5. HOW WE SHARE YOUR INFORMATION

5.1 Clinical Platform Partners

We share PHI with our contracted clinical platform vendors (including the licensed telehealth technology companies and provider networks we partner with) pursuant to executed Business Associate Agreements. These partners access PHI only as necessary to provide telehealth services and are contractually obligated to protect it.

5.2 Compounding Pharmacies

Prescription orders and necessary patient information are transmitted to licensed compounding pharmacies through our clinical partners’ secure e-prescribing systems. Pharmacies receive only the minimum necessary information to fulfill your prescription.

5.3 Service Providers

We engage third-party service providers who process data on our behalf, including:

  • Payment processors (PCI-DSS compliant)
  • Cloud hosting and data storage providers
  • Email service providers
  • Analytics and performance monitoring platforms
  • Customer relationship management (CRM) software providers

All service providers are contractually bound by data processing agreements requiring them to process your data only on our instructions and in compliance with applicable law.

5.4 Legal Requirements

We may disclose your information when required by applicable law, court order, government investigation, or when we reasonably believe disclosure is necessary to protect our legal rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

5.5 Business Transfers

If BioPhoenix undergoes a merger, acquisition, reorganization, or sale of all or substantially all of its assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any changes to this Privacy Policy that may result.

6. DATA SECURITY

BioPhoenix implements and maintains administrative, technical, and physical safeguards designed to protect your personal information and PHI from unauthorized access, use, disclosure, alteration, or destruction. Our security measures include:

  • Encryption of PHI and ePHI in transit (TLS 1.2+) and at rest (AES-256).
  • Access controls and role-based permissions limiting PHI access to authorized personnel.
  • Regular security risk assessments and vulnerability testing as required by the HIPAA Security Rule.
  • Employee training on HIPAA compliance, data security, and privacy obligations.
  • Business Associate Agreements with all vendors that access PHI.
  • Audit logs tracking access to and modifications of PHI.
  • Incident response and data breach notification procedures.

BioPhoenix Inc. is a marketing and management services organization. We are not a medical practice, pharmacy, or licensed healthcare provider. All clinical services are provided by independent, licensed healthcare professionals operating through licensed physician-owned professional corporations. All medical consultations are performed exclusively by licensed medical providers. Prescriptions are issued at the sole discretion of treating physicians and are not guaranteed. Medications are dispensed by licensed compounding pharmacies. BioPhoenix services are not available to individuals under 18 years of age. These services are not a substitute for emergency care. If you are experiencing a medical emergency, call 911 immediately.BioPhoenix is not a covered entity under HIPAA. Your health information is handled pursuant to our Privacy Policy and Business Associate Agreements with our clinical partners.

Facebook-f X-twitter Instagram
  • BARNEGAT NJ 08005
Resources
Our Services
Quick Links
©2026 BioPhoenix Inc. All Rights Reserved.