Privacy Policy

At Stay Medical INC (“Stay Medical,” “we,” “us,” or “our”), we respect your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:

  • Visit our website, including staymedical.com and any related pages;
  • Request or receive our services, such as IV therapy, IM medication, diagnostic tests, primary care visits, weight loss programs, testosterone replacement therapy, and other clinical services;
  • Participate in our clinical trials and research programs;
  • Communicate with us by phone, email, SMS, contact forms, or social media.

Please read this Privacy Policy carefully. By using our website or our services, you consent to the practices described here.

1. Scope of this Policy and HIPAA

Stay Medical is a healthcare provider located in Miami, Florida, and may be considered a “Covered Entity” under the Health Insurance Portability and Accountability Act (HIPAA) to the extent we create, receive, maintain, or transmit Protected Health Information (PHI) in connection with providing healthcare services.

This Privacy Policy primarily covers information collected through our website and digital channels. For your medical information / PHI, we also maintain a separate HIPAA Notice of Privacy Practices (“NPP”) that describes in more detail how we use and disclose PHI, and what rights you have under HIPAA. The NPP is available at our clinic and may be provided to you upon request.

If there is any conflict between this Privacy Policy and our HIPAA Notice of Privacy Practices regarding PHI, the HIPAA Notice of Privacy Practices will govern.

2. Who We Are and How to Contact Us

Stay Medical
33 SW 2nd Ave, Suite 502
Miami, FL 33130
Phone: +1 (305) 990-1411
Email: info@staymedical.com

If you have questions about this Privacy Policy or our privacy practices, or if you would like to exercise your privacy rights, you may contact us using the information above and request to speak with our Privacy Officer or the person responsible for privacy matters.

3. Information We Collect

We may collect the following categories of information, depending on how you interact with us:

3.1 Information You Provide Directly

When you use our website, request services, book appointments, or otherwise interact with us, you may provide:

  • Identification and contact information:
    Name, date of birth, mailing address, email address, phone number, and other contact details.
  • Medical and health information (PHI):
    Symptoms, medical history, current conditions, medications, allergies, results of laboratory and imaging tests, treatment details, and similar health-related information you share with our clinical staff or submit through our forms, questionnaires, or portals. This includes information provided in connection with:
    • IV Therapy and IM Medication services
    • Genetic cancer tests
    • Annual blood testing and other diagnostic tests
    • COVID-19 testing and other infectious disease tests
    • Primary care visits
    • Imaging (X-Ray, Ultrasound, CT Scan, MRI)
    • Weight loss program and hormone therapies
    • Participation in clinical trials and research programs
  • Administrative and billing information:
    Appointment details, insurance information (if applicable), payment-related information, and other details necessary for scheduling, billing, and operations.
  • Communications:
    Messages you send via contact forms, emails, SMS, or social media, as well as your responses to surveys or questionnaires.

3.2 Information Collected Automatically

When you visit our website, we may automatically collect certain information about your device and how you use the site, such as:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Referring website or URL
  • Pages visited, time and date of your visit, and time spent on pages
  • Clicks, scrolls, and other interactions with the site

This information is typically collected using cookies and similar technologies (see Section 6).

3.3 Information from Third Parties

We may receive information about you from:

  • Other healthcare providers, laboratories, imaging centers, and specialists involved in your care;
  • Electronic health record systems, scheduling platforms, and billing or insurance partners;
  • Clinical trial sponsors, contract research organizations, or other research partners, when you participate in our clinical studies;
  • Marketing and analytics service providers that help us understand website usage and measure the effectiveness of our communications and campaigns.

4. How We Use Your Information

We may use the information we collect, including PHI where applicable, for the following purposes:

4.1 Providing Healthcare and Wellness Services

  • To schedule, confirm, and manage appointments;
  • To evaluate your health status and medical history;
  • To provide IV therapy, IM medication, primary care, diagnostic tests, weight loss programs, hormone therapies, clinical trials, and other medical and wellness services;
  • To coordinate with other healthcare providers and facilities involved in your care.

4.2 Billing, Payment, and Administrative Purposes

  • To process payments and manage billing and accounting;
  • To verify insurance coverage and handle claims and prior authorizations if applicable;
  • To manage and maintain our business records, including patient records and administrative documentation.

4.3 Operations and Quality Improvement

  • To monitor, maintain, and improve the quality, safety, and effectiveness of our services;
  • For training and education of our staff;
  • For internal audits, compliance, and risk management;
  • For data analytics, including performance and utilization metrics.

