Privacy Policy & HIPAA Notice of Privacy Practices
Effective Date: May 22, 2026
Introduction
BioRejuvenate MedSpa, operated by SKMD Wellness PLLC (“BioRejuvenate,” “we,” “our,” or “us”), respects your privacy and is committed to protecting your personal information and protected health information (“PHI”).
This Privacy Policy explains how we collect, use, disclose, store, and protect information obtained through our website, telehealth services, patient portal, electronic communications, and in-person services.
This policy is intended to comply with:
- HIPAA (Health Insurance Portability and Accountability Act)
- HITECH Act
- Texas Medical Records Privacy Act (Texas Health & Safety Code Chapter 181)
- Texas Identity Theft Enforcement and Protection Act
- Federal Trade Commission (FTC) consumer protection requirements
Applicable telehealth and healthcare privacy regulations
Information We Collect
We may collect:
Personal Information
- Name
- Address
- Email address
- Telephone number
- Date of birth
- Emergency contact information
- Payment information
Health Information
- Medical history
- Medication history
- Allergies
- Treatment goals
- Laboratory results
- Photographs
- Diagnostic information
- Consultation notes
- Treatment records
Website Information
- IP address
- Browser type
- Device information
- Website activity
- Cookies and analytics information
How We Use Information
We use information to:
- Provide medical, wellness, and aesthetic services
- Evaluate treatment eligibility
- Process appointments
- Conduct telehealth consultations
- Communicate with patients
- Process payments
- Coordinate prescriptions with pharmacies
- Improve patient care
- Comply with legal obligations
- Prevent fraud and misuse
HIPAA Protected Health Information
Protected Health Information (“PHI”) is used and disclosed only as permitted by HIPAA and applicable Texas law.
PHI may be used:
- For treatment
- For payment
- For healthcare operations
- As otherwise permitted or required by law
Any use outside these purposes requires patient authorization unless otherwise permitted by law.
Patient Rights
Patients have the right to:
- Access their medical records
- Request corrections to their records
- Receive an accounting of disclosures
- Request restrictions on certain disclosures
- Request confidential communications
- Obtain a copy of this Privacy Policy
- File a privacy complaint without retaliation
Requests may be submitted in writing to our Privacy Officer.
Disclosure of Information
We may disclose information to:
Healthcare Providers
- Physicians
- Nurse Practitioners
- Physician Assistants
- Nurses
- Other treating providers
Healthcare Service Providers
- Laboratories
- Pharmacies
- Imaging centers
- Telehealth platforms
Business Associates
Vendors who assist with:
- Electronic Medical Records
- Scheduling systems
- Payment processing
- Data storage
- Website hosting
All business associates are required to protect PHI in accordance with HIPAA.
Prescription Services
Prescriptions are issued only after evaluation by a licensed medical provider.
Partner pharmacies may receive information necessary to:
- Verify prescriptions
- Fulfill medications
- Conduct required safety reviews
Comply with state and federal laws
Telehealth Privacy
Telehealth services utilize secure platforms designed to protect patient confidentiality.
Patients acknowledge that:
- Electronic communications carry inherent risks.
- BioRejuvenate employs reasonable safeguards to reduce those risks.
- Telehealth services comply with applicable federal and Texas regulations.
Security Measures
BioRejuvenate maintains administrative, technical, and physical safeguards including:
- Role-based access controls
- Password protection
- Secure data storage
- Encryption where appropriate
- Staff HIPAA training
- Audit monitoring
- Secure disposal procedures
- Vendor compliance review
Access to patient information is limited to authorized personnel with a legitimate need to know.
Data Retention
Records are maintained in accordance with:
- HIPAA requirements
- Texas medical record retention laws
- Professional licensing requirements
Records may be retained after the end of the patient relationship as required by law.
Cookies and Analytics
Our website may use cookies and analytics tools to:
- Improve website performance
- Understand visitor behavior
- Enhance user experience
Patients may disable cookies through browser settings.
Marketing Communications
Patients may receive:
- Appointment reminders
- Educational materials
- Wellness information
- Promotional communications
Patients may opt out of marketing communications at any time.
We do not sell protected health information.
Children’s Privacy
Services are not directed toward individuals under age 18 without parental or legal guardian involvement as required by law.
Texas Privacy Rights
Texas residents may request information regarding:
- Personal information collected
- Corrections to information
- Privacy concerns
- Data security practices
Requests will be handled in accordance with applicable Texas law.
Breach Notification
In the event of a breach involving unsecured protected health information, BioRejuvenate will provide notifications as required under HIPAA, HITECH, and applicable Texas law.
Privacy Complaints
Patients may file a complaint without fear of retaliation.
Privacy Officer
BioRejuvenate MedSpa
Email: privacy@biorejuvenate.com
Phone: 972-777-2755
Patients may also file complaints with the:
U.S. Department of Health and Human Services Office for Civil Rights
Changes to This Policy
BioRejuvenate reserves the right to modify this Privacy Policy at any time. Updated versions will be posted on the website with a revised effective date.
