CURA Medical Group LLC
Last Updated: May 8, 2022
We may modify this Policy from time to time. The date of change will be shown next to “Last Updated” at the top of this page. We encourage you to read this Policy periodically to ensure you have up-to-date knowledge of our privacy practices. When we make material changes to this Policy, we will provide you with notice before the modifications are effective by sending a message to the email address associated with your account. By continuing to access or use the Services after changes to this Policy become effective, you accept the revised Policy. If any changes are unacceptable to you, you may stop using our Services at any time.
1) Personal Information We Collect
We collect Personal Information when you use our Services, including any COVID-related services, create an account with us or provide Personal Information to us. Personal Information is any information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly with a particular individual, including, but not limited to, a first and last name, unique identifier, email address, a home, postal or other physical address, and phone number. The types of Personal Information that we may collect about you are:
a. Information You Provide to Us
We collect information you give us when you register with us, when you use our Services, when you participate in surveys or promotional activities, give us feedback, or when you otherwise choose to provide your information to us.
- When you sign up for our services we may collect your name, address, phone number, email address, race, ethnicity, title, birth date, sex, gender identification, credit card information, together with other information such as occupation and personal interests.
- When you use our Services, such as logging into your account or speaking with CURA Medical Group administrative staff, we may collect your name, address, email address, phone number, birth date, credit card information, audio (with your permission), photos and videos (with your permission) etc., and/or request access to your microphone or camera in order to verify your identity and provide Services to you.
- From time-to-time, we invite users to volunteer to participate in surveys or promotional activities or give us feedback. When a user participates, we request certain Personal Information such as name and email address. We may use this information to follow-up with the participants.
b. Communications from You
When you use our Services (for example on our website), complete electronic forms, or contact us, by online chat, email, phone, or text, we may automatically collect and store certain information about you and the activity you engaged in, for example: your name and contact information; information that you voluntarily provide to us; the nature of your communication; the purpose of the interaction, and the action we took in response to your inquiry or request.
c. Information Related to Your Use of the Services
We may automatically collect information about your use of the Services (we refer to this information as \”Usage Data\”), including information sent by Your device. For example, we may collect:
- Device information, such as your hardware model, IP address (the Internet address of your computer), unique device identifiers, and other information such as your browser type and operating system.
- Website usage information regarding customer traffic patterns and website usage. This may include the web page that you were visiting before accessing our website or mobile application, the pages or features of our website or mobile application you browsed to inform us which part of our website, app and Services you visit and how much time you spend there.
d. Information Sent by Your Mobile Devices
We collect certain information that your mobile devices send when you use our Services, such as the unique identifier, user settings and the operating system of your device, as well as information about your use of our services on your mobile device.
e. Information from Our Clients and Partners
We may receive your Personal Information from our business clients and partners, such as your employer, in connection with one or more business purposes, including to make our Services available to you
2) Cookies and Other Tracking Technologies
A \”cookie\” is a small data file that certain websites write to your computer or smart device when you visit them. A cookie can\’t read data off your hard disk or read cookie files created by other websites. We use session cookies that are deleted when you leave our website and close your browser, and persistent cookies that can remain even after you leave. A cookie file can contain information such as a user ID that the website uses to track the pages you\’ve visited. The cookies that are configured by our website do not contain directly identifying information, such as your name or sensitive information, such as your credit card number. Cookies are used:
- to make our Services function properly;
- to provide a secure browsing experience during your use of our Services;
- to collect passive information about your use of our Services;
- to support our marketing campaigns, including to measure how you interact with our marketing campaigns;
- to help us improve our Services; and
- to remember your preferences for your convenience.
Types of Cookies on Our Services. We use the following types of cookies on our Services:
- Strictly Necessary Cookies – These cookies are essential because they enable you to use our Services. For example, strictly necessary cookies allow you to access secure areas on our Services. Without these cookies, Services cannot be provided. These cookies do not gather information about you for marketing purposes. This category of cookies is essential for our Services to work and they cannot be disabled.
