Privacy Policy

PrimeCure Hospital (“Hospital,” “we,” “us,” “our”) is fully committed to protecting the privacy and security of patient information. This Privacy Policy is issued pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and applicable Texas state privacy laws.

1. Our Notice of Privacy Practices

This policy serves as a summary of PrimeCure Hospital’s full Notice of Privacy Practices, which is provided to all patients at time of admission and is available at primecurehospital.com/privacy-notice. The Notice describes your rights and our obligations under HIPAA in full.

2. Information We Collect

Patient Health Information (PHI): All medical information created or received during your care — including clinical notes, diagnoses, treatment records, lab results, imaging, medication records, and billing information.

Personal & Demographic Data: Name, address, date of birth, contact details, Social Security Number, insurance ID, and emergency contact information.

Website & Digital Data: Technical information collected when you access primecurehospital.com, including browser type, device identifiers, IP address, and page activity.

3. Treatment, Payment & Operations (TPO)

HIPAA permits the use and disclosure of your PHI for Treatment (providing and coordinating your care), Payment (billing, claims, and reimbursement), and Healthcare Operations (quality assessment, staff training, and compliance). These uses do not require your separate authorization.

4. Uses Requiring Authorization

The following disclosures require your written authorization: marketing communications, sale of health information, most research purposes, and psychotherapy notes. You have the right to revoke authorization at any time.

5. Data Security Program

PrimeCure Hospital maintains a comprehensive information security program including: encryption of all electronic PHI at rest and in transit, role-based access controls and audit logging, biometric access restrictions in clinical data centers, annual staff HIPAA training and certification, and a formal Incident Response & Breach Notification Plan.

6. Your Patient Rights

  • Request and receive copies of your medical records
  • Request corrections or amendments to your record
  • Request an accounting of all disclosures made
  • Request restrictions on certain uses of your PHI
  • Receive a paper copy of our Notice of Privacy Practices
  • File a grievance with our Privacy Officer or with HHS OCR

7. Data Retention

Medical records are retained for a minimum of 10 years from the date of last service per Texas Health & Safety Code requirements. Pediatric records are retained until the patient’s 21st birthday or 10 years after last service, whichever is later.

8. Privacy Officer Contact

Chief Privacy Officer: privacy@primecurehospital.com | +1 (855) 974-6200 | 1100 Prime Medical Drive, Tower A, Houston, TX 77002.