Skip to main content
asymmetrichealth
Get Started Shop

Privacy Policy

Last updated: April 2026

Introduction

Asymmetric Health ("we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

Information We Collect

We may collect the following types of information:

  • Personal Information: Name, email address, phone number, and mailing address when you contact us, schedule a consultation, or purchase an evaluation.
  • Health Information: Medical history, symptoms, and health data provided during consultations and evaluations. This information is protected under HIPAA.
  • Usage Data: Information about how you interact with our website, including pages visited, time spent, and referring URLs.
  • Cookies and Tracking: We use cookies and similar technologies to improve your browsing experience and analyze website traffic.

How We Use Your Information

  • To provide and manage your healthcare services
  • To communicate with you about appointments, lab results, and treatment plans
  • To process payments and coordinate pharmacy services
  • To improve our website and services
  • To comply with legal and regulatory obligations

Notice of Privacy Practices (HIPAA)

As a healthcare provider, Asymmetric Health complies with the Health Insurance Portability and Accountability Act (HIPAA). This notice describes how your protected health information (PHI) may be used and disclosed, and how you can access this information.

How We Use Your PHI

  • Treatment: We use your PHI to provide, coordinate, and manage your healthcare, including sharing information with laboratories (Labcorp), compounding pharmacies, and specialists involved in your care.
  • Payment: We may use your PHI to process payments for services rendered. As a direct-pay practice, we do not submit claims to insurance on your behalf.
  • Healthcare Operations: We may use your PHI for internal quality improvement, training, and administrative operations.

Your Rights

  • Request access to or copies of your PHI
  • Request amendments to your health records
  • Request restrictions on how your PHI is used or disclosed
  • Request confidential communications (e.g., contact at a specific number)
  • Receive an accounting of disclosures of your PHI
  • File a complaint if you believe your privacy rights have been violated

Patient Portal

Asymmetric Health uses Hint Health as our patient portal and billing platform. Your health records, lab results, treatment plans, and communications are stored securely within HIPAA-compliant systems. You can access your portal at asymmetrichealth.hint.com.

We will not share your PHI without your written authorization, except as required by law (e.g., public health reporting, court orders, or to prevent serious threats to health or safety).

Data Security

Your health data is stored and managed through Hint Health, our HIPAA-compliant patient portal and EHR platform. Hint Health maintains the following security certifications and safeguards:

  • HIPAA/HITECH Compliance: Fully compliant with all regulations as updated by the Omnibus Rule, with policies mapped directly to the HIPAA Security Rule's Administrative, Physical, and Technical Safeguards.
  • SOC 2 Type 2 Attestation: Independently audited controls for security, availability, and confidentiality of patient data.
  • ISO 27001 Certification: International standard for information security management systems.
  • PCI DSS Level 1: Highest level of payment card data security certification for processing membership and evaluation payments.
  • Encryption: All data encrypted at rest (AES-256) and in transit (SSL/TLS). Encrypted backups performed every 24 hours.
  • Access Controls: All data access restricted by job function and logged for audit and anomaly detection. Business Associate Agreements executed with all vendors and subcontractors.
  • Ongoing Audits: Security controls audited annually by independent internal and external auditors. Risk assessments driven by NIST SP 800-30.

All workforce members complete mandatory HIPAA privacy and security training. While no system can guarantee absolute security, we employ enterprise-grade safeguards that meet or exceed industry standards for healthcare data protection.

Third-Party Services

We use the following third-party services in the delivery of your care:

  • Hint Health: Patient portal, electronic health records, billing, and secure messaging. Security details.
  • Labcorp: Laboratory services for diagnostic bloodwork and testing.
  • Compounding Pharmacies: Preparation and dispensing of customized medications prescribed by your clinician.

Each partner maintains their own privacy policies and handles your data in accordance with applicable regulations. We execute Business Associate Agreements with all partners who access protected health information.

Your Rights

You have the right to:

  • Access your personal and health information
  • Request corrections to inaccurate information
  • Request deletion of your personal information (subject to legal retention requirements)
  • Opt out of marketing communications
  • Request a copy of your medical records

Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us: