user
Login
Join Now
  1. Home
  2. Privacy Policy
Privacy Policy

Privacy Policy – DocSearch

Last Updated: February 20, 2026 Effective Date: February 20, 2026

DocSearch (“we,” “us,” or “our”) operates the website docsearch.com, the patient portal at patient.docsearch.com, and related telehealth and prescription medication services (collectively, the “Services”).

We are committed to protecting your privacy and the confidentiality of your information, including Protected Health Information (“PHI”) as defined under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information and PHI when you use our Services.

This policy complies with:

  • HIPAA Privacy Rule (45 CFR Part 160 and Subparts A and E of Part 164)
  • LegitScript Healthcare Certification Standard 6: Privacy
  • Applicable U.S. federal and state privacy laws in the jurisdictions we serve

By using our Services, you consent to the practices described in this Privacy Policy. If you do not agree, please do not use the Services.

1. Information We Collect

Non-PHI Personal Information:

  • Name, email address, phone number, date of birth, mailing address
  • Payment information (processed by PCI-compliant third parties; we do not store full card numbers)
  • Usage data (IP address, browser type, device information, cookies, analytics)

Protected Health Information (PHI):

  • Medical information (symptoms, medical history, diagnoses, prescriptions)
  • Health-related information provided through intake forms, telehealth consultations, or secure messaging
  • Information generated by providers (e-prescriptions, clinical notes)

We collect PHI only as necessary to provide telehealth consultations, prescriptions, and medication fulfillment.

2. How We Use Your Information

We use your information to:

  • Provide and improve the Services (telehealth consultations, prescriptions, medication shipping)
  • Process payments and orders
  • Communicate with you (confirmations, reminders, support)
  • Comply with legal obligations (reporting to pharmacies, public health authorities)
  • Perform anonymous analytics to enhance the platform

Specific uses of PHI (limited to Treatment, Payment, and Health Care Operations – TPO, as defined under HIPAA):

  • Treatment: Coordinating consultations, prescriptions, and follow-up care
  • Payment: Processing related claims or payments
  • Operations: Quality control, audits, staff training

3. How We Disclose Your Information

We disclose information only when permitted or required by law:

  • With authorized Business Associates (HIPAA-compliant partners):
    • Telehealth platform and backend provider (Telegra MD / Docsearch partners) – under a signed Business Associate Agreement (BAA)
    • Licensed pharmacies for dispensing and shipping medications
    • Laboratories or imaging providers, if applicable
  • For TPO purposes (as permitted under HIPAA)
  • When required by law:
    • Court orders, public health investigations, mandatory reporting (e.g., abuse)
    • Breach notification obligations (within HIPAA timelines)
  • With your express authorization (e.g., sharing with another healthcare provider)
  • De-identified or aggregated data (not PHI): For analytics, marketing, or research

We do not sell PHI or personal information.

4. How We Protect Your Information (HIPAA Compliance)

We implement the administrative, physical, and technical safeguards required by HIPAA:

  • Technical safeguards: All transmissions use SSL/TLS encryption (HTTPS). Data is encrypted at rest and in transit. Role-based access controls and multi-factor authentication for staff accounts.
  • Administrative safeguards: Workforce training on HIPAA, signed Business Associate Agreements with all partners handling PHI, regular risk assessments and audits.
  • Physical safeguards: Security measures for servers and facilities.
  • Breach response: We notify affected individuals and the U.S. Department of Health and Human Services (HHS) of any unsecured PHI breach within required HIPAA timeframes.

Our partners, including Telegra MD, operate under BAAs and are HIPAA-compliant.

5. Your Rights Under HIPAA

As an individual, you have the following rights regarding your PHI:

  • Access and obtain a copy of your PHI (subject to limited exceptions)
  • Request amendments if you believe information is inaccurate
  • Receive an accounting of disclosures
  • Request restrictions on certain uses or disclosures (we are not always required to agree)
  • Revoke prior authorizations
  • File a complaint with us or directly with the HHS Office for Civil Rights

Contact our Privacy Officer to exercise these rights (see Section 10).

6. Retention and Deletion

We retain PHI for the period required by law (e.g., 6 years under HIPAA) or as necessary for the original purpose. Non-PHI data is retained as needed for business operations.

7. Cookies and Tracking Technologies

We use essential cookies, analytics, and marketing cookies (with consent where required). You can manage preferences via our cookie banner. See our separate Cookie Policy (if applicable) for details.

8. International Transfers

All data is processed and stored in the United States. If you access Services from outside the U.S., your information will be transferred to and processed in the U.S.

9. Changes to This Privacy Policy

We may update this policy from time to time. Material changes will be posted here and, if significant, notified via email or in-site banner. Please review periodically.

10. Contact Information

Privacy Officer DocSearch Email:info@docsearch.com Phone: +1 (407)-974-6808 Mailing Address: Docsearch Health Solutions LLC 8135 NOBT, Orlando FL 328110

For HIPAA complaints: You may contact us first or file directly with the Office for Civil Rights at ocrportal.hhs.gov/ocr/smartscreen/main.jsf.

Thank you for trusting DocSearch. Protecting your privacy and health information is fundamental to our mission.