THE DEPTH COLLECTIVE

Privacy Policy

Last updated 8/14/2025

This privacy notice for The Depth Collective describes how we collect, use, and protect your information when you visit our website and use our healthcare services. This notice covers both:

  • Protected Health Information (PHI) collected in connection with our healthcare services, governed by HIPAA
  • General website information collected during your visit

For healthcare activities, we are required by law to maintain the privacy of your PHI and provide you with this notice of our legal duties and privacy practices.


SUMMARY OF KEY POINTS

What information do we collect? We collect PHI when you request our healthcare services and general website data when you browse our site.

How do we collect general website data? We use self-hosted, privacy-friendly analytics tools

How do we use your information? PHI is used only for treatment, payment, and healthcare operations unless you authorize other uses. Website data is used to improve our services and provide relevant content.

Do we share PHI? We DO NOT share PHI with advertisers, social media, or marketing partners. We only share PHI with healthcare providers, insurers, and HIPAA-compliant business associates as permitted by law.

Your HIPAA rights? You have rights to access, amend, restrict use of your PHI, and file complaints.

1. WHAT INFORMATION DO WE COLLECT?


Protected Health Information (PHI)


When you use our healthcare services, we collect:

  • Medical records and health information
  • Payment information for healthcare services
  • Patient portal communications
  • Appointment scheduling information


For healthcare activities, we are required by law to maintain the privacy of your PHI and provide you with this notice of our legal duties and privacy practices.



General Website Information


For website browsing, we collect:

  • IP addresses, browser type, device information
  • Website usage analytics
  • Contact form submissions (non-health related)
  • Newsletter preferences


We do not collect sensitive health information through general website features.


2. HOW WE USE YOUR INFORMATION


PHI Uses

  • Treatment: Providing healthcare services and coordinating care
  • Payment: Billing and payment processing
  • Healthcare Operations: Quality improvement and administrative functions
  • Other uses require your written authorization


Website Information Uses

  • Improve website functionality and user experience
  • Respond to inquiries and provide customer support
  • Send newsletters and non-health marketing (with consent)
  • Website security and fraud prevention


3. INFORMATION SHARING


PHI Sharing – PROHIBITED:


❌ Advertising networks ❌ Social media platforms ❌ Marketing partners ❌ Non-HIPAA compliant analytics


PHI Sharing – PERMITTED:


✅ Healthcare providers involved in your care ✅ Insurance companies for payment ✅ HIPAA-compliant business associates ✅ Government agencies when required by law


Website Information Sharing


We may share non-PHI website data with analytics services, hosting providers, and marketing platforms to improve our services.


4. COOKIES AND TRACKING


PHI Areas (Appointment Booking): Only essential cookies for functionality and security. No third-party tracking.

General Website: We use cookies for analytics, preferences, and marketing. You can disable non-essential cookies without affecting healthcare services.


5. YOUR HIPAA RIGHTS


You have the right to:

  • Access: Request copies of your PHI
  • Amendment: Request corrections to your PHI
  • Restriction: Request limits on PHI use/disclosure
  • Confidential Communications: Request alternative communication methods
  • Accounting: Request list of PHI disclosures
  • Breach Notification: Be notified of PHI breaches within 60 days
  • File Complaints: With us or HHS Office for Civil Rights


6. DATA SECURITY


We implement technical, administrative, and physical safeguards to protect PHI and website information. However, no electronic transmission is 100% secure. PHI areas use enhanced security measures including encryption and access controls.


7. DATA RETENTION

  • PHI: Retained as required by law and professional standards
  • Website Data: Retained for legitimate business purposes, typically 2-7 years


8. MINORS


We do not knowingly collect PHI or website data from minors without parental consent. Healthcare services for minors follow applicable state laws regarding consent.


9. YOUR CHOICES

PHI: You may restrict certain uses but cannot limit treatment, payment, or healthcare operations activities.

Website Data: You may opt out of marketing communications, disable cookies, or request data deletion where legally permitted.


10. BUSINESS ASSOCIATES


We require HIPAA Business Associate Agreements with any vendors accessing PHI, including cloud storage, IT support, and payment processors.


11. UPDATES TO THIS NOTICE


We may update this notice as required by law. Material changes affecting PHI will be posted prominently and patients will be notified at their next healthcare interaction.


12. CONTACT INFORMATION


For PHI-related questions or HIPAA rights: Privacy Officer: Hayat Nadar Email: privacy@thedepthcollective.com Phone: [Phone] Address: [Address]

For general website privacy questions: Email: web@thedepthcollective.com Phone: [Phone]

To file HIPAA complaints: HHS Office for Civil Rights Website: www.hhs.gov/ocr/privacy/hipaa/complaints/