HIPAA Notice of Privacy Practices

Effective: 6/3/2026

Uses & disclosures

We use protected health information (PHI) for treatment, payment, and healthcare operations, and as otherwise permitted or required by law (45 CFR §164.506).

Your rights

• Inspect and obtain a copy of your PHI.
• Request an amendment to your PHI.
• Request restrictions on uses and disclosures.
• Receive an accounting of disclosures.
• Receive confidential communications by alternative means.
• File a complaint without retaliation.

Technical safeguards on this website

• All form submissions are transmitted over TLS (HTTPS).
• Data is stored encrypted at rest in a HIPAA-eligible managed database.
• Access is restricted to authorized CareStars staff via individual logins; sessions auto-terminate after 15 minutes of inactivity.
• Every access, modification, and deletion of patient information is recorded in an audit log.
• Submitter IP addresses are stored only as one-way hashes.
• Strict-Transport-Security, no-sniff, and referrer-policy headers are enforced.

Breach notification

In the event of a breach of unsecured PHI, we will notify affected individuals without unreasonable delay and within 60 days, in accordance with 45 CFR §164.404.

Privacy Officer

Email: privacy@carestars.com · Phone: (240) 497-2933. You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights.

This website provides intake and contact tools — it is not a substitute for medical advice. For emergencies dial 911.