Archangel Michael Health
Archangel Michael Health
  • Home
  • About
  • Services
  • Inquiries
  • Patient Application
  • Payments
  • Members Only
  • More
    • Home
    • About
    • Services
    • Inquiries
    • Patient Application
    • Payments
    • Members Only
  • Sign In
  • Create Account
  • My Account

  • Signed in as:

  • filler@godaddy.com

  • My Account

  • Sign out

Signed in as:

filler@godaddy.com

  • Home
  • About
  • Services
  • Inquiries
  • Patient Application
  • Payments
  • Members Only

Account

  • My Account

  • Sign out

  • Sign In
  • My Account

Archangel Micheal Health Privacy Statement

  

Policy Last Updated: 01-23-2025

1. Introduction

Archangel Michael Health, PA (“we,” “our,” “us,” or “the Practice”) is committed to protecting the privacy and confidentiality of your health information in accordance with the Health Insurance Portability and Accountability Act (HIPAA) and applicable Florida state laws. This Privacy Statement outlines how we collect, use, disclose, and protect your Personal Health Information (PHI) and any other personal information provided to us.

2. Scope

This Privacy Statement applies to all services and platforms we use or provide, including:

  • Telehealth Services via Doxy.me and Microsoft Teams (as needed)
  • Online Scheduling & Forms via Microsoft Bookings and Microsoft Forms
  • Payment Processing through Stripe or PayPal links on Doxy.me or Microsoft Bookings
  • Email Communications via HIPAA-compliant Microsoft 365 Business and Google Workspace Business
  • Newsletters & Administrative Emails sent through Microsoft 365
  • Social Media platforms such as X (Twitter), Instagram, Facebook, and Telegram (for general announcements only, never sharing PHI)

This Privacy Statement may be updated if we expand our services to include in-person office care or adopt a new Electronic Health Record (EHR/EMR) vendor.

3. How We Collect Information

3.1 Patient Intake & Scheduling

  • Microsoft Forms & Bookings: We collect personal information (such as name, contact information, and health details) when you schedule appointments or submit forms. These platforms fall under our Microsoft 365 HIPAA-compliant environment, and we have executed a Business Associate Agreement (BAA) with Microsoft.

3.2 Telehealth & Video Visits

  • Doxy.me: We use Doxy.me for telehealth appointments. All sessions are end-to-end encrypted, and we maintain a BAA with Doxy.me. Any PHI transmitted or recorded during telehealth visits is transferred to your      patient chart and deleted from Doxy.me within 7 days.

3.3 Communication Channels

  • Email: We may communicate with you using HIPAA-compliant email through Microsoft 365 or Google Workspace (both under BAAs).
  • Newsletter: We may send newsletters or practice updates to your email. No PHI is sent through newsletters, and you can opt out at any time.
  • Social Media: We maintain accounts on X.com (Twitter), Instagram, Facebook, and Telegram solely for general announcements and educational content. We do not share or request PHI on these platforms.

3.4 Payment Information

  • Stripe & PayPal: All payments are processed through secure third-party payment processors (Stripe or PayPal) accessible via links provided on Doxy.me or Microsoft Bookings. We do not store or have direct access to your full payment details (e.g., credit card numbers). Any payment data is processed under Stripe’s or PayPal’s privacy and security policies.

3.5 Cookies & Analytics

  • No Tracking Cookies: We do not collect or store cookies or use third-party analytics for marketing or tracking purposes on our website.

3.6 Minors

  • For patients under the age of 18, parental or guardian consent is required for the collection and use of any PHI. We comply with all applicable Florida laws and HIPAA regulations regarding minors’ health information.

4. Use & Disclosure of Information

4.1 Permitted Uses & Disclosures

We use and disclose PHI for:

  • Treatment: Providing telehealth consultations, reviewing medical history, and coordinating care.
  • Payment: Processing service fees through our third-party payment processors.
  • Healthcare Operations: Practice management, scheduling, and quality improvement.

4.2 Disclosures to Third Parties

We only share PHI with:

  • Business Associates who have executed a BAA with us (e.g., Microsoft, Google, Doxy.me).
  • Payment Processors (Stripe or PayPal) as necessary to handle financial transactions.
  • Public Health Authorities or Legal Entities when required by law (e.g., responding to subpoenas or reporting communicable diseases).

4.3 No Selling of PHI

We do not sell or rent your personal or health information to any third parties.

5. Data Security & Retention

5.1 Security Measures

  • Encryption: All devices used by our practice employ enterprise-level encryption.
  • Secure Storage: Records are maintained in encrypted formats within our HIPAA-compliant Microsoft 365 and Google Workspace systems.
  • Access Controls: Only authorized personnel have access to your PHI, and they receive privacy and security training.

5.2 Retention Period

We retain patient medical records for 7 years, in accordance with our record retention policy and Florida regulations. After that period, records may be securely destroyed or archived unless otherwise required by law.

6. Future EHR/EMR Adoption

We plan to establish contracts with EHR/EMR vendors in the future. Once that happens:

  • This Privacy Statement will be updated to reflect any additional privacy and data handling practices.
  • We will execute BAAs with the EHR/EMR vendor to ensure ongoing HIPAA compliance.

7. Your Rights

Under HIPAA and Florida law, you have the right to:

  • Request Access to your medical records and PHI.
  • Request Amendments to your PHI if you believe it is incorrect or incomplete.
  • Request Restrictions on certain uses or disclosures of your PHI.
  • Request Confidential Communications (e.g., alternative email or mailing address).
  • Obtain a List of Certain Disclosures of your PHI.
  • File a Complaint if you believe your privacy rights have been violated.

8. Contact for Privacy Inquiries & Complaints

If you have questions, concerns, or complaints about this Privacy Statement or our privacy practices, please contact us at:

  • Email: manager@archangelmichaelhealth.com
  • Phone: (352) 441-9110

We take all privacy concerns seriously and will respond to your inquiry promptly. You may also file a complaint with the U.S. Department of Health & Human Services (HHS) Office for Civil Rights if you believe your privacy rights have been violated. We will not retaliate against you for filing a complaint.

9. Changes to This Privacy Statement

We may update or revise this Privacy Statement to reflect material changes in our practices, services, or legal obligations. The updated version will be posted on our website with a new “Last Updated” date. Continuing to use our services after any changes signifies your acceptance of the revised Privacy Statement.

For detailed information on how we use and disclose your protected health information, please see our HIPAA-compliant Notice of Privacy Practices at https://archangelmichaelhealth.com. 


Thank you for trusting Archangel Michael Health, PA with your healthcare needs. If you have any questions or concerns about this Privacy Statement or how we protect your information, please contact us at any time.

Copyright © 2025 Archangel Michael Health, PA - All Rights Reserved.

  • Privacy Statement
  • Members Only

Guided by Archangel Michael's Wisdom