Our Commitment to Your Privacy
Flore Inc. ("Flore," "we," "us," or "our") is committed to protecting the privacy of your health information. This Notice of Privacy Practices describes how medical information about you may be used and disclosed, and how you can access this information.
Protected Health Information (PHI)
PHI includes any individually identifiable health information that we create, receive, maintain, or transmit, including:
- Demographic information (name, address, date of birth)
- Medical history and health conditions
- Microbiome test results and analysis
- Treatment and care information
- Billing and payment information
How We May Use and Disclose Your PHI
Treatment: We may use your PHI to provide, coordinate, or manage your healthcare and related services, including sharing with your healthcare providers.
Payment: We may use and disclose your PHI to obtain payment for services provided to you.
Healthcare Operations: We may use your PHI for our internal operations, including quality assessment, training, and business planning.
As Required by Law: We will disclose your PHI when required by federal, state, or local law.
With Your Authorization: Other uses and disclosures will be made only with your written authorization, which you may revoke at any time.
Your Rights Regarding Your PHI
- Right to Access: You have the right to inspect and obtain a copy of your PHI.
- Right to Amend: You may request amendments to your PHI if you believe it is incorrect or incomplete.
- Right to an Accounting: You may request a list of disclosures we have made of your PHI.
- Right to Request Restrictions: You may request restrictions on certain uses and disclosures of your PHI.
- Right to Confidential Communications: You may request that we communicate with you in a specific way or at a specific location.
- Right to a Paper Copy: You have the right to obtain a paper copy of this notice upon request.
Our Responsibilities
- Maintain the privacy and security of your PHI
- Provide you with this notice of our legal duties and privacy practices
- Notify you if a breach occurs that may have compromised your PHI
- Follow the terms of this notice currently in effect
- Not use or disclose your PHI without your authorization except as described in this notice
Security Measures
We implement comprehensive security measures to protect your PHI:
- AES-256 encryption for data at rest and in transit
- Role-based access controls
- Regular security audits and assessments
- Employee training on HIPAA compliance
- Secure data centers with physical access controls
Contact Information
If you have questions about this notice or wish to exercise your rights, please contact our Privacy Officer:
Email: craig.rouskey@flore.com
Mail: Flore Inc., Privacy Officer, California & Illinois
Complaints
If you believe your privacy rights have been violated, you may file a complaint with us or with the Secretary of the Department of Health and Human Services. You will not be retaliated against for filing a complaint.
Changes to This Notice
We reserve the right to change this notice and make the new provisions effective for all PHI we maintain. Current notices will be posted on our website and available upon request.