This document is template boilerplate for Prime Medical Group. Have qualified counsel review before production use.
Last updated: May 31, 2026
Prime Medical Group ("PMG," "we," "us," or "our") operates PrimeCare EMR, a cloud-based electronic medical record and practice management platform (the "Service"). This Privacy Policy describes how we collect, use, disclose, and protect information when you access or use the Service on behalf of PMG or its affiliated practices.
Protected Health Information (PHI) means individually identifiable health information as defined under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.
Electronic Protected Health Information (ePHI) means PHI that is created, received, maintained, or transmitted in electronic form.
Business Associate means a person or entity that performs certain functions or activities involving the use or disclosure of PHI on behalf of a covered entity, where applicable under HIPAA.
PMG is committed to maintaining administrative, physical, and technical safeguards designed to protect PHI in accordance with HIPAA and applicable state privacy laws. We limit access to PHI to authorized workforce members and use PHI only for permitted purposes, including treatment, payment, health care operations, and as otherwise required or permitted by law.
Where PMG acts as a covered entity or business associate, we enter into appropriate agreements and implement policies to support compliance with the HIPAA Privacy, Security, and Breach Notification Rules.
Depending on your role and use of the Service, we may collect:
We use information to:
We do not sell PHI. We may disclose information to service providers who assist in operating the Service under written agreements that require appropriate safeguards, to other health care providers for treatment purposes as directed by users, as required by law, or with patient authorization where applicable.
We employ measures such as encryption in transit, role-based access controls, audit logging, and workforce training. No system can guarantee absolute security; users must also follow PMG policies and protect credentials.
We retain PHI and related records for periods consistent with PMG retention schedules, contractual obligations, and applicable law. When retention periods expire, we dispose of or de-identify information in accordance with our policies.
Patients may have rights under HIPAA and state law to access, amend, or request an accounting of disclosures of their PHI. Requests should be directed to PMG's privacy office using the contact information below. This Policy does not constitute legal advice regarding individual rights.
We may update this Privacy Policy from time to time. Material changes will be communicated through the Service or other reasonable means. Continued use after the effective date constitutes acceptance of the revised Policy.
Privacy inquiries: privacy@primemedicalgroup.example
Prime Medical Group
Attn: Privacy Officer