QUESTIONS? Text: (855) 436-5457 or Call (719) 266-5800 MST support@amazing-meds.com

Privacy Policy & Notice of Privacy Practices

Effective Date: February 25, 2026

Last Updated: February 25, 2026

Amazing Meds (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal and health information. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website (amazing-meds.com), use our telehealth services, or interact with us in any way.

This Privacy Policy incorporates our Notice of Privacy Practices (NPP) as required by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the HITECH Act, and applicable state privacy laws.

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

1. Information We Collect

We collect the following categories of information:

Personal Information

  • Full name, date of birth, gender

  • Email address, phone number, mailing address

  • Government-issued ID (for identity verification)

  • Insurance information (carrier, member ID, group number)

  • Payment and billing information

Protected Health Information (PHI)

  • Medical history, current conditions, and symptoms

  • Medications, allergies, and treatment history

  • Laboratory results and diagnostic reports

  • Provider notes and treatment plans

  • Telehealth consultation recordings (audio/video, when applicable and with your consent)

  • Prescription records and pharmacy information

  • Mental health screening results (PHQ-9, GAD-7)

Technical Information

  • IP address, browser type, device information

  • Pages visited, time spent on site, referring URLs

  • Cookies and similar tracking technologies (see Section 7)

2. How We Use Your Information

For Treatment

  • To provide clinical evaluations, diagnoses, and treatment via telehealth

  • To prescribe medications and coordinate with compounding and retail pharmacies

  • To order, track, and interpret laboratory results

  • To communicate with you about your care plan and follow-up

  • To coordinate care with other providers when medically necessary

For Payment

  • To process payments for consultations and services

  • To submit claims to your insurance carrier (when applicable)

  • To verify insurance eligibility and benefits

  • To submit prior authorizations and process denial appeals on your behalf

For Healthcare Operations

  • To conduct quality assessments and improve our services

  • To train staff and providers on clinical protocols

  • To conduct internal audits and compliance reviews

  • To manage and operate our telehealth platform

With Your Written Authorization

  • To send marketing communications about new services or promotions

  • To share your information with third parties not described in this policy

  • To use or disclose your PHI for purposes not otherwise permitted by law

You may revoke any authorization in writing at any time by contacting our Privacy Officer. Revocation will not affect any actions we took before receiving your revocation.

3. How We Disclose Your Information

We may disclose your information without your authorization in the following circumstances, as permitted or required by law:

To Pharmacies: We transmit prescription information electronically to licensed compounding pharmacies (503A and 503B facilities registered with the FDA) and retail pharmacies (CVS, Walgreens, and others) to fulfill your prescriptions.

To Laboratories: We share relevant clinical information with laboratory partners (Quest Diagnostics, LabCorp, and others) to order and receive your lab results.

To Insurance Companies: When you provide insurance information, we share necessary clinical and billing data with your insurance carrier for claims processing, prior authorizations, and denial appeals.

To Business Associates: We share PHI with third-party vendors who perform services on our behalf and who are contractually bound by Business Associate Agreements (BAAs) to protect your information. These include electronic health record systems, billing and claims processing services, telehealth video platform providers, payment processors, cloud storage and hosting providers, and secure communication platforms.

As Required by Law: To comply with federal, state, or local laws and regulations; in response to court orders, subpoenas, or administrative requests; to report to public health authorities; to government agencies for health oversight activities; and for law enforcement purposes as permitted by HIPAA.

Other Permitted Disclosures: To avert a serious threat to health or safety; for workers’ compensation as authorized by law; to coroners, medical examiners, and funeral directors; for organ and tissue donation purposes; and for specialized government functions.

4. Your Rights Under HIPAA

As a patient of Amazing Meds, you have the following rights regarding your Protected Health Information:

Right to Access: You have the right to inspect and obtain a copy of your PHI maintained in our records, including medical records, billing records, and other records used to make decisions about your care. We will provide copies within 30 days of your written request. We may charge a reasonable, cost-based fee for copies.

Right to Amend: You have the right to request that we amend your PHI if you believe it is incorrect or incomplete. We may deny your request in certain circumstances (for example, if the information was not created by us, or if we determine the information is accurate). If denied, you may submit a statement of disagreement that will be included with your records.

Right to an Accounting of Disclosures: You have the right to request a list of certain disclosures we have made of your PHI. This accounting will not include disclosures made for treatment, payment, or healthcare operations, or disclosures you authorized in writing. We will provide one accounting per 12-month period at no charge.

Right to Request Restrictions: You have the right to request that we restrict how we use or disclose your PHI for treatment, payment, or healthcare operations. We are not required to agree to your request, except: if you pay for a service entirely out of pocket, you may request that we not disclose that information to your health plan, and we must honor that request.

Right to Confidential Communications: You have the right to request that we communicate with you about your health matters in a certain way or at a certain location. For example, you may request that we contact you only by email or at a specific phone number. We will accommodate all reasonable requests.

Right to a Paper Copy: You have the right to obtain a paper copy of this Notice of Privacy Practices at any time, even if you previously agreed to receive it electronically.

Right to Be Notified of a Breach: You have the right to be notified if a breach of your unsecured PHI occurs (see Breach Notification section below).

