Effective Date: September 22, 2025

At Resilient Bodies PLLC, we are committed to protecting the privacy and security of your personal and health information. This Privacy Policy outlines how we collect, use, and protect your information when providing virtual physical therapy services in Virginia.

1. Information We Collect
   We collect various types of personal and health-related information to provide you with virtual physical therapy services, including but not limited to:

• Personal Identification Information:
  Full name, email address, phone number, date of birth, and emergency contact information.
• Health Information:
  Medical history, current conditions, symptoms, diagnoses, previous treatments, and other relevant health information.
• Treatment Information:
  Progress notes, treatment plans, virtual session recordings (video/audio), exercises, and follow-up care.
• Payment Information:
  Credit card details, insurance information, billing addresses, and other payment-related data.

2. How We Use Your Information
   We use your information to:

• Provide virtual physical therapy assessments, treatments, and follow-up care.
• Communicate with you about your appointments, treatment plans, and progress.
• Process payments, insurance claims, and other administrative tasks.
• Maintain accurate medical and billing records.
• Improve our services, including virtual consultation tools, and enhance your experience with our platform.

3. How We Protect Your Information
   We take your privacy seriously and use a combination of physical, technical, and administrative safeguards to ensure your information is secure:

• Encryption: All sensitive information, including video sessions, is encrypted during transmission and storage.
• Secure Platforms: We utilize HIPAA-compliant video conferencing tools for virtual appointments to ensure secure and confidential communication.
• Limited Access: Only authorized personnel have access to your personal and health data. This includes licensed healthcare providers and administrative staff involved in your care.
• Data Backup and Recovery: We back up all data to secure servers to ensure availability and prevent data loss.

4. Compliance with Virginia and Federal Laws
   We comply with all applicable privacy laws and regulations, including:

• HIPAA (Health Insurance Portability and Accountability Act): We ensure the confidentiality, integrity, and availability of your protected health information (PHI).
• Virginia Consumer Data Protection Act (VCDPA): We respect your privacy rights under Virginia’s data protection laws and will not collect or share personal data without your consent, except as required by law.

5. Data Sharing and Disclosure
   We will not share your personal health information without your consent except in the following situations:

• With Your Consent: We may share your data with other healthcare providers if necessary for your treatment or upon your request.
• Legal Requirements: We may disclose your data if required by law, including subpoenas, court orders, or investigations by law enforcement agencies.
• Insurance or Billing Purposes: We may share your data with insurance companies or third-party billing services to process claims or payments.
• Business Associates: We may share data with business partners (e.g., IT service providers, payment processors) who are legally obligated to protect your information.

6. Your Privacy Rights
   As a resident of Virginia, you have certain rights regarding your personal data, including:

• Access: You have the right to request copies of your personal and health information that we have on file.
• Correction: You can request corrections to any inaccuracies in your information.
• Deletion: You have the right to request the deletion of your personal information, subject to legal and contractual obligations.
• Opt-Out: You may opt out of receiving non-essential communications (e.g., marketing emails). However, we may still contact you for essential matters like appointment reminders and medical updates.
  To exercise these rights, please contact us at [insert contact information].

7. Retention of Your Data
   We retain your personal health information for as long as necessary to provide services to you, maintain accurate medical records, comply with legal and regulatory requirements, and resolve disputes. After this period, we will securely delete or anonymize your data as required by law.

8. Cookies and Tracking Technologies
   We may use cookies or similar tracking technologies to enhance your experience on our website or app. These technologies help us track user behavior and improve the functionality of our online platform.

• Cookies: Small text files stored on your device that help us remember your preferences.
• Analytics: We may use third-party tools like Google Analytics to analyze how users interact with our website.
  You can manage your cookie preferences through your browser settings.

9. Changes to This Privacy Policy
   We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the features of our services. Any material changes will be communicated via email or on our website.

10. Contact Us
    If you have any questions or concerns about this Privacy Policy or wish to exercise your rights under the law, please contact us at:

    Resilient Bodies PLLC
    rb@resilientbodiespllc.com