- Functional Cookies – We use functional cookies to remember your choices so we can tailor our Services to provide you with enhanced features and personalized content. For example, these cookies can be used to remember your name and location. We do not use functional cookies to target you with online marketing. While these cookies can be disabled, this may result in less functionality during your use of our Services.
- Performance or Analytics Cookies – These cookies collect passive information about how you use our Services, including webpages you visit and links you click. We use the information collected by such cookies to understand our users better and to improve and optimize our Services. We do not use these cookies to target you with online marketing. You can disable these cookies.
- Third-Party Cookies – These are cookies that are provided by third-party service providers and belong in one of the cookie categories described above. These third-party providers process your Personal Information on our behalf pursuant to our instructions and obligations consistent with this Policy.
How to Manage Cookies. Depending on whether you would like to manage a first-party or third-party cookie, you will need to take the following steps:
- First-Party Cookies – If you prefer not to receive cookies while browsing our website, you can set your browser to warn you before accepting cookies and refuse the cookie when your browser alerts you to its presence. You can also refuse all cookies by changing the settings in your browser. You do not need to have cookies turned on to use and navigate through many parts of our website, although if you block or disable the cookie functions, you may not be able to access all portions or features of the website and the Services. Please follow instructions provided by your browser (usually located within the \”Help\”, \”Tools\” or \”Edit\” settings) to disable first-party cookies. You can find more information about how to change your browser cookie settings here.
b. Web Beacons
Web Beacons, also known as web bugs, pixel tags or clear GIFs, are tiny graphics with a unique identifier that may be included on our website to deliver or communicate with cookies, in order to track and measure the performance of our website and Services, monitor how many web visitors we have, and to monitor the effectiveness of our advertising. Unlike cookies, which are stored on the user’s device, Web Beacons are typically embedded invisibly on web pages (or in an e-mail).
c. Analytics Technologies
d. Social Media
Depending on your permissions, we may receive your Personal Information from your social media accounts. You can edit or remove Personal Information usage permissions by using privacy settings on your social media account. Click below for instructions on how to change or remove third party access on each platform:
3) How We Use Your Personal Information
We will only use your Personal Information as described in this Policy or otherwise through your informed consent
a. To Provide Services to You
We will use your Personal Information to provide information or perform Services that you request. We may use general location information to improve and personalize Services to you, such as providing location-relevant information and Services to you. Your information may be available or provided to third-party service providers in order to provide you with the information or to support the Services you request. These third party service providers are contractually obligated to protect your information as disclosed in this Policy.
b. For the Operation and Administration of Our Business
We will use your Personal Information for the purposes of furthering our business and the business of our affiliated companies, including creating, operating, delivering, maintaining, and improving our content, products, and Services. We may monitor how our users use our Services including without limitation time spent using our Services, pages visited and content viewed. Aggregated forms of this data may also be used for research and development purposes in order to offer new features, functionalities, content, products and services.
c. For Business Analytics Purposes
We analyze, and may engage third parties to analyze, your Personal Information and Usage Data to determine the usefulness of our website, mobile app, and other elements of the Services. Analytics help us determine how effective our navigational structure is in helping users reach the information they seek, completing the task they wish to complete, etc., and to tailor features and functionalities to our users’ needs and preferences
d. For Our Own Marketing Purposes
Marketing lets us grow our community and update you about new products and services , including those offered together with our affiliated companies. We process your contact information or information about your interactions on our Services to: send you marketing communications and keep you updated about our products and services; provide you with informational content; and deliver targeted marketing to you. We may periodically send you free newsletters and e-mails that directly promote our Services, and that we believe may be of interest to you. When you receive such promotional communications from us, you will have the opportunity to %22opt-out%22 (either through your account or by following the unsubscribe instructions provided in the e-mail you receive). We do need to send you certain administrative and transactional communications regarding the Services and you will not be able to opt out of those communications – e.g., communications regarding updates to our Terms of Services, this Policy, or information about billing and renewals, among others.
