Privacy Policy

Right Point Acupuncture (“we,” “us,” or “our”) is committed to protecting your privacy and safeguarding your health information. This Privacy Policy explains how we collect, use, and protect your personal and medical data in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and the California Confidentiality of Medical Information Act (CMIA).

1. Information We Collect

We may collect the following types of information when you interact with our clinic or website:

  • Name, contact information, and date of birth

  • Medical history, treatment records, and progress notes

  • Insurance details, including CHAMPVA, TRICARE, or other plans

  • Payment information (e.g., credit card, HSA/FSA)

  • Appointment history and communication preferences

2. How We Use Your Information

Your information is used solely for:

  • Providing acupuncture and wellness services

  • Scheduling and managing appointments

  • Billing and insurance claims

  • Clinic operations and quality improvement

  • Communicating with you about your care

We do not sell or share your information with third parties for marketing purposes.

3. HIPAA and CMIA Compliance

We comply with HIPAA and CMIA regulations to ensure the confidentiality, integrity, and availability of your health information. This includes:

  • Secure electronic systems for storing and transmitting data

  • Physical safeguards for paper records

  • Staff training on privacy and data protection

  • Business Associate Agreements (BAAs) with third-party platforms such as Jane App

4. Your Rights

You have the right to:

  • Access and request a copy of your health records

  • Request corrections to inaccurate information

  • Request restrictions on certain uses or disclosures

  • Receive an accounting of disclosures

  • File a complaint if you believe your privacy rights have been violated

5. Third-Party Services

We use Jane App, a HIPAA-compliant platform, for scheduling, intake forms, and secure communication. All third-party services are vetted for compliance and data protection.

6. Data Security

We implement administrative, technical, and physical safeguards to protect your information, including:

  • Encrypted email and secure messaging

  • Password-protected databases

  • Locked file storage for physical records

  • Role-based access for staff

7. Website and Cookies

Our website may use cookies to improve user experience. These do not collect personal health information and can be disabled in your browser settings.

8. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date.

9. Contact Us

If you have questions or concerns about this Privacy Policy or your health information, please contact:

Privacy Officer
Right Point Acupuncture
tony@rightpointacu.com