Your Privacy Rights (HIPAA Protocols)
Current as of: December, 2025
Our Pledge of Discretion
At Mobile Medical Providers, we recognize that our service model is unique. By inviting us into your home for treatment, you are granting us a level of access that goes beyond the typical clinic visit.
We take that responsibility seriously. This document outlines how we protect the sensitive data—known as Protected Health Information (PHI)—that we create while caring for you. Whether you are receiving services at a DFW Destination facility, at your home in the Metroplex, or via our National Mobile Network, we guard your privacy with the same intensity.
We are bound by the Health Insurance Portability and Accountability Act (HIPAA) to keep your data safe, to explain our duties to you, and to tell you immediately if your data is ever compromised.
How We Handle Your Data
We collect and share information only when it is necessary to treat you, run our business, or get paid. Here is what that looks like in practice:
- Direct Care: We share your history with the people actually treating you. For example, if TJ Mundheim is designing a peptide protocol for you, he needs to see your bloodwork and current medication list to prevent adverse reactions.
- Settling Accounts: We use your data to handle billing. If you use insurance, we must send them details about the services you received (like “joint injection” or “diagnostic screening”) to verify coverage and process claims.
- Improving Our Practice: We use patient data to audit our own performance. We might review a month’s worth of treatments to see how well our mobile units are adhering to our “White Glove” service standards or to train our staff.
- Logistics & Reminders: We may use your contact info to coordinate the arrival of a clinician at your home or to remind you that it is time for a follow-up screening.
- Onshore Security: In compliance with 2025 standards (including Texas SB 1188), all Electronic Health Records (EHR) are physically maintained on secure servers within the United States.
Mandatory Disclosures (When We Must Share)
There are specific situations where the law overrides our confidentiality agreement. These are rare, but we want you to be aware of them:
- Public Safety: We may release info to help control disease outbreaks or to report bad reactions to medications to the FDA.
- Regulatory Compliance: Government boards occasionally check our work. We must provide access to inspectors or auditors who are verifying that we are following state and federal laws.
- Judicial Mandates: If you become a party to a legal action, a judge or administrative body might compel us to release your records. We comply with valid subpoenas and court orders.
- Law Enforcement: We will cooperate with police if we are required by law to assist in identifying a suspect or locating a missing person.
Your Rights Over Your Records
You own your medical narrative. Under the law, you have specific powers regarding the data we hold:
- Access & Copies: You can ask to see the files we use to make decisions about your health. Since we use digital records, you have the right to get an electronic copy sent to you.
- Corrections: If you spot an error—like the wrong allergy listed in your file—you have the right to ask us to fix it.
- Transparency Report: You can ask for an “accounting of disclosures.” This is a list of everyone we shared your data with, outside of the normal cycle of treatment and billing.
- Setting Boundaries: You can ask us to limit how we use your data. For instance, if you pay for a service 100% out-of-pocket, you can demand that we not share that specific record with your insurance carrier.
- Communication Preferences: You decide how we talk to you. If you want us to avoid leaving voicemails at your home number and only call your cell, just tell us. We will honor reasonable requests to keep your medical life private.
Breach Protocol
Cyber-security is a priority, but if a breach ever occurs that exposes your unsecured PHI, we will be transparent.
Our Guarantee: We will notify you without delay—and no later than 60 days—after we discover a breach. We will explain exactly what happened, what data was exposed, and the steps we are taking to protect you.
Living Document (Changes to Policy)
Privacy laws evolve, and so do our internal systems. We maintain the authority to revise this document whenever necessary.
If we make an edit, the new rules will cover every record in our system, including files created before the update was made. We do not maintain separate policies for old records. You can always verify the latest protocols by checking the “Effective Date” at the top of this page.
Dispute Resolution & Complaints
If you feel your data was mishandled, or if you believe we fell short of these standards, please tell us.
- Internal Resolution: You can submit a grievance directly to our Privacy Lead via the contact information below.
- Federal Option: You also retain the option to alert federal regulators at the Department of Health and Human Services (HHS) if you are unsatisfied with our response.
Our Assurance: Filing a complaint will never negatively impact your care. We strictly prohibit retaliation against patients who exercise their privacy rights.
Contact Us
For privacy questions, records requests, or to opt out of certain communications, please contact: