FRUITION MEDICINE – HIPAA NOTICE OF PRIVACY PRACTICES
Last revised: June 15 2025
We work at the pace of your trust. This Notice of Privacy Practices (“Notice”) explains how Fruition Medicine PLLC d/b/a Fishtown Medicine (“Fishtown,” “we,” “us,” “our”) safeguards, uses, and discloses your protected health information (“PHI”) and describes your rights under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and related state laws. Creating an account, receiving care, or communicating with us confirms you have received and understand this Notice.
We work at the pace of your trust.
1 Your Rights
You may… | What it means | How to exercise |
Access your record | View, download, or request paper copies—usually within 30 days—in the form/format you request (electronic if readily producible). You may also direct us to send it to anyone you designate. | Submit a written request to the Privacy Officer. |
Correct your record | Ask us to amend incomplete or inaccurate information. | Written request; approval or denial (with reason) within 60 days. |
Request confidential communications | Ask us to contact you at a specific phone, email, or address. | Written request; we honor reasonable requests. |
Limit PHI we use/share | Request limits on treatment, payment, or operations disclosures. | Written request; we may decline but honor any approved limits except emergencies. |
Restrict disclosure to your health plan when you self-pay | If you pay in full out-of-pocket for an item or service, we will not share that PHI with your health plan unless required by law. | Written request at or before the time of service. |
Receive an accounting of disclosures | Get a six-year history of non-routine disclosures. | Written request; first list each 12 months is free. |
Receive a paper copy of this Notice | Ask at any time, even if you agreed to electronic delivery. | Phone, email, portal, or in person. |
Appoint a representative | Someone with medical power of attorney or legal guardianship can act for you. | Provide legal documentation. |
File a complaint | Do so without fear of retaliation. | See § 10. |
2 Our Legal Duties
We are required by law to:
keep your PHI private;
provide this Notice explaining our privacy practices;
follow the terms of the Notice currently in effect; and
notify you if a breach compromises the privacy or security of your PHI.
Material changes trigger immediate updates in our portal, on our website, and (on request) in paper form.
3 How We May Use & Disclose PHI Without Written Authorization
Treatment – diagnose, treat, coordinate care, and consult with other clinicians.
Payment – submit claims, process billing, collect fees.
Healthcare Operations – quality improvement, audits, training, licensing.
Business Associates – share PHI with vendors (EHR, billing, cloud services) that sign HIPAA-required BAAs.
Public Health & Safety – disease reporting, recalls, abuse/neglect reporting.
Health Oversight – regulator inspections and investigations.
Legal Proceedings – court orders, subpoenas, warrants.
Workers’ Compensation – as authorized by law.
Research – with IRB approval or a valid privacy-board waiver.
Organ/Eye Donation coordination.
Serious Threat – avert imminent harm to health or safety.
Special Government Functions – military, national security, corrections.
Routine Communications – appointment reminders, test results, care coordination, or information about health-related benefits/services that may interest you.
Note on health-plan disclosures: We never share PHI with a health plan unless coverage or payment is required—for example, billing labs, prescriptions, imaging studies, or prior authorizations.
4 Uses & Disclosures That Never Occur Here
We do not:
use PHI for marketing communications;
sell PHI; or
release psychotherapy notes (if we maintain any) without your written authorization.
Any other use or disclosure of PHI not described in this Notice will occur only with your written authorization, which you may revoke at any time (except where already relied upon).
5 Extra Protections for Sensitive Information
We comply with all federal and state laws that give added protection to:
HIV-related information
Substance-use-disorder records (42 CFR Part 2)
Mental-health treatment notes
PHI related to lawful reproductive care (per the 2024 HHS reproductive-health rule)
Genetic Information: We never use genetic data for insurance underwriting or discriminatory purposes. Raw genetic data received for clinical interpretation is permanently deleted once processing is complete.
6 Safeguarding Your Information
Measure | What we do |
Encryption | PHI encrypted in transit and at rest. |
Access Controls | Role-based, minimum-necessary permissions. |
Audit Logs | Continuous monitoring for improper access. |
Secure Messaging | HIPAA-compliant SMS, video, and portal. |
Patient Responsibilities | Use strong passwords and secure personal devices. |
7 Data Retention & Destruction
We retain PHI for at least 7 years (or longer if law requires) and then destroy it using HIPAA-compliant methods.
8 Changes to This Notice
We may update this Notice to reflect legal or operational changes. Revised versions take effect when posted to fruitionmedicine.com/privacy. Material changes are also announced via portal message or email. Continued use of our services constitutes acceptance of the revised Notice.
9 Acknowledgement of Receipt
HIPAA requires that we make a good-faith effort to obtain your written or electronic acknowledgement that you received this Notice. Care is not conditioned on signing; refusal is documented.
10 Questions, Requests, or Complaints
Privacy Officer
Fruition Medicine PLLC
2418 E York St., Philadelphia, PA 19125
Phone (267) 360-7927
Email [email protected]
You may also contact the U.S. Department of Health & Human Services Office for Civil Rights (OCR):
Phone (800) 368-1019 TTY (800) 537-7697 Web hhs.gov/ocr/privacy/hipaa/complaints/
We will not retaliate against you for filing a complaint.
Your trust drives us. Thank you for letting Fruition Medicine protect your privacy while delivering preventive, personalized care.