e. To Provide Customer Support or Respond to You
We collect information that you provide to us when you contact us, such as with questions, concerns, feedback, disputes or issues, so we can address your needs and support your use and enjoyment of the Services.
f. For Account and Network Security Purposes
We care about keeping you secure and safe while using our Services. Keeping you safe requires us to process your Personal Information, such as your device information, log-in information, activity information and other relevant information to proactively manage privacy and security risks. We use such information to combat spam, malware, malicious activities or security risks; improve and enforce our security measures; and to monitor and verify your identity to prevent unauthorized users from gaining access to your information.
g. To Maintain Legal and Regulatory Compliance
Our Services are subject to certain laws and regulations which may require us to process your Personal Information. For example, we process your Personal Information to comply with privacy laws, comply with employment laws, or as necessary to manage risk as required under applicable law. We will ask for information to verify your identity and residence status in order to fulfill your CCPA rights request.
h. To Enforce Compliance with Our Terms and Agreements or Policies
When you access or use our Services, you are bound to our Terms of Service and this Policy. To ensure you comply with them, we process your Personal Information to actively monitor, investigate, prevent and mitigate any alleged or actual prohibited, illicit or illegal activities on our Services. We also process your Personal Information to investigate, prevent or mitigate violations of our terms, agreements or policies.
We will only use your Personal Information as described in this Policy or otherwise through your informed consent.
4) Data Security & Social Media
We safeguard the security of the information you provide to us with physical, electronic, and administrative procedures. For certain features of our Services we use industry-standard SSL-encryption to enhance the security of data transmissions. Your account information is password-protected for your privacy and security. While we strive to protect your information, we cannot guarantee the security of the Internet, and cannot ensure the security of the information that is transmitted through the Internet.
Please recognize that protecting your Personal Information is also your responsibility. We urge you to take every precaution to protect your information when you are on the Internet, or when you communicate with us and with others through the Internet. Change your passwords often, use a combination of letters and numbers, and make sure you use a secure browser. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account might have been compromised), or if you suspect someone else is using your account, please let us know immediately. If your payment information, username, or password is lost, stolen, or used without permission, please promptly update your account or notify us and we will assist you in updating your account details.
Some portions of the Services (for example our presence on social media) allow users to submit comments, reviews, ratings and other information that may be displayed on the Services and viewed by others. We recommend that you do not post on or through the Services any information that you do not want to make available to other users or the public generally. You assume all responsibility for any loss of privacy or other harm resulting from information you post publicly.
We have accounts on social media platforms through which we may post information or conduct promotional activities. If you use social media to follow us or interact with us, we may collect Personal Information you choose to share with us. Please understand your use of the social media services may result in the collection or sharing of information about you by those social media services. We have no control over, and decline all responsibility for, the use of your personal data by these third parties. Your use of social media, including your interactions with us on social media, are at your discretion. We encourage you to review the privacy policies and settings on the social media services with which you interact to make sure you understand how your information may be collected, used, and shared by those social media services
5) Responding to Do Not Track Signals
We do not currently respond to web browser “do not track” signals or other mechanisms that may allow you to opt out of the collection of information across networks of websites and online services as there is no standard for how online services should respond to such signals. As standards develop, we may develop policies for responding to do-not-track signals that we will describe in this Policy.
6) Communications & Disclaimers
a. Security Risks
Most standard email providers such as Gmail, Yahoo, Hotmail, etc. and most cellular providers do not provide a secured or encrypted means of communication. As a result, there is risk that any protected health information contained in an email or text message may be disclosed to, or intercepted by, unauthorized third parties. Additionally, email and text messages accessible through personal computers, laptops, or phones have inherent privacy risks especially when the email or cellular account is provided by an employer, when the account is not password protected, or the account is shared. Use of more secure communications, such as phone, fax or mail is preferred and always an available alternative.