4.4 Communication with You

  • To respond to inquiries and provide customer support;
  • To send appointment confirmations, reminders, and follow-up communications;
  • To send important administrative information such as changes in policies or services.

4.5 Marketing and Informational Communications

  • To send newsletters, educational content, promotions, and information about services, events, or special offers that may be of interest to you;
  • To personalize and improve marketing messages and offers.

You may opt out of certain marketing communications at any time (see Section 10).

4.6 Legal and Compliance Purposes

  • To comply with applicable federal, state, and local laws and regulations;
  • To respond to lawful requests from public authorities, including to meet national security or law enforcement requirements;
  • To protect our rights, privacy, safety, property, and/or that of you or others.

5. HIPAA and Protected Health Information (PHI)

5.1 What is PHI?

Protected Health Information (PHI) is individually identifiable health information that relates to your past, present, or future physical or mental health or condition, the provision of healthcare to you, or payment for healthcare, and that identifies you or could reasonably be used to identify you.

5.2 Uses and Disclosures of PHI under HIPAA

Under HIPAA, we may use and disclose PHI for purposes such as:

  • Treatment:
    Providing and coordinating your care and services, including communication with other healthcare providers.
  • Payment:
    Billing and collection, insurance claims, and other payment-related activities.
  • Healthcare Operations:
    Quality assessment and improvement, training, accreditation, licensing, and internal business management.

We may also use and disclose PHI for other purposes permitted or required by law, such as public health reporting, health oversight activities, law enforcement requests, and to prevent or lessen a serious threat to health or safety, subject to applicable legal requirements.

Your rights regarding PHI and detailed information about our uses and disclosures are described in our HIPAA Notice of Privacy Practices, available at our clinic and upon request.

5.3 HIPAA Security and Safeguards

We implement administrative, physical, and technical safeguards reasonably designed to protect the confidentiality, integrity, and availability of electronic PHI (ePHI), including but not limited to:

  • Access controls and authentication measures;
  • Use of secure systems and, where appropriate, encryption;
  • Staff training on privacy and security;
  • Business Associate Agreements with vendors that handle PHI on our behalf;
  • Regular review of our privacy and security practices.

6. Cookies and Similar Technologies

Our website may use cookies, web beacons, pixels, and similar technologies to:

  • Recognize your browser or device;
  • Remember your preferences and improve your user experience;
  • Analyze website traffic and usage;
  • Support marketing, retargeting, and advertising campaigns, where permitted.

You can usually control cookies through your browser settings, including blocking or deleting cookies. Please note that disabling certain cookies may affect the functionality and performance of our website.

7. How We Share Your Information

We may share your information, including PHI where applicable, in the following circumstances:

7.1 Healthcare Providers and Facilities

We may share your information with:

  • Physicians, nurses, and other healthcare professionals involved in your care;
  • Laboratories, imaging centers, pharmacies, and other third-party providers necessary to provide services to you.

7.2 Business Associates and Service Providers

We may share your information with third-party vendors, contractors, and service providers who perform services on our behalf, such as:

  • Website hosting and maintenance;
  • Electronic health records and scheduling systems;
  • Billing, payment processing, and collection services;
  • Email, SMS, and marketing platforms;
  • Analytics, IT support, and security services.

When these parties handle PHI on our behalf, they are required to protect your PHI and use it only for the purposes specified in our Business Associate Agreements and in accordance with applicable law.

7.3 Insurance Companies and Payers

If applicable, we may share information with insurance carriers or other payers to verify coverage, process claims, and obtain payment for services rendered to you.

7.4 Clinical Trials and Research

If you participate in a clinical trial or research study with Stay Medical’s Research Center, additional informed consent and privacy documentation will describe how your information is collected, used, and shared for that specific study, including any de-identification or coding of data.

7.5 Legal Disclosures

We may disclose your information when required or permitted by law, such as:

  • In response to subpoenas, court orders, or other legal processes;
  • To health oversight agencies, regulatory bodies, or law enforcement;
  • To help prevent or respond to suspected fraud, security breaches, or other harmful activities;
  • To prevent or lessen a serious and imminent threat to health or safety.

7.6 Business Transfers

In the event of a merger, acquisition, restructuring, or other corporate transaction, your information may be transferred as part of that transaction, subject to applicable laws and continued protection as described in this Privacy Policy.

7.7 Sale of Personal Information

We do not sell your PHI. We also do not sell personal information of patients in the conventional sense of exchanging personal data for monetary compensation. If this practice changes in the future, we will update this Privacy Policy and provide appropriate notice and choices where required by law.

