AcuMedGroup LLC (“AcuMedGroup,” “we,” “us,” or “our”)
Notice of Privacy Practices
Effective Date: 10/28/2025 Last Updated: April 26, 2026
Introduction
AcuMedGroup is committed to maintaining the privacy and security of your Protected Health Information (PHI) in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the HIPAA Privacy Rule, the HIPAA Security Rule, and the Health Information Technology for Economic and Clinical Health Act (HITECH Act).
Our Commitment to Your Privacy
We recognize the importance of safeguarding your PHI and maintaining its confidentiality, integrity, and availability. We have implemented policies, procedures, and technologies designed to protect your health information, ensure compliance with federal and state laws, and uphold the trust you place in us.
Use and Disclosure of PHI
We may use and disclose your PHI for the following purposes:
- Treatment: To coordinate and provide your healthcare, including sharing information with healthcare providers involved in your care to ensure proper treatment and continuity of care.
- Payment: To process billing, insurance verification, claims, and collections related to healthcare services rendered.
- Healthcare Operations: To conduct quality assurance, auditing, accreditation, compliance reviews, provider training, and administrative operations.
- Telehealth and Digital Services: To deliver healthcare services via secure telehealth platforms and other electronic means, in compliance with HIPAA and applicable telehealth laws.
- A2P Messaging and Limited SMS Communications: We may send you appointment confirmations, schedule updates, wellness reminders, or educational notifications via text (SMS/MMS). These messages will not include diagnostic results, lab findings, or other unsecured PHI. All messages include “STOP” to unsubscribe and “HELP” for assistance.
- We maintain records of user consent for SMS communications, including timestamps, method of opt-in, and source of consent, in accordance with telecommunications regulations and carrier requirements.
- Business Associates and Technology Vendors: We may use trusted service providers and Business Associates to support our healthcare operations, payment processing, communications, website security, scheduling, analytics, and administrative functions. These may include, where applicable, Square for payment processing, GoHighLevel / LeadConnector for CRM and communications, Mailchimp for email communications, Cloudflare for hosting and security infrastructure, and other vendors used to operate the practice. Any service provider that creates, receives, maintains, or transmits PHI on our behalf is required to protect that information in accordance with applicable law and appropriate contractual safeguards.
- Other Permitted Uses: We may disclose PHI as required or permitted by law, including for public health reporting, law enforcement, health oversight, or in response to valid judicial or regulatory proceedings.
Patient Rights
Under HIPAA, you have the following rights regarding your PHI:
- Access: You may request to view or obtain copies of your health records.
- Amendment: You may request corrections to your PHI if you believe it is inaccurate or incomplete.
- Restrictions: You may request limits on certain uses or disclosures of your PHI. While we are not always required to agree, if the request meets HIPAA conditions, we will comply. If you pay for a healthcare item or service in full out of pocket, you may request that we not disclose information about that item or service to your health plan, unless disclosure is required by law.
- Confidential Communications: You may request communications in a specific format or at a specific location.
- Accounting of Disclosures: You may request a record of certain disclosures of your PHI made in the previous six years, except those made for treatment, payment, or healthcare operations.
- Right to Opt-Out of Mobile Messages: You may stop receiving SMS/MMS messages at any time by replying “STOP” to any message, or “HELP” for assistance.
- Right to Obtain a Paper Copy: Even if you receive this Notice electronically, you may request a printed copy at any time.
- Right to File a Complaint: You may file a complaint with AcuMedGroup or with the U.S. Department of Health and Human Services, Office for Civil Rights, if you believe your privacy rights have been violated. We will not retaliate against you for filing a complaint.
Our Legal Duties
AcuMedGroup is required by law to maintain the privacy and security of your PHI, provide this Notice of our legal duties and privacy practices, follow the terms of the Notice currently in effect, and notify you following a breach of unsecured PHI.
Safeguards and Security Measures
We employ administrative, physical, and technical safeguards to protect your PHI against unauthorized access, use, or disclosure. These include encryption, access controls, audit logs, and secure data storage.
We apply the “minimum necessary” standard when accessing, using, or disclosing PHI, except where HIPAA permits or requires broader access, such as for treatment purposes.
Please note that text message (SMS/MMS) communications are not encrypted and may be subject to unintended disclosure. Do not use SMS for sensitive medical discussions or requests. For secure communication of PHI, contact us to arrange a protected transmission method.
Breach Notification
In the event of a breach of unsecured PHI, AcuMedGroup will notify you in accordance with the HIPAA Breach Notification Rule. The notice will include the date of the breach, a description of the information involved, and steps you can take to protect yourself.
Reproductive Health and Sensitive Information
AcuMedGroup applies heightened care to sensitive health information, including reproductive health information, mental health information, substance-use information where applicable, HIV/AIDS information, sexually transmitted infection information, genetic information, and other categories protected by federal or Florida law. We will not use or disclose sensitive health information for a prohibited purpose and will follow applicable attestation, authorization, or legal-process requirements where required by law.
Changes to This Notice
We reserve the right to amend or update this Notice at any time. Revised notices will apply to all PHI maintained by us and will be posted on our website with the updated effective date. You may request a copy of the current Notice at any time.
Contact Information
AcuMedGroup LLC
1107 Person St., Kissimmee, FL 34741
Email: clinic@acumedgroup.com Phone: (407) 624-5258
Privacy Officer
Dr. Cecilia Rusnak
Email: dr.rusnak@acumedgroup.com
Phone: (407) 624-5258