Legal

HIPAA Notice of Privacy Practices

OnPoint Performance PLLC
Effective Date: April 28, 2026  ·  Last Updated: June 10, 2026

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Our Commitment to Your Privacy

OnPoint Performance PLLC is required by law to maintain the privacy of your protected health information (PHI), to provide you with notice of our legal duties and privacy practices with respect to PHI, and to notify you in the event of a breach of unsecured PHI.

We are required to abide by the terms of this Notice currently in effect. We reserve the right to change this Notice and make the new Notice effective for all PHI we maintain. Revised notices will be posted on our website and made available to patients on request.

What Is Protected Health Information?

Protected Health Information (PHI) is health information, including demographic data, that relates to your past, present, or future physical or mental health condition; the provision of healthcare to you; or payment for healthcare provided to you, and that can be used to identify you. This includes information transmitted or maintained in any form or medium, whether electronic, paper, or oral.

The Minimum Necessary Standard

When using or disclosing PHI, or when requesting PHI from another covered entity or business associate, OnPoint Performance PLLC will make reasonable efforts to limit the use, disclosure, or request to the minimum amount of PHI necessary to accomplish the intended purpose. This standard does not apply to disclosures for treatment purposes or to disclosures to you about your own information.

How We May Use and Disclose Your PHI

The following categories describe the ways we may use and disclose your PHI. Not every use or disclosure within a category will be listed; however, all uses and disclosures will fall within one of the categories.

Treatment

We may use and disclose your PHI to provide, coordinate, or manage your healthcare and related services. For example, we may share your information with laboratories, pharmacies, or other healthcare providers involved in your care.

Payment

We may use and disclose your PHI to obtain payment for services we provide. For example, we may share information with payment processors to process membership charges or to verify payment method validity.

Healthcare Operations

We may use and disclose your PHI for our healthcare operations, including quality assessment, provider performance evaluation, training, accreditation activities, and business management necessary to operate OnPoint Performance PLLC.

Business Associates

We may share your PHI with our business associates, third-party companies that perform services on our behalf. This includes Practice Better, our HIPAA-compliant patient portal vendor. All business associates are required to sign a Business Associate Agreement (BAA) and to protect your PHI in compliance with HIPAA.

As Required by Law

We will disclose your PHI when required to do so by federal, state, or local law, including reporting requirements to public health authorities, health oversight agencies, judicial and administrative proceedings, law enforcement, and as required to avert a serious threat to health or safety.

To You and Those Involved in Your Care

We may share information directly with you, and, with your agreement, with family members, friends, or others involved in your care or payment for your care.

Special Categories of PHI

Certain types of PHI, including but not limited to HIV/AIDS information, mental health information, substance use disorder treatment records, genetic information, and reproductive health information, may have additional protections under federal and state law. Where state law (including Florida and Texas) provides greater protection than HIPAA for these categories, we will follow the more protective law.

Uses and Disclosures Requiring Your Authorization

Other uses and disclosures of your PHI not described in this Notice will be made only with your written authorization, including:

  • Marketing communications using your PHI,
  • Sale of your PHI to any third party,
  • Most disclosures of psychotherapy notes,
  • Use of your PHI for research purposes (unless an exception applies),
  • Any other use or disclosure not permitted under HIPAA without authorization.

You may revoke a written authorization at any time by notifying us in writing, except to the extent we have already acted on it.

Fundraising

OnPoint Performance PLLC does not currently engage in fundraising activities that involve your PHI. If we begin doing so in the future, you will have the right to opt out of receiving fundraising communications.

Your Rights Regarding Your PHI

You have the following rights with respect to your protected health information maintained by OnPoint Performance PLLC:

Right to Access

You have the right to inspect and obtain a copy of your PHI, with limited exceptions. We will provide your records in the form and format you request when readily producible.

Right to Amend

If you believe your PHI is incorrect or incomplete, you may request that we amend it. We may deny the request under certain circumstances and will provide a written explanation.

Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures of your PHI made by us in the six years prior to your request, subject to limitations under HIPAA.

Right to Request Restrictions

You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or operations. We are not required to agree to most requests.

Right to Confidential Communications

You have the right to request that we communicate with you in a certain way or at a certain location (for example, only by email, or only at a specific address).

Right to a Paper Copy

You have the right to obtain a paper copy of this Notice upon request, even if you have agreed to receive it electronically.

Right to Breach Notification

You have the right to be notified following a breach of your unsecured PHI, as required by HIPAA and applicable state law.

Right to Restrict Disclosures to Health Plans

You have the right to request a restriction on disclosures of PHI to a health plan for purposes of payment or healthcare operations, when you have paid for the related services in full out of pocket.

To exercise any of these rights, please submit your request in writing to: info@onpointperformancepllc.com. We will respond within the timeframes required by HIPAA.

State Law and Preemption

This Notice is intended to comply with HIPAA. Where Florida or Texas state law provides patients with greater protection than HIPAA, we will follow the more protective state law. Where state law and HIPAA conflict, HIPAA generally controls unless state law provides greater privacy protection.

Breach Notification

In the event of a breach of your unsecured PHI, OnPoint Performance PLLC will notify you as required by the HIPAA Breach Notification Rule and applicable state law. Notification will be provided without unreasonable delay and no later than 60 calendar days following discovery of the breach.

Our Safeguards

OnPoint Performance PLLC maintains administrative, physical, and technical safeguards to protect your PHI from unauthorized access, use, or disclosure. Specific measures include:

  • HIPAA-compliant patient portal infrastructure through Practice Better, with a signed Business Associate Agreement,
  • Encryption of PHI in transit and at rest where supported by the platform,
  • Access controls limiting PHI to authorized personnel only,
  • Regular review of vendor security practices and BAA compliance.

How to File a Complaint

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services. You will not be retaliated against for filing a complaint.

OnPoint Performance PLLC Privacy Officer

Email: info@onpointperformancepllc.com
Phone: (682) 368-3262

U.S. Department of Health and Human Services
Office for Civil Rights (OCR)

Website: www.hhs.gov/hipaa/filing-a-complaint
Toll-free: 1-800-368-1019
TDD: 1-800-537-7697

Contact Us

For questions about this Notice, to exercise your rights, or to obtain a paper copy, contact our Privacy Officer:

OnPoint Performance PLLC
Privacy Officer · Concierge Telehealth Licensed in Florida and Texas
Email: info@onpointperformancepllc.com
Phone: (682) 368-3262