Simple Visit

SimpleClinic PLLC Privacy Policy for Telemedicine Services

SimpleClinic PLLC
Website: thesimplevisit.com
eVisit Portal: https://app.evisit.com/ui/login/login?practice=the-simple-clinic
General Contact: PO Box 727, Stedman, NC 28391
Phone: +1 (910) 491-4530
Email: info@thesimpleclinic.com

Emergency Disclaimer:
If you are experiencing a medical emergency, please dial 911 or seek immediate care at the nearest emergency facility. Our telemedicine services are not intended for emergencies. In non-emergent situations requiring urgent in-person evaluation, we will refer you to appropriate local providers.

Effective Date: September 12, 2025
This Privacy Policy explains how SimpleClinic PLLC (“SimpleClinic,” “we,” “us,” or “our”), operating its telemedicine services through thesimplevisit.com (the telemedicine arm of SimpleClinic PLLC), collects, uses, discloses, and protects your information, including Protected Health Information (PHI). PHI is any information that can identify you and relates to your health, treatment, or billing, as defined by the Health Insurance Portability and Accountability Act (HIPAA).
Our telemedicine services are available only to patients physically located in North Carolina at the time of service, and all providers are licensed by the North Carolina Medical Board. We are committed to safeguarding your information in compliance with HIPAA, North Carolina telehealth laws, and other applicable requirements. By using our telemedicine services, you acknowledge this Privacy Policy. Please review it carefully.
This Privacy Policy supplements eVisit’s Privacy Policy (available at https://evisit.com/privacy-policy), which governs their handling of data as our Business Associate under a HIPAA Business Associate Agreement.
For questions or concerns about your PHI, contact our Privacy Official:
Heather Joslin, Lead Provider
PO Box 727, Stedman, NC 28391
Email: heather@thesimpleclinic.com
Phone: +1 (910) 491-4530

Consent for Telemedicine Services

In accordance with North Carolina law and the North Carolina Medical Board guidelines, we require your informed consent for telemedicine services. Telemedicine involves the use of electronic communications (e.g., video, messaging via eVisit) to provide healthcare remotely.
Benefits: Convenient access to care without travel, timely consultations, and coordination with your health records.
Risks and Limitations: Potential technical issues (e.g., connection failures, delays), privacy risks (e.g., unauthorized access despite encryption), inability to perform physical exams, and reliance on patient-provided information. Not suitable for emergencies or complex conditions requiring in-person evaluation.
Alternatives: In-person visits at a clinic or hospital.
By creating an account, scheduling a visit, or using our services, you consent to telemedicine delivery, acknowledge these risks/benefits/limitations/alternatives, and agree to participate. You may withdraw consent at any time by contacting us, but this may end services. This consent will be documented in your medical record.
How We Collect Your Information
We collect limited information on thesimplevisit.com and PHI through the eVisit patient portal to provide telemedicine services, such as virtual consultations, prescriptions, and follow-ups.
  • Website (thesimplevisit.com): We collect only name, phone number, and email address via our contact form for inquiries.
  • PHI You Provide: Medical history, symptoms, insurance details, or photos/videos submitted.
  • Virtual Visit Data: Audio/video recordings (if consented), chat logs, or notes from telehealth sessions.
  • Other Sources: Data from other healthcare providers, labs, pharmacies, or your electronic health record (EHR) integrated with eVisit.
  • Technical Data: Device information, IP address, or location (to verify service eligibility) during portal use.

How We Use Your Information

We use your information to deliver and improve our telemedicine services, including:
  • Non-PHI (Website): Contact form data (name, phone, email) is used to respond to inquiries or schedule appointments.
  • PHI (eVisit Portal):
  • Treatment: Diagnosing conditions, prescribing medications, or coordinating care with other providers via eVisit.
  • Payment: Billing you or your insurer for virtual visits or related services.
  • Healthcare Operations: Scheduling appointments, sending reminders (e.g., via email/SMS), conducting quality reviews, or training staff.
  • Other Uses: De-identified data (stripped of personal identifiers) may be used for research or analytics to enhance services.
We only use PHI as permitted by HIPAA or with your written authorization for non-standard purposes.

