Zhealus logo

Tracking Treatment Effectiveness

Notice of Privacy Policy

Zhealus LLC

As required by the privacy regulations created as a result of the Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Effective date: February 23, 2024

Most Recent Revision date: January 22, 2026

This notice describes how health information about you (as a participant in this service) may be used and disclosed and how you can get access to your individually identifiable health information. Please review this notice carefully.

Our commitment to your privacy:

Our organization is dedicated to maintaining the privacy of your individually identifiable health information (also called protected health information, or PHI). In conducting our services to support you, we will create records regarding you and the treatment you have received. We are required by law to maintain the confidentiality of health information that identifies you. We also are required by law to provide you with this notice of our legal duties and the privacy practices that we maintain in our organization concerning your PHI. By federal and state law, we must follow the terms of the Notice of Privacy Practices that we have in effect at the time.

We realize that these laws are complicated, but we must provide you with the following important information:

  1. How we may use and disclose your PHI,
  2. Your privacy rights in your PHI, and
  3. Our obligations concerning the use and disclosure of your PHI.

The terms of this notice apply to all records containing your PHI that are created or retained by our organization. We reserve the right to revise or amend this Notice of Privacy Practices. Any revision or amendment to this notice will be effective for all of your records that our organization has created or maintained in the past, and for any of your records that we may create or maintain in the future. Our organization will post a copy of our current Notice in our offices in a visible location at all times, on our website for your review, and you may request a copy of our most current Notice at any time.

If you have questions about this Notice, please contact: admin@zhealushealth.com

The following categories describe the different ways in which we may use and disclose your PHI. This is a required posting; it is not meant to stress anyone out and the Zhealus team believes much of these descriptions are never-events

Treatment. Our organization may use your PHI to support your provider in treating you. For example, Zhealus will forward electronically or may forward via voice/phone your responses to the post-treatment assessments to your provider or provider team to notify them of your health status. This is the basis of the Zhealus Tracking Treatment Effectiveness tool.

Payment. Our service will not disclose your PHI in order to bill and collect payment for the services you may receive from us. Our contracts and thus reimbursement is with your provider. We do not bill you or your insurance and will not ask for your insurance information or other methods of payment.

Health care operations. Our organization may use and disclose your PHI to operate our business. As examples of the ways in which we may use and disclose your information for our operations, Zhealus may use your PHI to evaluate the quality of care you received. As a service to your provider, we will disclose your PHI to assist in their health care operations and their quality assurance or risk management processes.

Optional Treatment options. Our service may use and disclose your PHI to inform you of potential treatment options or alternatives.

Optional Health-related benefits and services. Our service may use and disclose your PHI to inform you of health-related benefits or services that may be of interest to you.

Disclosures required by law. Zhealus will use and disclose your PHI when we are required to do so by federal, state or local law.

The following categories describe special circumstances or scenarios in which we may use or disclose your identifiable health information:

Public health risks. Our organization may disclose your PHI to public health authorities that are authorized by law to collect information for the purpose of:

  • Maintaining vital records, such as births and deaths,
  • Reporting child abuse or neglect,
  • Preventing or controlling disease, injury or disability,
  • Notifying a person regarding potential exposure to a communicable disease,
  • Notifying a person regarding a potential risk for spreading or contracting a disease or condition,
  • Reporting reactions to drugs or problems with products or devices,
  • Notifying individuals if a product or device they may be using has been recalled,
  • Notifying appropriate government agency(ies) and authority(ies) regarding the potential abuse or neglect of an adult patient (including domestic violence); however, we will only disclose this information if the patient agrees or we are required or authorized by law to disclose this information,
  • Notifying your employer under limited circumstances related primarily to workplace injury or illness or medical surveillance.

Health oversight activities. Our organization may disclose your PHI to a health oversight agency for activities authorized by law. Oversight activities can include, for example, investigations, inspections, audits, surveys, licensure and disciplinary actions; civil, administrative and criminal procedures or actions; or other activities necessary for the government to monitor government programs, compliance with civil rights laws and the health care system in general. Our reports and information are protected under state statues when a formal relationship for peer review process exists between Zhealus and the healthcare organization located within that state.

Lawsuits and similar proceedings. Our organization may use and disclose your PHI in response to a court or administrative order, if you are involved in a lawsuit or similar proceeding. We also may disclose your PHI in response to a discovery request, subpoena or other lawful process by another party involved in the dispute, but only if we have made an effort to inform you of the request or to obtain an order protecting the information the party has requested.

Law enforcement. We may release PHI if asked to do so by a law enforcement official:

  • Regarding a crime victim in certain situations, if we are unable to obtain the person's agreement,
  • Concerning a death we believe has resulted from criminal conduct,
  • In response to a court order, subpoena, warrant, summons or similar process,
  • To identify or locate a suspect, fugitive, material witness, or missing person,
  • In an emergency, to report a crime (including the location or victim(s) of the crime, or the description, identity or location of the perpetrator)

Optional Deceased patients. Our organization may release PHI to a medical examiner or coroner to identify a deceased individual or to identify the cause of death. If necessary, we also may release information in order for funeral directors to perform their jobs.