When consenting to the use of email or text through such unsecured or unencrypted systems, you are accepting responsibility for any unauthorized access or disclosure to protected health information contained within the message. The Practice will not be responsible for unauthorized access of protected health information while in transmission and will not be responsible for safeguarding information once it is delivered. The Practice will take steps to ensure that any email or text message with protected health information is protected prior to being sent to the requested address and will use the minimum necessary amount of protected health information when communicating with you
c. Additional Information
It is important to understand that emails and text messages will not be used to replace or facilitate communications between you and your physician and will not be considered private communications. There is no guarantee that the Practice will be actively monitoring emails and text messages, so responses and replies sent to or received by you or the Practice may be hours or days apart. Email and text messages may be inadvertently missed or errors in transmissions may occur. The Practice will not be responsible for any issues caused by delays in communications. If you have an immediate need or an emergency situation, you must contact the Practice by telephone or dial 9-1-1 if applicable. Practice staff will be utilized to monitor the inbox in order to properly direct or respond to communications received. Therefore, any information considered sensitive should not be included in your communications. At the Practice’s discretion, any email or text message received or sent may become part of your medical record. By completing and signing this form, or by initiating contact with the Practice via email, text, or web form, I am accepting that Vein Treatment Clinic may communicate with me via email or text message via the provided contact information and acknowledge the inherent limitations therein
Communications through our website, social media or email are not encrypted and are not necessarily secure. Use of the internet or email is for your convenience only, and by using them, you assume the risk of unauthorized use. By submitting my email address, I also agree to receiving news and specials offer emails from Cura Medical Group. You hereby also agree to hold Cura Medical Group, its doctors and affiliates, harmless from any hacking or any other unauthorized use of your personal information by outside parties.
All trademarks that appear on the site, including names. They are used for identification purposes only and in no way imply affiliation
Indemnity: No one affiliated with us is liable for any damages that result from your use of this website or your failure to follow the terms of service.
Variation: Cura Medical Group LLC holds the right to change or remove, without warning, any services or page listed on this website.
Invalidity: Should there be any part of these Terms of Service that cannot be enforced, it does not render any of the other parts unenforceable. So far as possible where any clause/sub-clause or part of a clause/sub-clause can be severed to render the remaining part valid, the clause shall be interpreted accordingly. If any part of an unenforceable clause can be removed while preserving the meaning of the clause, it shall be severed and the remaining part of the clause enforced accordingly.
Complaints: We operate a complaints handling procedure which we will use to try to resolve disputes when they first arise, please let us know if you have any complaints or comments.
Waiver: Should you act in violation of these terms and we do nothing, we still reserve the right to act should you commit another violation in the future.
Disclaimer of Liability: We do not guarantee the accuracy of any information on this site. Unless explicitly stated, we assume no responsibility whatsoever for damages of any kind. We are also not liable for any personal harm you may suffer as a result of our negligence or misrepresentation.
Notice of HIPPA Priavcy Practices
Last Updated: May 8, 2022
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) requires us to ask each of our patients to acknowledge receipt of our Notice of HIPAA Privacy Practices. The Notice is published on the CURA Medical Group Website and our clincs. You acknowledge receipt of the Notice by clicking on the “I Acknowledge Receipt of the Notice of HIPAA Privacy Practices” button, or by indicating your acknowledgement in another written or digital manner provided. You can receive a copy of the Notice by asking for one at our clinic, or by printing one from our website at anytime.
Under HIPAA, the Companies must take steps to protect the privacy of your \”Protected Health Information\” (“PHI”). PHI includes information that we have created or received regarding your health or payment for your health. It includes both your medical records and personal information such as your name, social security number, financial information, address, and phone number.
Under federal law, we are required to:
- Protect the privacy of your PHI. All of our employees and providers are required to maintain the confidentiality of PHI and receive appropriate privacy training
- Provide you with this Notice of Privacy Practices explaining our duties and practices regarding your PHI
- Notify you in the case of a breach of unsecured PHI
- Follow the practices and procedures set forth in this Notice
The Companies use and disclose PHI in a number of ways connected to your treatment, payment for your care, and our healthcare operations. Some examples of how we may use or disclose your PHI without your authorization are listed below.
