Privacy Policy
Effective Date: January 1, 2025 | Greater ATL Health — Lyna Ashu, FNP-C
Your privacy matters. This policy explains what information we collect when you visit greateratlhealth.com, how we use it, and your choices. For information specifically about your medical records, see our HIPAA Notice of Privacy Practices.
Information We Collect
When you use our website or contact us, we may collect:
- Contact information you provide — name, phone number, email address — when you fill out a form, send an email, or call us.
- Booking information — selected visit type and appointment details when you use the booking widget or scheduler.
- Usage data — standard web server logs including IP address, browser type, referring URL, and pages visited. This data is used for security and site improvement only.
- Communications — any messages you send us through email or our contact channels.
We do not collect payment card information directly. Payment processing, if applicable, is handled by PCI-compliant third-party processors.
How We Use Your Information
- To respond to your inquiries and schedule appointments
- To provide telehealth services and coordinate your care
- To send appointment confirmations and reminders
- To improve our website and services
- To comply with legal and regulatory obligations
We do not sell, rent, or share your personal information with third parties for marketing purposes.
Protected Health Information (PHI)
Any health information collected during a medical visit or in connection with your care is Protected Health Information (PHI) governed by HIPAA, not just this Privacy Policy. Please review our HIPAA Notice of Privacy Practices for a full description of your rights and our obligations regarding your medical information.
Cookies and Tracking
Our website uses only essential functional cookies required for the site to operate correctly. We do not use advertising cookies, third-party tracking pixels, or behavioral analytics tools. We do not track your activity across other websites.
Third-Party Services
We use the following third-party services to operate our site and practice:
- Vercel — website hosting (vercel.com)
- Google Fonts — typeface delivery (fonts.googleapis.com)
- Telehealth Platform — HIPAA-compliant video visit software with a signed Business Associate Agreement (BAA)
- Scheduling Software — appointment booking (BAA in place)
Each third-party service is governed by its own privacy policy. We only work with vendors who provide appropriate HIPAA safeguards for any service that handles PHI.
Data Security
We take reasonable technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. Our website uses HTTPS with HSTS enforcement. All telehealth video sessions are encrypted end-to-end.
No method of transmission over the internet or electronic storage is 100% secure. If you believe your information has been compromised, please contact us immediately.
Data Retention
We retain medical records in accordance with Georgia state law requirements (generally a minimum of 7 years for adult patients, or until the patient turns 21 for minors, whichever is longer). Non-medical contact information is retained only as long as needed for the purposes described in this policy.
Children's Privacy
Our website is not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 without parental consent. If you believe we have inadvertently collected such information, please contact us and we will delete it promptly.
Your Choices
- Opt out of communications: Reply STOP to any text message, or email us at hello@greateratlhealth.com to be removed from non-essential communications.
- Access or delete your information: Contact us to request access to, correction of, or deletion of your non-medical personal information. Medical records are subject to HIPAA provisions.
Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be posted at greateratlhealth.com/privacy with an updated effective date. Continued use of our website after changes constitutes acceptance of the updated policy.
Contact Us
For questions about this Privacy Policy or to exercise your rights:
- Phone: (678) 570-7587
- Email: hello@greateratlhealth.com
- Mail: Greater ATL Health — Privacy Officer, Atlanta, GA
For medical record requests and HIPAA rights, see our HIPAA Notice of Privacy Practices.