Privacy Policy and Protected Health Information (PHI) Protocols.

Personal Identifiable Information (PII): The Company collects data including name, date of birth, contact information, and state of residence to verify eligibility and facilitate administrative operations.

Protected Health Information (PHI): During clinical intake, the Platform gathers biological data including metabolic markers, height, weight, pre-existing conditions, and current medications solely for physician review.

Medical Facilitation: Collected data is utilized exclusively to establish a secure clinical bridge between the Patient and independent Practitioners for diagnosis and titration management.

Prescription Operations: Necessary biological data is transmitted to authorized, state-licensed compounding pharmacies for the sole purpose of prescription fulfillment and fulfillment accuracy.

Encryption Standards: All data at rest is secured via AES-256 bit encryption. Data in transit is protected by Transport Layer Security (TLS) protocols to prevent unauthorized interception.

Restricted Access: Access to PHI is strictly limited to authorized clinical staff and medical providers on a “need-to-know” basis, audited regularly for compliance.

Zero-Sale Policy: The Company does not sell, rent, or lease any Patient PII or PHI to third-party marketing entities. Clinical data is never shared for non-therapeutic purposes.

Regulatory Compliance: We may disclose information only when legally mandated by subpoena, court order, or federal regulatory requirements ensuring public health safety.

Right of Access: Patients maintain the right to request a digital copy of their clinical records stored on the Platform within the parameters of applicable state and federal laws.

Correction Protocol: You may request corrections to inaccurate or outdated PII through the administrative support portal.

Operational Tracking: We utilize essential cookies to maintain secure sessions and enhance platform performance. Technical analytics are used only in aggregate form to improve administrative workflows.

Clinical Archiving: Patient records are retained in accordance with state-specific medical record retention statutes. Data beyond the statutory period is subject to certified secure destruction.

For inquiries regarding data privacy or HIPAA compliance, please contact the Data Protection Officer via support@irisvitality.com or via official mail addressed to IrisVitality LLC Compliance Department.