONAL INFORMATION
We retain your personal and health information for as long as necessary to fulfill the purposes outlined in this Policy, or as required by law. For example:
- Florida law requires retention of medical records for at least 5 years
- Insurance claims and billing data may be retained for audit purposes for 7+ years
Data destruction is performed in accordance with NIST standards.
X. YOUR RIGHTS
Subject to applicable law, you may have the right to:
- Access your health data (right to know)
- Request amendments to incorrect or incomplete information
- Receive an accounting of disclosures
- Restrict certain uses and disclosures (e.g., to insurers)
- Opt-out of marketing communications
- Request confidential communications (e.g., phone only)
- Request deletion (where legally permissible)
- Designate a personal representative or legal proxy
To exercise these rights, email privacy@blog.miamibeachurgentcare.com or submit a written request to:
Privacy Officer
Miami Beach Urgent Care
1329 Alton Road., Miami Beach, FL 33139
(305) 344-CARE (2273)
XI. CHILDREN’S PRIVACY
We do not knowingly collect information from children under 13 without verifiable parental or legal guardian consent. If we learn that such data has been inadvertently collected, we will delete it promptly.
XII. THIRD-PARTY LINKS AND INTEGRATIONS
Our Site may contain links to third-party websites or integrations (e.g., maps, Calendly, social media). We are not responsible for the privacy practices or content of these external sites. Please review their policies separately.
XIII. CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy at our sole discretion. Material changes will be posted prominently on our Site and may be communicated via email or pop-up notification. Your continued use of our Services after changes constitutes acceptance.
XIV. CONTACT US
For questions, complaints, or data access requests related to this Policy:
Miami Beach Urgent Care
Attn: Privacy Department
Email: privacy@blog.miamibeachurgentcare.com
Phone:(305) 344-CARE (2273)
Website: https://blog.miamibeachurgentcare.com
You may also file a complaint with the U.S. Department of Health & Human Services Office for Civil Rights (OCR):
https://ocrportal.hhs.gov | Toll-Free: 1-800-368-1019
We will not retaliate against you for exercising your privacy rights.
