Privacy Policy

Strict Privacy & HIPAA Compliance

Last Updated: December 12, 2025

1. Our Commitment to Privacy

Holistic Drip ("we") is committed to protecting the privacy of our clients, especially given the sensitive nature of our concierge medical services. This Privacy Policy explains how we collect and use your information on our website.

2. Two Types of Data We Collect

It is important to distinguish between "Website Data" and "Protected Health Information" (PHI).

A. Website Usage Data (Non-Medical)

We collect data such as browser type, device type, and IP address to optimize our website experience.

Cookies: We use cookies to remember your preferences. You can disable these in your browser settings.

B. Protected Health Information (PHI)

When you submit a booking request, intake form, or medical history, this data is protected under the Health Insurance Portability and Accountability Act (HIPAA).

We utilize HIPAA-compliant encryption and secure cloud infrastructure to store this sensitive data.

3. How We Use Your Information

  • To Coordinate Care: To schedule your nurse, verify medical eligibility, and process payments.
  • Communication: To send appointment confirmations, pre-arrival instructions, and wellness check-ins via email or text.
  • Legal Compliance: We may disclose information if required by New York State law or public health regulations.

4. HIPAA Notice of Privacy Practices

Your rights regarding your specific medical records are governed by our formal HIPAA Notice of Privacy Practices (NPP).

A full copy of our HIPAA NPP is available upon request and will be provided to you electronically or physically prior to your first treatment. In the event of a conflict between this Website Privacy Policy and the HIPAA NPP regarding your medical data, the HIPAA NPP prevails.

5. Security & Confidentiality

Strict Confidentiality: We understand our clients often require discretion. We do not sell, trade, or share your personal information with third-party marketers.

Data Security: We implement industry-standard security measures (SSL, encryption, access controls) to protect your data. However, no transmission over the internet is 100% secure.

6. Your Rights (New York & HIPAA)

Depending on your jurisdiction, you have the right to:

  • Request access to the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data (subject to medical record retention laws required by NY State).

7. Contact Us

For privacy concerns or to request our HIPAA Notice of Privacy Practices, please contact our Privacy Officer:

Holistic Drip
Email: info@holisticdrip.com