Optional Research. Zhealus and its research section may use and disclose your PHI for research purposes. We will obtain your written authorization to use your PHI for research purposes except when an Internal Review Board or Privacy Board has determined that the waiver of your authorization satisfies all of the following (standard) conditions:

  • The use or disclosure involves no more than a minimal risk to your privacy based on the following: (i) an adequate plan to protect the identifiers from improper use and disclosure; (ii) an adequate plan to destroy the identifiers at the earliest opportunity consistent with the research (unless there is a health or research justification for retaining the identifiers or such retention is otherwise required by law); and (iii) adequate written assurances that the PHI will not be re-used or disclosed to any other person or entity (except as required by law) for authorized oversight of the research study, or for other research for which the use or disclosure would otherwise be permitted;
  • The research could not practicably be conducted without the waiver;
  • The research could not practically be conducted without access to and use of the PHI.

Serious threats to health or safety. Our organization may use and disclose your PHI when necessary to reduce or prevent a serious threat to your health and safety or the health and safety of another individual or the public. Under these circumstances, we will only make disclosures to a person or organization able to help prevent the threat.

Military. Our organization may disclose your PHI if you are a member of U.S. or foreign military forces (including veterans) and if required by the appropriate authorities.

National security. Our organization may disclose your PHI to federal officials for intelligence and national security activities authorized by law. We also may disclose your PHI to federal officials in order to protect the president, other officials or foreign heads of state, or to conduct investigations. We would like to be that important, maybe someday.

Inmates. Our organization may disclose your PHI to correctional institutions or law enforcement officials if you are an inmate or under the custody of a law enforcement official. Disclosure for these purposes would be necessary: (a) for the institution to provide health care services to you, (b) for the safety and security of the institution, and/or (c) to protect your health and safety or the health and safety of other individuals.

Workers' compensation. Our organization may release your PHI to your provider for workers' compensation and similar programs.

You have the following rights regarding the PHI that we maintain about you:

Confidential communications. Our organization will provide your assessment responses to your provider or provider's organization in a standard, highly secured process. Subsequently it is the responsibility of the provider or the provider's organization to ensure you receive confidential communications if those entities choose to communicate with you directly. Zhealus will contact you solely through approved text message links.

Requesting restrictions. You have the right to request a restriction in our use or disclosure of your PHI for treatment and/or health care operations. Additionally, you have the right to request that we restrict our disclosure of your PHI to only certain individuals involved in your care though Zhealus has no structure to provide information to anyone other than your provider. We are not required to agree to your request; however, if we do agree, we are bound by our agreement except when otherwise required by law, in emergencies or when the information is necessary to treat you. In order to request a restriction in our use or disclosure of your PHI, you must make your request in writing to admin@zhealushealth.com. Your request must describe in a clear and concise fashion:

  • The information you wish restricted,
  • Whether you are requesting to limit our use, disclosure or both, and
  • To whom you want the limits to apply.

Inspection and copies. You have the right to inspect and obtain a copy of the PHI that may be used to make decisions about you. Since Zhealus provides this information directly to your provider you can also inquire with your provider. Zhealus does not assess behavioral health activity. You must submit your request in writing to admin@zhealushealth.com in order to inspect and/or obtain a copy of your PHI. Our organization may charge a fee for the costs of copying, mailing, labor and supplies associated with your request. Our organization may deny your request to inspect and/or copy in certain limited circumstances; however, you may request a review of our denial. Another licensed health care professional chosen by us will conduct reviews.

Amendment. You may ask us to amend your health information if you believe it is incorrect or incomplete, and you may request an amendment for as long as the information is kept by or for our organization. To request an amendment, your request must be made in writing and submitted to admin@zhealushealth.com. You must provide us with a reason that supports your request for amendment. Our organization will deny your request if you fail to submit your request (and the reason supporting your request) in writing. Also, we may deny your request if you ask us to amend information that is in our opinion: (a) accurate and complete; (b) not part of the PHI kept by or for the organization; (c) not part of the PHI which you would be permitted to inspect and copy; or (d) not created by our service.

Accounting of disclosures. All of our patients have the right to request an "accounting of disclosures." An "accounting of disclosures" is a list of certain non-routine disclosures our organization has made of your PHI for purposes not related to treatment, payment or operations. We will document all use of your PHI as part of the routine service and data management in our organization. In order to obtain an accounting of disclosures, you must submit your request in writing to admin@zhealushealth.com. All requests for an "accounting of disclosures" must state a time period, which may not be longer than six (6) years from the date of disclosure and may not include dates before January 1, 2026. The first list you request within a 12-month period is free of charge, but our organization may charge you for additional lists within the same 12-month period. Our organization will notify you of the costs involved with additional requests, and you may withdraw your request before you incur any costs.

Right to a paper copy of this notice. You are entitled to receive a paper copy of our notice of privacy practices. You may ask us to give you a copy of this notice at any time. To obtain a paper copy of this notice, contact admin@zhealushealth.com.

Right to file a complaint. If you believe your privacy rights have been violated, you may file a complaint with our organization or with the Secretary of the Department of Health and Human Services. To file a complaint with our organization, contact admin@zhealushealth.com. All complaints must be submitted in writing. You will not be penalized for filing a complaint.

Right to provide an authorization for other uses and disclosures. Our organization will obtain your written authorization for uses and disclosures that are not identified by this notice or permitted by applicable law. Any authorization you provide to us regarding the use and disclosure of your PHI may be revoked at any time in writing. After you revoke your authorization, we will no longer use or disclose your PHI for the reasons described in the authorization. Please note: we are required to retain records of your care.

Again, if you have any questions regarding this notice or our health information privacy policies, please contact admin@zhealushealth.com