Prism TeleHospitalists – Privacy Policy

At Prism TeleHospitalists, we are committed to protecting the privacy and security of patient and client information. As a provider of telemedicine services to healthcare facilities, we adhere to all applicable federal and state privacy laws, including the Health Insurance Portability and Accountability Act (HIPAA).

Information We Collect

We may collect and process the following types of information:

 

  • Protected Health Information (PHI): Medical history, diagnoses, treatment information, and clinical documentation
  • Personal Information: Name, date of birth, contact details
  • Technical Data: IP address, device information, and telemedicine session metadata
  • Facility Data: Information provided by partner hospitals for operational and clinical coordination

How We Use Information

We use collected information strictly for:

 

  • Delivering telehospitalist clinical services
  • Coordinating care with hospital staff and care teams
  • Documentation and billing purposes
  • Improving service quality and operational efficiency
  • Meeting regulatory and legal obligations

We do not sell or rent personal or health information.

HIPAA Compliance & Data Protection

Prism TeleHospitalists:

 

  • Maintains full compliance with HIPAA Privacy and Security Rules
  • Enters into Business Associate Agreements (BAAs) with partner hospitals and vendors
  • Uses encrypted, secure telemedicine platforms
  • Implements administrative, technical, and physical safeguards to protect PHI

Information Sharing

We may share information only when necessary:

 

  • With partner hospitals and healthcare providers involved in patient care
  •  With authorized third-party vendors under strict confidentiality agreements
  • When required by law, regulation, or public health authorities

 

All disclosures are limited to the minimum necessary standards.

Patient Rights

Patients retain rights under HIPAA, including:

  •  Access to their medical records
  • Request corrections to their information
  • Request restrictions on certain disclosures
  • Receive an accounting of disclosures

Requests should be directed to the patient’s treating facility or through our privacy contact.

Data Security

We employ industry-standard safeguards, including:

 

  • End-to-end encryption for telemedicine sessions
  • Secure data storage and access controls
  • Role-based access for clinicians and staff
  • Continuous monitoring for unauthorized access

Retention of Information

We retain information only as long as necessary to:

 

  • Fulfill clinical and operational purposes
  • Comply with legal and regulatory requirement

Third-Party Services

Our telemedicine services may utilize third-party platforms. All vendors are required to:

 

  • Sign BAAs
  • Maintain HIPAA-compliant security standards

Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted on our website with a revised effective date