Magnolia Medspa and Wellness Privacy Policy

Last Updated: [12/27/2024]

Magnolia Medspa and Wellness (“we,” “us,” or “our”) is committed to protecting the privacy

and security of your Protected Health Information (PHI) in accordance with the Health Insurance

Portability and Accountability Act of 1996 (HIPAA) and other applicable laws. This Privacy

Policy explains (a) how we handle your PHI and medical records, (b) your rights regarding your

PHI, and (c) whom you can contact with questions or concerns.

1. How We Treat Protected Health Information (PHI)

1. Collection of PHI

o We collect PHI directly from patients during consultations, appointments, and

treatments. This information may include name, address, birthdate, health history,

treatment records, and other details necessary for providing quality care.

2. Use and Disclosure of PHI

o Treatment: We use your PHI to provide you with medical services and coordinate

care. This can include sharing PHI with other healthcare professionals involved in

your treatment (e.g., specialists or labs).

o Payment: We may share PHI with insurance providers or other entities as needed

to bill and process payment for services rendered.

o Healthcare Operations: We may use PHI for internal administrative activities,

such as staff training, quality assurance, and compliance audits.

o Other Permitted Uses: We only share PHI as permitted or required by law (e.g.,

public health reporting, responding to a court order).

3. Safeguards and Security Measures

o We implement administrative, physical, and technical safeguards (e.g., secure

servers, password protection, encryption) to protect PHI against unauthorized

access, alteration, or disclosure.

o We regularly train staff on HIPAA and privacy practices to ensure compliance

with federal regulations.

2. Your Rights Regarding Your PHI

1. Right to Access and Copy

o You have the right to request and receive a copy of your medical records and

other PHI that we maintain, subject to limited exceptions.

2. Right to Request Amendment

o If you believe that your PHI is inaccurate or incomplete, you have the right to

request that we correct or update your records.

3. Right to an Accounting of Disclosures

o You may request a list (an “accounting”) of certain instances in which we

disclosed your PHI for reasons other than treatment, payment, or healthcare

operations.

4. Right to Request Restrictions

o You can ask us not to use or share certain health information for treatment,

payment, or operations. We will consider your request, though we are not always

required to agree if it hinders the provision of safe and efficient care.

5. Right to Confidential Communications

o You may request that we contact you in a specific way (e.g., via personal cell

phone or alternative mailing address) to ensure your privacy.

6. Right to a Paper Copy of This Notice

o You have the right to obtain a paper copy of this Privacy Policy at any time, even

if you have previously agreed to receive it electronically.

3. Contact Information for Our Privacy Official

If you have questions or concerns about how we handle your PHI, or if you wish to exercise any

of the rights listed above, please contact our Privacy Official:

Name/Title: Farhan Abdullah

Phone: 817-329-0102

Email: [email protected]

Address: 2111 Kirkwood Blvd, Suite 110, Southlake TX 76092

We take your privacy very seriously and will work diligently to address any questions, concerns,

or complaints you may have regarding our privacy practices. If you believe your privacy rights

have been violated, you may also file a complaint with the U.S. Department of Health and

Human Services. We will not retaliate against you for filing a complaint.

Updates to This Privacy Policy

We reserve the right to update or modify this Privacy Policy at any time in order to stay

compliant with relevant laws and maintain best practices. All updates will be posted on our

website with the “Last Updated” date at the top of this page.