Legal & Compliance

HIPAA Compliance & Patient Privacy

At ProHealth Clinic, protecting your health information is not just a legal requirement — it is a core part of our commitment to ethical, patient-centered care. We strictly adhere to all applicable provisions of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), as well as relevant federal and Pennsylvania state privacy laws.

Your trust matters. Safeguarding your privacy is fundamental to maintaining that trust.

01 Our Commitment to HIPAA Compliance

ProHealth Clinic complies with:

  • HIPAA Privacy Rule
  • HIPAA Security Rule
  • HIPAA Breach Notification Rule
  • HITECH Act requirements
  • Applicable Pennsylvania healthcare privacy regulations

We maintain comprehensive policies and procedures designed to protect Protected Health Information (PHI) and Electronic Protected Health Information (ePHI).

02 What Is Protected Health Information (PHI)?

Protected Health Information (PHI) includes any information that:

  • Identifies you as a patient
  • Relates to your physical or mental health condition
  • Describes medical services provided to you
  • Includes payment information related to healthcare services

PHI may exist in electronic, paper, or verbal form. We apply strict safeguards across all formats.

03 Administrative Safeguards

We implement structured internal policies and staff protocols to ensure HIPAA compliance, including:

  • Designated HIPAA Privacy Officer oversight
  • Workforce training on privacy and confidentiality
  • Role-based access control policies
  • Confidentiality agreements for staff
  • Internal risk assessments and compliance audits
  • Secure record retention and disposal procedures

Access to patient information is granted only to authorized personnel who require it to perform legitimate healthcare duties.

04 Technical Safeguards

To protect electronic health information, we utilize:

  • Encrypted Electronic Medical Record (EMR) systems
  • Secure, password-protected access controls
  • Multi-layer authentication measures
  • Secure socket layer (SSL) website encryption
  • Firewall and intrusion detection systems
  • Regular system updates and security patches

All telemedicine services are conducted through HIPAA-compliant, encrypted platforms to ensure secure communication.

05 Physical Safeguards

We maintain secure physical controls within our clinic to protect patient records, including:

  • Restricted access areas for medical records
  • Secure workstation placement
  • Locked file storage (where applicable)
  • Controlled facility access
  • Secure disposal of paper records and media

These measures help prevent unauthorized viewing or access to patient information.

06 Business Associate Agreements (BAAs)

Any third-party vendor that may access Protected Health Information — including billing services, IT providers, telehealth platforms, and cloud storage vendors — is required to sign a Business Associate Agreement (BAA).

These agreements ensure that all vendors:

  • Comply with HIPAA standards
  • Implement required safeguards
  • Maintain confidentiality
  • Report potential breaches promptly

We do not work with vendors who fail to meet HIPAA compliance requirements.

07 Telemedicine & Secure Communications

Our telehealth services use encrypted, HIPAA-compliant platforms to ensure secure virtual care. We take precautions to protect:

  • Video consultations
  • Digital documentation
  • Electronic prescriptions
  • Secure messaging systems

While no internet transmission is 100% guaranteed secure, we use industry-standard encryption and security protocols to minimize risk. Patients are advised not to submit sensitive medical information through unsecured email or non-secure website forms.

08 Breach Prevention & Notification

ProHealth Clinic maintains proactive monitoring systems to reduce the risk of unauthorized access or data breaches. In the unlikely event of a data breach involving Protected Health Information, we will:

  • Conduct a prompt internal investigation
  • Assess the scope and risk of exposure
  • Notify affected individuals as required by HIPAA
  • Report the breach to the U.S. Department of Health & Human Services (HHS) if applicable
  • Take corrective action to prevent recurrence

Transparency and timely communication are central to our compliance framework.

09 Your Rights Under HIPAA

As a patient, you have the right to:

  • Access and obtain copies of your medical records
  • Request corrections to inaccurate information
  • Request restrictions on certain disclosures
  • Request confidential communications
  • Receive an accounting of disclosures
  • File a complaint without fear of retaliation

To exercise any of these rights, please contact our office directly.

10 Confidentiality of Care

At ProHealth Clinic, confidentiality extends beyond regulatory compliance. We believe patient privacy is foundational to compassionate care. All providers and staff members are trained to:

  • Conduct discussions in private settings
  • Avoid unauthorized disclosure of patient information
  • Verify patient identity before releasing information
  • Respect confidentiality at every stage of care

Your personal and medical information will never be sold or shared for marketing purposes.

11 Questions or Privacy Concerns

If you have questions about how your health information is protected or would like to request access to your records, please contact:

ProHealth Clinic

2846 Knights Road, Suite B, Bensalem, PA 19020

215-244-9894

You may also request a copy of our official HIPAA Notice of Privacy Practices during your visit.

trust
ProHealth Clinic combines the accessibility of walk-in care with the professionalism of a modern medical practice — ensuring every patient receives accurate, attentive, and compassionate treatment.