Privacy Policy
Last Updated: June 15, 2026
Direct Patient Systems Corporation ("Direct Patient Systems," "we," "us," or "our") values your privacy. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you visit or interact with our white-labeled virtual storefronts, clinical intake websites, patient portals, and mobile applications (collectively, the "Platform") built for our hospital system, integrated delivery network ("IDN"), and medical provider partners.
PLEASE READ THIS PRIVACY POLICY CAREFULLY. BY USING THE PLATFORM, YOU ACCEPTS AND CONSENT TO THE PRACTICES DESCRIBED IN THIS POLICY.
1. IMPORTANT NOTE ON PROTECTED HEALTH INFORMATION (PHI)
This Privacy Policy applies to the collection and use of standard personal information (such as website analytics, account credentials, and general contact form entries).
Please note: Information that you provide through the clinical intake, consultation, or treatment portals of the Platform constitutes "Protected Health Information" (PHI) governed by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). Your PHI is not governed by this Privacy Policy; instead, it is handled in strict compliance with the HIPAA Notice of Privacy Practices of the partner Healthcare Providers and Pharmacies delivering your care.
2. INFORMATION WE COLLECT
We may collect several categories of information from and about you:
- Personal Identifiers: Name, email address, physical address, date of birth, and telephone number when you register an account.
- Technical and Usage Data: IP address, browser type, device identifiers, operating system, and data detailing your navigation on the Platform (collected via cookies and tracking pixels).
- Billing Information: Credit card numbers, transaction history, and subscription details (processed securely by third-party payment processors).
- Health-Related Answers (Prior to Medical Intake): General screening survey responses indicating interest in specific treatment paths.
3. HOW WE USE YOUR INFORMATION
We use the information we collect to:
- Provide, maintain, and secure the Platform.
- Coordinate administrative scheduling, prescription ordering, and billing transactions.
- Enable secure communications between you and your licensed clinical providers.
- Analyze Platform usage to optimize user flow and application responsiveness.
- Ensure compliance with state and federal laws, including HIPAA administrative safeguards.
4. HOW WE SHARE YOUR INFORMATION
We may share your personal information in the following circumstances:
- **With Healthcare Providers**: To route your medical data and health profile to the licensed clinicians managing your virtual consultations and care plan.
- **With Pharmacies**: To route valid e-prescriptions to licensed dispensing pharmacies for home delivery.
- **With Service Providers**: With trusted third-party vendors who assist in hosting the Platform (e.g., AWS secure cloud servers), processing card payments, or facilitating messaging. These providers are bound by strict Business Associate Agreements (BAAs) or confidentiality clauses.
- **As Required by Law**: To comply with a subpoena, court order, or regulatory request, or to protect the safety and rights of Direct Patient Systems, our users, or the public.
5. DATA SECURITY
We implement industry-standard administrative, physical, and technical safeguards. All data transmitted through the Platform is encrypted using Secure Sockets Layer/Transport Layer Security (SSL/TLS) technology. Data stored on our servers is encrypted at rest using AES-256 standards. While we take exhaustive measures, no system is 100% secure, and we cannot guarantee absolute security.
6. STATE-SPECIFIC PRIVACY RIGHTS (E.G., CALIFORNIA CCPA/CPRA)
If you are a resident of California, Colorado, Virginia, or other states with comprehensive state privacy laws, you may have specific rights regarding your personal information under those frameworks (such as the right to know, delete, correct, or opt-out of the sale or sharing of your data). Please note that these laws generally **exempt** PHI that is regulated by HIPAA. To exercise any state-specific privacy rights, contact us using the details below.
7. CONTACT US
If you have any questions or concerns regarding this Privacy Policy, please contact us at:
© 2026 Direct Patient Systems Corporation. All rights reserved.