Privacy Policy –

Effective Date: 7-21-2025

Lunaris Health PLLC (“we,” “us,” or “our”) respects your privacy and is committed to protecting your personal health information. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information in compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the HITECH Act, and applicable Arizona state privacy laws.

1. Information We Collect

We may collect the following types of personal and protected health information (“PHI”):

• Full name, date of birth, address, phone number, and email

• Health history, medications, diagnoses, and treatment information

• Appointment and billing information

• IP address, browser type, and device data when visiting our site

Information is collected via:

• Forms on our website (www.lunarishealthpllc.com)

• Charm EHR (HIPAA-compliant EHR platform)

• Doxy.me (HIPAA-compliant telehealth video platform)

• Payment processors and patient communication tools

2. How We Use Your Information

We may use your information to:

• Provide telehealth and clinical care services

• Communicate with you regarding your care and appointments

• Manage billing, payments, and prescription requests

• Comply with legal, regulatory, or contractual obligations

• Improve our website, services, and patient experience

3. How We Share Your Information

We do not sell or rent your information. We may share information with:

• Authorized employees and clinicians involved in your care

• Third-party vendors who have signed a Business Associate Agreement (e.g., CharmHealth, Doxy.me, Stripe/Wix Payments)

• Pharmacies, labs, or providers at your request or for treatment

• Governmental authorities if legally required (e.g., subpoenas or public health reporting)

4. Your Rights

As a patient, you have the right to:

• Access and request a copy of your medical records

• Request an amendment to your health information

• Request restrictions on the use or disclosure of your PHI

• Request confidential communications in the manner you prefer

• File a complaint with us or the U.S. Department of Health and Human Services if you believe your privacy rights have been violated

To exercise your rights, email us at [Insert HIPAA-designated contact email] or call [Insert phone number].

5. Data Protection

We maintain reasonable and appropriate administrative, technical, and physical safeguards to protect your PHI from unauthorized access, disclosure, or misuse. This includes encrypted video visits (via Doxy.me), secure electronic records (via CharmHealth), and restricted staff access.

6. Payment Information

We are a cash-pay practice. Payments are processed through HIPAA-compliant or PCI-DSS-compliant services such as Wix Payments or Stripe. We do not store your full payment details.

7. Cookies and Analytics

Our website may use cookies or analytics tools (e.g., Wix Analytics) to understand user behavior and improve site experience. These tools do not collect PHI unless you voluntarily submit it through a form.

8. Children’s Privacy

We do not knowingly collect personal information from children under the age of 13 without verified parental consent. If we discover such data has been collected unintentionally, it will be deleted.

9. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. Updates will be posted on our website with the effective date.

10. Contact Us

For questions about this Privacy Policy or to request access to your PHI:

Lunaris Health PLLC

71212 N. Scottsdale Rd. Scottsdale, AZ 85255

708-427-8700

Info@lunarishealthcare.com

Website: www.lunarishealthpllc.com