Right to File a Complaint: If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer (contact information below) or with the U.S. Department of Health and Human Services, Office for Civil Rights at www.hhs.gov/ocr/privacy/hipaa/complaints/ or by calling 1-877-696-6775. We will not retaliate against you for filing a complaint.

5. Protected Health Information (PHI)

Protected Health Information is any individually identifiable health information that we create, receive, maintain, or transmit. This includes information in any form — electronic, paper, or oral — that relates to your past, present, or future physical or mental health condition, the provision of healthcare to you, or payment for healthcare.

We apply the “minimum necessary” standard when using or disclosing PHI. This means we limit the PHI we use, disclose, or request to the minimum amount necessary to accomplish the intended purpose, except for disclosures for treatment purposes.

We may use de-identified health information (information that cannot reasonably identify you) for research, analytics, and quality improvement purposes. De-identified data is not subject to HIPAA restrictions.

6. Telehealth-Specific Privacy Practices

Because Amazing Meds delivers healthcare via telehealth, the following additional practices apply:

  • All video consultations are conducted through HIPAA-compliant, encrypted platforms. We do not record video consultations without your explicit consent. Providers conduct consultations from private, secure locations.

  • Prescriptions are transmitted electronically to pharmacies using encrypted, HIPAA-compliant systems. Your prescription information is shared only with the dispensing pharmacy.

  • Patient-provider messaging occurs through our secure, HIPAA-compliant patient portal. Do not send PHI via unsecured email, text message, or social media.

  • If enrolled in remote patient monitoring programs, health data transmitted from devices (blood pressure cuffs, scales) is encrypted and stored securely. This data is treated as PHI and subject to all protections in this policy.

  • Your IP address or stated location may be used to verify you are in a state where we are licensed to provide services.

7. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to improve functionality and user experience.

Essential Cookies: Required for site functionality (login, forms, security).

Analytics Cookies: Help us understand how visitors interact with our site (e.g., Google Analytics).

Marketing Cookies: Used to deliver relevant advertisements (e.g., Meta Pixel, Google Ads).

Important: In compliance with HHS guidance (December 2022, updated March 2024), we do not use tracking technologies (pixels, session replay tools) on pages where PHI is collected, including patient intake forms, patient portals, and appointment scheduling pages. Marketing pixels are limited to informational pages only.

8. Data Security

We implement administrative, technical, and physical safeguards to protect your information:

  • All PHI is encrypted in transit (TLS 1.2+) and at rest (AES-256)

  • Role-based access controls with unique user credentials for all staff

  • All access to PHI is logged and regularly reviewed via audit trails

  • All workforce members complete HIPAA privacy and security training annually

  • Electronic systems are housed in secure, access-controlled facilities

  • We conduct periodic risk assessments as required by the HIPAA Security Rule

No method of electronic storage or transmission is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

9. Breach Notification

In the event of a breach of unsecured PHI, we will:

  • Notify affected individuals in writing within 60 days of discovering the breach

  • Notify the U.S. Department of Health and Human Services as required by law

  • Notify prominent media outlets if the breach affects more than 500 residents of a state or jurisdiction

  • Include in our notification: a description of the breach, the types of information involved, steps you should take to protect yourself, what we are doing to investigate and mitigate the breach, and contact information for questions

10. State-Specific Rights

Colorado (Our Home State): Under the Colorado Privacy Act (CPA), you have the right to access, correct, delete, and obtain a portable copy of your personal data. You have the right to opt out of targeted advertising, sale of personal data, and profiling.

California: Under the CCPA/CPRA, California residents have the right to know what personal information is collected, request deletion, and opt out of sale. Note: PHI governed by HIPAA is exempt from CCPA.

We comply with all applicable state health privacy laws, including those that may provide greater protection than HIPAA.

11. Children’s Privacy

Amazing Meds does not knowingly provide telehealth services to individuals under the age of 18 without parental or guardian consent. If we learn we have collected information from a child under 18 without proper consent, we will delete that information promptly.

12. Changes to This Policy

We may update this Privacy Policy and Notice of Privacy Practices from time to time. When we make material changes, we will post the updated policy on our website with a new “Last Updated” date and notify patients via email of significant changes. We will not retroactively apply changes to reduce your rights without your written authorization.

13. We Do Not Sell Your Information

Amazing Meds does not sell your personal information or Protected Health Information to any third party, for any purpose, under any circumstances.

14. Contact Information

If you have questions about this Privacy Policy, wish to exercise any of your rights, or need to file a complaint:

Amazing Meds Privacy Officer 5777 North Academy Blvd, Colorado Springs, CO 80918

Phone: (719) 266-5800

Fax: (855) 436-5457

Email: privacy@amazing-meds.com

Hours: Monday – Friday, 8:30 AM – 4:30 PM MST

To File a Federal Complaint: U.S. Department of Health and Human Services

Office for Civil Rights

Website: www.hhs.gov/ocr/privacy/hipaa/complaints/

Phone: 1-877-696-6775

This Notice of Privacy Practices is provided in accordance with 45 CFR §164.520. Amazing Meds is required by law to maintain the privacy of your Protected Health Information, to provide you with this notice of our legal duties and privacy practices, and to abide by the terms of this notice currently in effect.

Cart Have a coupon ?
Subtotal $0.00
Total $0.00
Checkout - $0.00
  • 0
  • 1