Privacy Policy

Last Updated: April 1, 2026

Fleming Family Wellness ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use our website (flemingfamilywellness.com) and patient portal (collectively, the "Services").

This Privacy Policy applies to information collected through our website and digital services. For information about how we handle your protected health information (PHI) as a healthcare provider, please review our Notice of Privacy Practices.

1. Information We Collect

We may collect the following categories of information:

• Account information: Name, email address, date of birth, and credentials when you create a patient portal account.
• Contact and demographic information: Address, phone number, insurance details, and emergency contact information you provide through the portal or intake forms.
• Health information: Medical history, medications, allergies, visit notes, lab results, and other clinical information you share with us or that your provider records in connection with your care. This information is also Protected Health Information (PHI) subject to HIPAA.
• Communications: Messages, requests, and other communications you send through the patient portal.
• Usage data: Log files, IP addresses, browser type, pages visited, and general interaction data when you use our website or portal. We do not sell this data.

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our Services and your care experience.
• Deliver and coordinate healthcare services, including scheduling, billing, records access, and clinical communication.
• Send appointment reminders, health updates, and administrative notices.
• Process payments for healthcare services.
• Comply with legal and regulatory requirements, including HIPAA.
• Protect the security and integrity of our systems and patient data.
• Respond to your questions and support requests.

3. Patient Portal AI Assistant

Our patient portal includes an AI-powered assistant feature. Important limitations and disclosures:

• The AI assistant is designed to help with navigation, scheduling, and general billing questions only.
• The AI assistant does not provide medical advice, diagnoses, or clinical recommendations of any kind.
• AI-generated responses in the portal are not reviewed by clinical staff before display and should not be relied upon for healthcare decisions.
• All AI interactions are logged and associated with your account for security and quality assurance purposes.
• For clinical questions, please use the secure messaging feature to contact your care team directly.

4. How We Share Your Information

We do not sell your personal information. We may share information as follows:

• Healthcare providers and staff: Authorized members of your care team who are involved in your treatment.
• Business Associates: Third-party vendors who perform services on our behalf (e.g., cloud hosting, billing) under HIPAA-compliant Business Associate Agreements.
• Legal compliance: When required by law, court order, or government authority.
• Emergency: When necessary to protect your life or the life of another person.
• With your authorization: Other disclosures made with your written authorization, which you may revoke at any time.

5. Data Security

We implement administrative, technical, and physical safeguards to protect your information, including:

• Encrypted data transmission using TLS/HTTPS for all portal communications.
• Encrypted data storage for sensitive health information.
• Multi-factor authentication required for provider and staff accounts.
• Role-based access controls limiting data access to authorized personnel only.
• Audit logging of access to protected health information.
• Regular security assessments and staff training.

No system is completely secure. If you believe your account has been compromised, contact us immediately at (555) 867-5309.

6. Cookies and Tracking

Our website may use session cookies to maintain your login state within the patient portal. We do not use cross-site tracking cookies or sell your browsing behavior to advertisers. You may disable cookies in your browser settings, though this may affect portal functionality.

7. Your Rights

Under applicable law, you may have the right to:

• Access and obtain a copy of your personal and health information.
• Request corrections to inaccurate information.
• Request restrictions on how we use or disclose your information.
• Receive an accounting of disclosures of your PHI.
• File a complaint if you believe your privacy rights have been violated.

For rights specific to your protected health information, please see our Notice of Privacy Practices. To exercise your rights or to file a complaint with our Privacy Officer, contact us using the information below.

8. Children's Privacy

We provide healthcare services to minors as part of our family medicine practice, with appropriate parental or guardian authorization. We do not knowingly solicit personal information from minors through this website for marketing purposes. If you believe a child's information has been submitted without appropriate authorization, please contact us immediately.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page with a revised "Last Updated" date. For material changes, we will provide additional notice through the patient portal or by other appropriate means.

10. Contact Us

For questions or concerns about this Privacy Policy, to exercise your privacy rights, or to file a complaint:

• Privacy Officer — Fleming Family Wellness
• 142 Maple Street, Springfield, IL 62701
• Phone: (555) 867-5309
• Email: flemingfamilywellness@hotmail.com

You also have the right to file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights at www.hhs.gov/ocr/privacy.