Notice of HIPPA Privacy Practices

Notice of HIPPA Privacy Practices

Notice of HIPPA Privacy Practices

Last Updated: Jan 19, 2026

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN ACCESS THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1. Our Responsibilities

This Notice of Privacy Practices (this “Notice”) describes how Mona Saint, MD, A Medical Corporation, doing business as VitalityMD (“VitalityMD,” “we,” “us,” or “our”) may use and disclose your protected health information and how you can access that information.

VitalityMD is a physician-owned professional medical corporation and a covered entity under the Health Insurance Portability and Accountability Act of 1996 (“HIPPA”). We are required by law to:

  • Maintain the privacy and security of your protected health information;

  • Provide you with this Notice of our legal duties and privacy practices; and

  • Follow the terms of the Notice currently in effect.

This Notice applies to all protected health information (“PHI”) created, received, maintained, or transmitted by VitalityMD.

2. What Is Protected Health Information

Protected Health Information” or “PHI” means information about you, including demographic information, that:

  • Identifies you or could reasonably be used to identify you; and

  • Relates to your past, present, or future physical or mental health or condition, the provision of health care to you, or payment for health care services.

3. How We May Use and Disclose Your PHI

VitalityMD may use and disclose your PHI for treatment, payment, and health care operations, and for other purposes permitted or required by law, as described below.

A. Treatment

We may use and disclose your PHI to provide, coordinate, or manage your health care and related services. This includes sharing information with other health care providers involved in your care, such as referring physicians, laboratories, pharmacies, or specialists, to ensure continuity and quality of care.

B. Payment

We may use and disclose your PHI to obtain payment for health care services provided to you. This may include billing, payment processing, collections, and related administrative activities.

C. Health Care Operations

We may use or disclose your PHI to support our health care operations, including:

  • Quality assessment and improvement activities;

  • Case management and care coordination;

  • Practice management and administrative functions;

  • Compliance, auditing, and legal services;

  • Training and education of staff; and

  • Technology infrastructure, data security, and system maintenance.

Where appropriate, we may de-identify or anonymize information so that it no longer constitutes PHI or personally identifiable information. De-identified information may be used for internal analytics, quality improvement, education, research, or similar non-commercial purposes. We do not sell your PHI.

4. Uses and Disclosures Without Your Authorization

We may use or disclose your PHI without your authorization in certain circumstances permitted or required by law, including but not limited to:

  • As required by federal or state law

  • Public health activities

  • Health oversight activities

  • Reporting abuse, neglect, or domestic violence

  • Food and Drug Administration reporting

  • Judicial or administrative proceedings

  • Law enforcement purposes

  • Coroners, medical examiners, and funeral directors

  • Organ donation

  • Certain research activities (subject to legal safeguards)

  • Workers’ compensation

  • Specialized government functions (such as military or national security activities)

We may also disclose PHI to the U.S. Department of Health and Human Services for purposes of investigating or determining our compliance with HIPAA.

California law may impose additional restrictions on certain disclosures, and where applicable, we will comply with those stricter requirements.

5. Uses and Disclosures Requiring Your Authorization

Uses and disclosures of your PHI not described in this Notice or otherwise permitted by law will be made only with your written authorization. You may revoke an authorization at any time in writing, except to the extent we have already relied on it.

6. Your Rights Regarding Your PHI

You have the following rights regarding your PHI, subject to certain legal limitations:

A. Right to Access and Obtain Copies

You have the right to inspect and obtain a copy of your PHI in paper or electronic form, subject to certain exceptions.

B. Right to Request Amendments

You may request that we amend your PHI if you believe it is incorrect or incomplete. We may deny your request in certain circumstances, but will provide a written explanation.

C. Right to an Accounting of Disclosures

You have the right to receive an accounting of certain disclosures of your PHI, except for disclosures made for treatment, payment, or health care operations, or as otherwise exempt under HIPAA.

D. Right to Request Restrictions

You may request restrictions on certain uses or disclosures of your PHI. We are not required to agree to all requested restrictions, except as required by law.

E. Right to Confidential Communications

You may request that we communicate with you in a specific manner or at a specific location (for example, by mail instead of email).

F. Right to a Paper Copy

You have the right to obtain a paper copy of this Notice upon request, even if you have previously agreed to receive it electronically.

7. Revisions to This Notice

We reserve the right to revise this Notice and to make the revised Notice effective for PHI we already maintain as well as for PHI we receive in the future. The current version of this Notice will be posted on our website and made available upon request.

8. Breach Notification

We will notify you if a reportable breach of your unsecured PHI occurs, in accordance with HIPAA and applicable state law. Notification will be provided without unreasonable delay and no later than 60 days after discovery of the breach and will include information about the breach and steps you may take to protect yourself.

9. Complaints

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.

To file a complaint with VitalityMD:

HIPAA Privacy Officer
VitalityMD
27512 Calle Arroyo
San Juan Capistrano, CA 92675
Email: privacy@vitalitymd.co

To file a complaint with HHS:

U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-877-696-6775
Website: https://www.hhs.gov/ocr/privacy/hipaa/complaints/

10. Contact Information

If you have any questions about this Notice, please contact:

VitalityMD
HIPAA Privacy Officer
27512 Calle Arroyo
San Juan Capistrano, CA 92675
Email: privacy@vitalitymd.co