Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Effective Date: April 21, 2026

MobileMD ("we," "our," or "us") is committed to protecting the privacy and confidentiality of your health information. Although we operate under a direct-pay model and do not bill health insurance, we voluntarily adhere to the standards set forth by the Health Insurance Portability and Accountability Act (HIPAA) and applicable Ohio state laws to ensure your Protected Health Information (PHI) is secure.

This Notice of Privacy Practices (NPP) explains your rights, our legal duties, and our privacy practices regarding your PHI.

I. Our Responsibilities

We are required by law to:

  • Maintain the privacy and security of your protected health information.
  • Provide you with this notice of our legal duties and privacy practices with respect to your health information.
  • Abide by the terms of the notice currently in effect.
  • Notify you promptly if a breach occurs that may have compromised the privacy or security of your information.

II. How We May Use and Disclose Your Health Information

We typically use or share your health information in the following ways:

1. For Treatment We can use your health information and share it with other professionals who are treating you. Example: Our clinician may consult with your primary care physician regarding your treatment plan.

2. For Health Care Operations We can use and share your health information to run our practice, improve your care, and contact you when necessary. Example: We use health information about you to manage your treatment and services, or to evaluate the quality of care our clinicians provide.

3. For Payment We can use and share your health information to bill and get payment from you or other entities. Example: We use your information to process your credit card or HSA/FSA payment for your in-home visit.

Other Permitted Uses and Disclosures

We are allowed or required to share your information in other ways—usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes.

  • Help with public health and safety issues: We can share health information about you for certain situations such as preventing disease, helping with product recalls, reporting adverse reactions to medications, reporting suspected abuse, neglect, or domestic violence, and preventing or reducing a serious threat to anyone's health or safety.
  • Comply with the law: We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we're complying with federal privacy law.
  • Respond to organ and tissue donation requests: We can share health information about you with organ procurement organizations.
  • Work with a medical examiner or funeral director: We can share health information with a coroner, medical examiner, or funeral director when an individual dies.
  • Address workers' compensation, law enforcement, and other government requests: We can use or share health information about you for workers' compensation claims, for law enforcement purposes or with a law enforcement official, with health oversight agencies for activities authorized by law, and for special government functions such as military, national security, and presidential protective services.
  • Respond to lawsuits and legal actions: We can share health information about you in response to a court or administrative order, or in response to a subpoena.

Ohio State Law Requirements

When Ohio state laws are stricter than federal HIPAA regulations, we will follow the stricter state law. For example, Ohio law generally requires your written consent before we can disclose certain types of sensitive information, such as mental health records or HIV/AIDS test results, except in specific emergency or legally mandated situations.

III. Your Rights Regarding Your Health Information

When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.

1. Get an electronic or paper copy of your medical record

  • You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you.
  • We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.

2. Ask us to correct your medical record

  • You can ask us to correct health information about you that you think is incorrect or incomplete.
  • We may say "no" to your request, but we'll tell you why in writing within 60 days.

3. Request confidential communications

  • You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
  • We will say "yes" to all reasonable requests.

4. Ask us to limit what we use or share

  • You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say "no" if it would affect your care.
  • Because you pay for our services out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say "yes" unless a law requires us to share that information.

5. Get a list of those with whom we've shared information

  • You can ask for a list (accounting) of the times we've shared your health information for six years prior to the date you ask, who we shared it with, and why.
  • We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We'll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.

6. Get a copy of this privacy notice

  • You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.

7. Choose someone to act for you

  • If someone has medical power of attorney or is your legal guardian, that person can exercise your rights and make choices about your health information.
  • We will make sure the person has this authority and can act for you before we take any action.

8. File a complaint if you feel your rights are violated

  • You can complain if you feel we have violated your rights by contacting our Privacy Officer using the information below.
  • You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/hipaa/filing-a-complaint.
  • We will not retaliate against you for filing a complaint.

IV. Your Choices

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.

In these cases, you have both the right and choice to tell us to:

  • Share information with your family, close friends, or others involved in your care.
  • Share information in a disaster relief situation.

If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.

In these cases we never share your information unless you give us written permission:

  • Marketing purposes.
  • Sale of your information.

V. Changes to the Terms of this Notice

We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our website.

VI. Contact Information

If you have any questions about this notice, wish to exercise your rights, or want to file a complaint, please contact our Privacy Officer:

Privacy Officer: Darryl Costin Jr., Founder Phone: (216) 512-1755 Email: support@mobilemd-care.com

Plain-Language Privacy Summary

We know legal documents can be dense. Here is a simple, plain-English summary of how we handle your privacy at MobileMD.

1. We protect your data like a traditional clinic would.

Even though we are a direct-pay, mobile urgent care service, we voluntarily follow HIPAA standards. Your medical information is stored in our own secure, encrypted database—not in a generic spreadsheet or unsecure app.

2. We only collect what we need.

When you book a visit, our online form only asks for the basics: your name, the address where you need care, your phone number, and the type of visit (individual, family, or organization). We collect the rest of your medical history securely during your actual visit.

3. We communicate securely.

We use text messaging and phone calls to coordinate your arrival window and follow up on your care. We do not use third-party patient portal apps that sell your data.

4. We don't sell your information. Ever.

We will never sell your personal or medical information to marketers, data brokers, or anyone else.

5. You are in control.

Because you pay out-of-pocket for MobileMD services, your visit information is not automatically sent to your health insurance company. If you want us to share your records with your primary care doctor or a specialist, just ask—we are happy to coordinate your care.

If you ever need a copy of your records or have a question about your privacy, just email us at support@mobilemd-care.com or call (216) 512-1755.