Privacy Policy
Brichelle Privacy Information Policy
At Brichelle Med Spa LLC, the privacy of your data is privileged; as such, your data will not be sold or distributed to third parties for any marketing purposes.
Information Collected
We collect various pieces of information that are used to create and maintain your client record. Information required for this purpose includes but is not limited to: your health history; documentation regarding client consults and treatments; contact and billing information; and valid payment means. Information regarding your health and treatment details are administered through our Protected Health Information (PHI) protection methods, which is described below.
Text Messaging
Text messages may be used for communications if you provide a valid mobile phone number. For those text messages the frequency may vary and data rates may apply depending upon your service. Text messaging may be used to: answer questions that you may have; confirm appointments and provide reminders; post-treatment follow up inquiries. You can opt out of text messages by replying STOP during active text message streams.
PHI Protections
Information collected about you including documentation of your consultations and treatments are handled securely and confidentially through Brichelle’s PHI processes. PHI includes any information that identifies an individual and relates to their health, treatment, or payment for healthcare services.
Brichelle Med Spa LLC implements many methods for protecting your PHI, including but not limited to: access and role based controls to the information services; data encryption used by our computers, tablets and phones to the information service cloud-based systems; password security best practices among our staff.
Brichelle also safeguards PHI and implements stringent PHI sharing protocols such as the following measures:
1. Ensure Confidentiality: PHI is only accessible by authorized personnel.
2. Detect and Safeguard Against Threats: We regularly assess and address security risks.
3. Limit Uses and Disclosures: Only the minimum necessary information is shared for the required intended purpose.
4. HIPAA Compliance: The Brichelle staff complies with the Health Insurance Portability and Accountability Act (HIPAA) with respect to sharing any PHI with your designated healthcare provider, when you give us permission to do so. We do not share any PHI with insurance companies, as Brichelle Med Spa LLC does not accept insurance plans or payments.
3rd Party Services
Brichelle Med Spa LLC leverages other company’s services for conducting business and providing services to our clients. The core 2 services used for this purpose are described below.
Jane App
The Jane App’s integrated services are used for Brichelle’s client scheduling, record keeping, billing & payment processing, appointment confirmation and reminders, and electronic medical records. Data that is transmitted between Brichelle’s information technology electronics and the Jane App server is fully encrypted, using modern data encryption protocols that are also used within healthcare, banking and finance industries.
For additional details regarding the privacy policy of the Jane App, please refer to their Patient Data section from their website — https://jane.app/legal/privacy-policy
Dialpad
Brichelle leverages Dialpad for providing our own clients with phone voice communications, video and audio teleconferencing, texting and client contact services. Dialpad services are conducted within Google cloud services, utilizing the state-of-the-art security measures for the data that’s transmitted across networks. Dialpad does not license or sell its clients’ personal data to third parties, including advertisers, without consent, and Brichelle has not and will not consent to any of the Brichelle Med Spa client data to be shared or sold through Dialpad.
According to the company’s website, Dialpad has been certified by PrivacyTrust, formerly eTrust, for meeting strict privacy and data protection requirements. Dialpad has procedures in place that limit access to sensitive information and systems to staff that need to know. Their comprehensive privacy policy is publicly available online — https://www.dialpad.com/legal/#privacy