Effective date: April 2026
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Aurum Health, Inc. is committed to protecting the privacy of your health information. This Notice describes the legal obligations of Aurum Health and our independent physician network partners regarding your Protected Health Information (PHI) under HIPAA and its implementing regulations.
We use and disclose your PHI to provide, coordinate, and manage your health care. This includes sharing your lab results and intake data with the licensed physicians who review your protocol, sharing prescription information with our compounding pharmacy partners to fulfill medications, and sharing specimen data with our laboratory partners (Quest Diagnostics, Labcorp, Getlabs) to process your lab draws.
We use and disclose your PHI to obtain payment for services, including billing for membership fees, lab panels, and medications, and maintaining records of transactions.
We use and disclose your PHI to support quality improvement, clinical review, and platform improvement. We may use de-identified health information (which is not PHI under HIPAA per 45 CFR §164.514) to improve our AI models and clinical knowledge base.
We will disclose your PHI when required to do so by applicable federal or state law, including in response to a court order, subpoena, or other legal process.
We may disclose your PHI if we believe in good faith that the disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of you or another person.
All other uses and disclosures of your PHI require your written authorization, which you may revoke at any time in writing.
You may inspect and obtain a copy of your PHI, including lab results, intake records, and clinical notes. Submit requests in writing to privacy@aurumhealth.io. We will respond within 30 days. A reasonable cost-based fee may apply for copies.
If you believe PHI we maintain is incorrect or incomplete, you may request an amendment in writing with a reason. We may deny the request under certain circumstances and will explain any denial in writing.
You may request a list of disclosures of your PHI made in the six years prior to your request, other than disclosures for treatment, payment, or healthcare operations.
You may request restrictions on how we use or disclose your PHI. We are not required to agree, except when you have paid out of pocket in full for a service and request we not disclose to a health plan.
You may request that we communicate with you in a specific way or at a specific location (e.g., email only, not phone). We will accommodate reasonable requests.
You have the right to a paper copy of this Notice at any time. Email privacy@aurumhealth.io to request one.
We reserve the right to change this Notice at any time and make new provisions effective for all PHI we maintain. The effective date of the current Notice is shown at the top of this document. We will provide notice to active members of any material changes.
If you believe your privacy rights have been violated, you may file a complaint with us or with HHS. You will not be retaliated against for filing a complaint.
Aurum Health Privacy Office
Email: privacy@aurumhealth.io