- To our physicians, nurses, and others involved in your healthcare or preventive healthcare.
- To our different departments to coordinate treatment-related activities, such as prescriptions, lab work, and X-rays.
- To other healthcare providers treating you who are not on our staff such as dentists, emergency room staff, specialists and other providers. For example (and without limitation), if you are being treated for an injured knee, we may share your PHI among your primary care provider, the knee specialist, and your physical therapist, among others, so they can provide proper care.
- To administer your health benefits policy or contract.
- To bill you for healthcare we provide.
- To pay others who provided care to you.
- To other organizations and providers for payment activities, unless disclosure is prohibited by law
- To administer and support our business activities or those of other healthcare organizations (as allowed by law), including providers and plans. For example (and without limitation), we may use your PHI to conduct quality analysis, data aggregation, review and improve our services and the care you receive and to provide training.
- To other individuals (such as consultants and attorneys) and other companies and organizations that help us with our business activities. (Note: If we share your PHI with other organizations for this purpose, they must agree to protect your privacy.)
We may use or disclose your PHI without your authorization for legal and/or governmental purposes in the following circumstances:
- As required by law – When we are required by laws, including workers\’ compensation laws.
- Public health and safety – To an authorized public health authority or individual to:\n
- Protect public health and safety.
- Prevent or control disease, injury, or disability.
- Report vital statistics such as births or deaths.
- Investigate or track problems with prescription drugs and medical devices.
- Abuse or neglect – To government entities authorized to receive reports regarding abuse, neglect, or domestic violence.
- Minors – In general, parents and legal guardians are legal representatives of minor patients. However, in certain circumstances, as dictated by state law, minors can act on their own behalf and consent to their own treatment. In general, we will share the PHI of a patient who is a minor with the minor’s parents or guardians, unless the minor could have consented to the care themselves (except where parental disclosure may be required per applicable law).
- Oversight agencies – To health oversight agencies for certain activities such as audits, examinations, investigations, inspections, and licensures.
- Legal proceedings – In the course of any legal proceeding or in response to an order of a court or administrative agency and in response to a subpoena, discovery request, or other lawful process.
- Law enforcement – To law enforcement officials in certain circumstances for law enforcement purposes. By way of example and without limitation, disclosures may be made to identify or locate a suspect, witness, or missing person; to report a crime; or to provide information concerning victims of crimes.
- Health Information Exchanges – We may participate in health information exchanges (HIEs) and may electronically share your medical information for treatment, payment and healthcare operations purposes with other participants in the HIEs. HIEs allow us, and your other healthcare providers and organizations, to efficiently share and better use information necessary for your treatment and other lawful purposes. In some states, the inclusion of your medical information in an HIE is voluntary and subject to your right to opt-in or opt-out; if you choose to opt-in or not to opt-out, we may provide your medical information in accordance with applicable law to the HIEs in which we participate.
- Financial information – We may ask you about income or other financial information to determine if you may qualify for a low income waiver of the membership fee or other services where applicable. We may use this information for operations, marketing, and administrative purposes and to improve our service offerings.
- Research – We may disclose health information about you for research purposes, subject to the confidentiality provisions of state and federal law. In most cases, we will ask for your written authorization before using your PHI or sharing it with others in order to conduct research. However, under some circumstances, we may use and disclose your PHI without your written authorization if an Institutional Review Board (IRB), applying specific criteria, determines that the particular research protocol poses minimal risk to your privacy. Under no circumstances, however, would we allow researchers to use your name or identity publicly without your authorization. We may release your PHI without your written authorization to people who are preparing a future research project as long as any information identifying you does not leave Cura Medical Group. Enrollment in a research study is completely voluntary, will not affect your treatment or welfare, and your PHI will continue to be protected.
