Notice of Privacy Practices
How your health information is used, protected, and your rights as a patient.
Effective Date: April 4, 2026 | Last Updated: April 4, 2026
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
About This Notice
This Notice of Privacy Practices ("Notice") is provided by Flores & Flores, A Professional Corporation, doing business as The Doctor Medical Group ("we," "us," "our," or "the Practice"). It describes how we may use and disclose your protected health information ("PHI") and explains your rights regarding that information.
We are required by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), the California Confidentiality of Medical Information Act ("CMIA"), and other applicable laws to:
- Maintain the privacy of your protected health information
- Provide you with this Notice of our legal duties and privacy practices
- Abide by the terms of this Notice currently in effect
- Notify you in the event of a breach of your unsecured PHI
Plain language commitment: We believe you should be able to understand how your health information is handled without a law degree. We've written this notice in clear, plain language while meeting all HIPAA requirements.
How We May Use & Disclose Your Health Information
We may use and share your health information in the following ways without your written permission:
For Your Treatment
We use your health information to provide, coordinate, and manage your care. For example, sharing your medical history with a specialist we refer you to, discussing your treatment plan among your care team, or sending prescriptions to your pharmacy.
For Payment
We use your health information to bill and collect payment for services. For example, submitting claims to your insurance company, verifying coverage and eligibility, or communicating with your plan about your treatment for prior authorization.
For Healthcare Operations
We use your health information to run our practice and ensure quality care. For example, quality improvement activities, training staff, compliance programs, auditing, and business planning.
Other Permitted Uses (Without Your Authorization)
- As required by law — when federal, state, or local law requires disclosure
- Public health activities — reporting communicable diseases, vital statistics, or FDA-related concerns
- Abuse or neglect reporting — as required by California mandated reporter laws
- Health oversight — audits, inspections, and investigations by government agencies
- Legal proceedings — in response to a court order or valid subpoena
- Law enforcement — in limited circumstances as required by law
- To prevent a serious threat — to your health or safety, or the health and safety of others
- Workers' compensation — as authorized by workers' compensation laws
- Coroners, funeral directors, organ donation — as required by law
- Specialized government functions — military, veterans, national security, and intelligence activities
- With The Doctor Health Center Inc. — our management services organization assists with administrative operations under a Business Associate Agreement
Uses That Require Your Written Authorization
We will not use or share your health information for any of the following without your written permission:
- Marketing — we will never use your health info to market products or services without your consent
- Sale of your information — we will never sell your health information
- Psychotherapy notes — notes from mental health counseling sessions receive the highest level of protection
- Any purpose not described in this Notice
If you give us written authorization, you may revoke it at any time by notifying us in writing. Revocation won't apply to actions we've already taken based on your authorization.
Special Protections
We provide extra protections for sensitive health information — above and beyond what HIPAA requires — because we know how personal this information is to you.
HIV/AIDS Information
Under California Health & Safety Code Sections 120975–121020, your HIV test results and related information receive additional confidentiality protections beyond standard HIPAA rules. We will not disclose your HIV status except as specifically permitted by California law, which is more restrictive than federal HIPAA provisions. This includes information related to PrEP, PEP, HIV treatment, and viral load.
Mental Health Information
Mental health records receive enhanced protection under both HIPAA and California's Lanterman-Petris-Short (LPS) Act. Psychotherapy notes are stored separately and require your specific written authorization for disclosure in almost all circumstances.
Sexual Health & STI Information
STI test results and sexual health information are protected under California confidentiality laws. We will not disclose this information except as required or permitted by law, and only to the minimum extent necessary.
Gender-Affirming Care
Information related to gender-affirming treatments, hormone therapy, and gender identity receives the same protections as all other medical information. We affirm your right to privacy regarding your gender identity and medical history, consistent with California law including SB 107 protections.
Your Rights
You have the following rights regarding your health information:
Right to See and Get Copies of Your Records
You can request to inspect or get copies of your medical records. We'll provide them within 15 days (California requirement). We may charge a reasonable fee for copies. You can request records in electronic format.
Right to Request Corrections
If you believe your records contain an error, you can ask us to correct it. We'll respond within 60 days. If we deny your request, we'll explain why and you can submit a statement of disagreement.
Right to Know Who Received Your Information
You can request an "accounting of disclosures" — a list of when, to whom, and why we shared your health information outside of treatment, payment, and operations. The first request per year is free.
Right to Request Restrictions
You can ask us to limit how we use or share your information. We aren't required to agree in most cases, but we must agree if you ask us not to share information with your health plan for services you paid for entirely out of pocket.
Right to Confidential Communications
You can ask us to contact you in a specific way or at a specific location. For example, you can ask us to call your cell phone instead of your home phone, or send mail to a different address. We will accommodate reasonable requests.
Right to a Paper Copy of This Notice
You can request a paper copy of this Notice at any time, even if you agreed to receive it electronically. Just ask at any of our locations or contact our Privacy Officer.
Right to Be Notified of a Breach
If there is a breach of your unsecured health information, we will notify you as required by law. We take breaches extremely seriously and have protocols in place to prevent and respond to them.
Our Responsibilities
- We are required by law to maintain the privacy and security of your protected health information
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information
- We must follow the duties and privacy practices described in this Notice and give you a copy of it
- We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time by letting us know in writing.
Changes to This Notice
We can change the terms of this Notice, and the changes will apply to all information we have about you. The new Notice will be available upon request, in our offices, and on our website.
Filing a Complaint
If you believe your privacy rights have been violated, you can file a complaint. You will not be penalized or retaliated against for filing a complaint.
To file a complaint with us, contact our HIPAA Compliance Officers:
- Maxim Tselevich — HIPAA Compliance Officer
- Mandy Soverano — HIPAA Compliance Officer
- Email: privacy@thedoctor.me
- Phone: (323) 988-5900
- Mail: HIPAA Compliance, The Doctor, 7543 Santa Monica Blvd, West Hollywood, CA 90046
To file a complaint with the federal government:
U.S. Department of Health & Human Services
Office for Civil Rights
200 Independence Avenue, S.W., Washington, D.C. 20201
www.hhs.gov/ocr/complaints
1-877-696-6775
Nondiscrimination Statement
The Doctor Medical Group does not discriminate on the basis of race, color, national origin, age, disability, sex, sexual orientation, gender identity, gender expression, HIV status, or any other protected characteristic. We provide care to all patients with dignity and respect. We are proudly LGBTQIA+ affirming.
HIPAA Compliance Officers
Maxim Tselevich & Mandy Soverano
Email: privacy@thedoctor.me
Phone: (323) 988-5900
Mail: HIPAA Compliance, The Doctor, 7543 Santa Monica Blvd, West Hollywood, CA 90046
This notice is issued by Flores & Flores, A Professional Corporation, d/b/a The Doctor Medical Group.
Website operated by The Doctor Health Center Inc.. See also: Website Privacy Policy | Terms of Service