How We Disclose Your Information

We may share your information as follows:
  • Non-PHI (Website): Contact form data is not shared with third parties except as needed to respond (e.g., scheduling via eVisit).
  • PHI (eVisit Portal):
  • For Treatment, Payment, or Operations: Sharing with providers for consults, insurers for claims, or eVisit (our platform provider) under a HIPAA Business Associate Agreement (BAA) to ensure secure handling.
  • Without Your Authorization: For public health (e.g., disease reporting), legal requirements (e.g., court orders, audits), emergencies, or to family/caregivers with your agreement.
  • With Your Authorization: For marketing, research involving identifiable data, or other non-routine uses. You can revoke authorization in writing at any time, except for actions already taken.
  • Telemedicine Risks: PHI transmitted via eVisit (e.g., secure video, messaging) is encrypted, but electronic systems carry risks like interception. We minimize disclosures and notify you of breaches within 60 days if required by law.

How We Protect and Retain Your Information

  • Security Measures: We use encryption, access controls, and secure servers to protect your information, including PHI during eVisit transmissions. However, no online system is 100% secure, and you accept these risks by using our services.
  • Retention: Contact form data is kept only as needed to respond. PHI is retained as required by law (e.g., 6 years under HIPAA) or our policies, then securely deleted or de-identified. You may request deletion where permitted.

Use of Third-Party Tools for Website Improvement and Advertising

To improve our website (thesimplevisit.com) and market our services, we use third-party analytics and advertising services. These services collect non-PHI data, such as:
  • Usage Data: Pages visited, time spent, or clicks on our website.
  • Device Data: Browser type, IP address, or device identifiers.
  • Cookies and Similar Technologies: We use cookies or similar technologies to track user behavior, personalize content, and deliver targeted ads (e.g., to visitors who have not completed a purchase).
For advertising, we may use anonymized (hashed) email addresses and phone numbers from patients who have used our services to create lookalike audiences. This helps us reach similar users without sharing identifiable or PHI data. No PHI is shared with these services.
You can opt out of cookies and personalized ads through your browser settings (e.g., by disabling cookies or using "Do Not Track" options) or the privacy controls of the relevant advertising platforms:

Your Rights Regarding Your PHI

Under HIPAA, you have rights over your PHI (collected via eVisit). Submit requests in writing to our Privacy Official (contact above). We’ll respond within 30-60 days (extensions possible).
  • Access: Review or obtain copies of your PHI (e.g., visit notes, eVisit records) in electronic or paper form. Fees may apply for copies; some data (e.g., psychotherapy notes) may be exempt.
  • Amendment: Request corrections to inaccurate/incomplete PHI. We’ll approve if verifiable or add your statement to the record.
  • Accounting of Disclosures: Get a list of non-routine disclosures (e.g., to third parties) for the past 6 years, excluding treatment/payment/operations. First request free annually.
  • Restrictions: Request limits on uses/disclosures (e.g., no sharing with insurers). We’ll consider but aren’t required to agree unless you pay out-of-pocket.
  • Confidential Communications: Request alternative delivery methods (e.g., portal instead of email) for privacy.
  • Breach Notification: We’ll notify you promptly if a breach affects your unsecured PHI.
Complaints: If you believe your privacy rights were violated, contact our Privacy Official or file with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (https://www.hhs.gov/ocr). We won’t retaliate for complaints.

Updates to This Privacy Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. Updates will be posted on thesimplevisit.com. We may notify you via email if we have your email address. The updated policy applies to all information we hold. You can request a copy anytime.

Contact Us

For general questions or concerns about our services, contact:
PO Box 727, Stedman, NC 28391
Phone: +1 (910) 491-4530
Email: info@thesimpleclinic.com
For specific concerns about your PHI or to exercise your rights, contact our
Privacy Official:
Heather Joslin, Lead Provider
PO Box 727, Stedman, NC 28391
Email: heather@thesimpleclinic.com
Phone: +1 (910) 491-4530
You may also file a complaint with HHS at https://www.hhs.gov/ocr if you believe we’ve violated your rights, without fear of reprisal.