- Military activity and national security – To the military and to authorized federal officials for national security and intelligence purposes, to the Department of Veterans Affairs as required by military authorities, or in connection with providing protective services to the President of the United States.
We may also use or disclose your PHI without your authorization in the following miscellaneous circumstances:
- Contacting you directly – We may use your PHI, including your email address or phone number, to contact you. For example, we may also use this information to send you appointment reminders and other communications relating to your care and treatment, or let you know about treatment alternatives or other health related services or benefits that may be of interest to you, via email, phone call, or text message.
- Your patient account – We may make certain PHI, such as information about care or treatment, appointment histories and medication records, accessible to you through online tools, such as email.
- Family and friends – To a member of your family, a relative, a close friend—or any other person you identify who is directly involved in your healthcare—when you are either not present or unable to make a healthcare decision for yourself and we determine that disclosure is in your best interest. We will also assume that we may disclose PHI to any person you permit to be physically present with you as we discuss your PHI with you. For example, we may disclose PHI to a friend who brings you into an emergency room, we may allow someone other than you to pick up your prescription, and we will assume that we may discuss your healthcare with a person you bring with you to your in-office appointments.
- Unless you notify us that you object, your name, location within our facility, and general information about your health condition may be disclosed to people who ask for you by name. Members of the clergy will be told your religious affiliation if they ask. This is to help your family, friends, and clergy visit you in the facility and generally know how you are doing.
- In the waiting area of our office – When you join us in our office, we may call your name aloud in the waiting area. If you do not wish to have your name called aloud, please tell the front desk admin and we will make adjustments to meet your request.
- Treatment alternatives and plan description – To communicate with you about treatment services, options, or alternatives, as well as health-related benefits or services that may be of interest to you, or to describe our health plan and providers to you.
- De-identified information – If information is removed from your PHI so that you can’t be identified, except as prohibited by law.
- Coroners, funeral directors, and organ donation – To coroners, funeral directors, and organ donation organizations as authorized by law.
- Disaster relief – To an authorized public or private entity for disaster relief purposes. For example, we might disclose your PHI to help notify family members of your location or general condition.
- Threat to health or safety – To avoid a serious threat to the health or safety of yourself and others.
Except in the situations listed in the sections above, we will use and disclose your PHI only with your written authorization. This means we will not use your PHI in the following cases, unless you give us written permission:
- Marketing purposes, except as allowed by HIPAA or applicable law (by way of example, marketing communications allowed by HIPAA without authorization include communications pertaining to care or treatment and/or our products or services.)
- Sale of your information.
- Sharing your PHI with your employer or school.
- Most sharing of psychotherapy notes.
In some situations, federal and state laws provide special protections for specific kinds of PHI and require authorization from you before we can disclose that specially protected PHI. For example, additional protections may apply in some states to genetic, mental health, drug and alcohol abuse, rape and sexual assault, sexually transmitted disease and/or HIV/AIDS-related information, and/or to the use of your PHI in certain review and disciplinary proceedings of healthcare professionals by state authorities. In these situations, we will comply with the more stringent state laws pertaining to such use or disclosure.
We may also use PHI to send you appointment reminders and other communications relating to your care and treatment, or let you know about treatment alternatives or other health related services or benefits that may be of interest to you, via email, phone call, or text message. If you choose to communicate with us via emails, texts or chats, you acknowledge that we may exchange PHI with you via email, text or chat, that email, text and certain chat functionality may not be a secure method of communication, and that you agree to the security risks of such communication. If you would prefer not to exchange PHI via email, text or chat, you can choose not to communicate with us via those means, and you can notify
We may modify this Notice from time to time. The revised Notice will apply to all PHI that we maintain. We will make any such changes to this Notice by posting the revised Notice on our website. The date of the last update will be clearly indicated at the top of this Notice. Please review this Notice from time to time to ensure you are familiar with our HIPAA privacy practices.