8. Data Retention

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including:

  • As long as you are a patient or user of our services;
  • For as long as required to comply with legal, regulatory, and accreditation requirements;
  • For as long as necessary to resolve disputes, enforce our agreements, and protect our rights.

Medical records and PHI are retained in accordance with federal and state laws, including applicable record retention requirements for healthcare providers in Florida.

When information is no longer required for business or legal purposes, we will delete, anonymize, or otherwise dispose of it securely.

9. Security

We use reasonable physical, technical, and administrative safeguards to protect your information from loss, misuse, unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Secure systems, access controls, and authentication;
  • Staff training on privacy and security;
  • Policies and procedures designed to protect PHI and personal data;
  • Regular review and improvement of our security practices.

However, no method of transmission over the internet or method of electronic storage is completely secure. While we strive to protect your information, we cannot guarantee absolute security.

10. Your Privacy Rights

10.1 Rights under HIPAA (PHI)

Under HIPAA, you may have certain rights regarding your PHI, including the right to:

  • Request access to and obtain copies of your medical records;
  • Request corrections or amendments to your PHI if you believe it is inaccurate or incomplete;
  • Request a list (an “accounting”) of certain disclosures of your PHI;
  • Request restrictions on the use or disclosure of your PHI for treatment, payment, or healthcare operations (subject to legal and operational limitations);
  • Request that we communicate with you through alternative means or at alternative locations;
  • Obtain a paper or electronic copy of our HIPAA Notice of Privacy Practices.

Information on how to exercise these rights is provided in our HIPAA Notice of Privacy Practices and can also be obtained by contacting us.

10.2 Rights Related to Website and Marketing Information

Depending on applicable law, you may also have rights with respect to personal information we collect through our website and for marketing purposes, such as:

  • Email marketing opt-out:
    You can unsubscribe from marketing emails by using the “unsubscribe” link in the message or by contacting us at info@staymedical.com.
  • Cookie preferences:
    You can manage or disable cookies through your browser settings and, if available, through cookie banners or preference tools on our site.
  • Other requests:
    You may contact us to request that we update or correct your contact information or to request that we limit the use of your information for certain marketing activities.

To exercise any of these rights or submit questions about your rights, please contact us using the information in Section 15.

11. Children and Minors

Our medical services may be provided to minors; however, the collection, use, and disclosure of information about minors is handled in accordance with:

  • HIPAA and other applicable federal laws;
  • Florida laws and regulations related to minor consent and parental rights.

We do not knowingly collect personal information via our website from children under the age required by applicable law without appropriate consent from a parent or legal guardian when such consent is required. If you believe that a child has provided us personal information through our website without appropriate consent, please contact us so we can take appropriate action.

12. Third-Party Websites and Links

Our website may contain links to third-party websites, services, or resources that are not controlled by Stay Medical (for example, social media platforms, external articles, partner sites, or booking/telehealth platforms owned by third parties).

We are not responsible for the privacy practices or the content of these third-party sites. We encourage you to review the Privacy Policy of each site you visit.

13. Use of Cloud Services and Data Transfers

We may store or process information using cloud-based services or third-party providers, which may have servers located in different states or countries. When these providers handle PHI on our behalf, they are required to protect it in accordance with HIPAA and other applicable laws, and we enter into appropriate contractual agreements with them.

By using our website and services, you understand that your information may be transferred to and stored on servers located outside your state or country of residence, where privacy laws may differ. We will take steps designed to ensure that your information is treated securely and in accordance with this Privacy Policy and applicable laws.

14. Changes to This Privacy Policy

We may update or modify this Privacy Policy from time to time to reflect:

  • Changes in our practices, services, or technologies;
  • Changes in legal, regulatory, or industry requirements;
  • Other operational needs.

When we make material changes, we will update the “Last Updated” date at the top of this page. Where required by law, we will provide additional notice or obtain your consent to changes.

Your continued use of our website or services after we post any updates to this Privacy Policy means that you accept those changes.

15. Contact Us and Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Stay Medical
33 SW 2nd Ave, Suite 502
Miami, FL 33130
Phone: +1 (305) 990-1411
Email: info@staymedical.com

You also have the right to file a complaint if you believe your privacy rights under HIPAA have been violated. You may submit a complaint to:

  • Stay Medical’s Privacy Officer (using the contact details above); and/or
  • The U.S. Department of Health and Human Services, Office for Civil Rights (OCR).

We will not retaliate against you for filing a complaint or exercising your privacy rights.