Privacy Policy

Effective Date: December 1, 2025 

SonoMe Diagnostic Medical Inc. (“we”, “us”, “our”) is committed to safeguarding the privacy of our patients’ information. This Privacy Policy explains how we collect, use, disclose, retain, and protect your individually identifiable health information and other personal information consistent with federal and California laws (e.g. HIPAA, CMIA, CCPA/CPRA if applicable).

1. Scope & Applicability

This Policy applies to personally identifiable information and Protected Health Information (“PHI”) that we obtain in the course of providing our ultrasound imaging and related services. If you are a patient, visitor, referrer, or user of our website, this Policy applies.

2. What Information We Collect

a) Protected Health Information (PHI): We collect medical and health-related information about you, including but not limited to:

• Name, address, telephone, e-mail, date of birth, insurance information

• Medical history, clinical test results, referring provider name, ultrasound images and interpretation reports

• Payment and billing information:
  We collect PHI when you register, attend imaging services, or via your referring provider.

b) Other Personal Information: We may collect personal information when you visit our website (e.g., name, email, cookies), contact us, fill out forms, or engage our services.

3. How We Use the Information

We use your information for the following purposes:

• To schedule and perform the imaging services, to interpret and report results, to notify your referring provider

• For billing, payment collection and insurance claims

• For healthcare operations: quality improvement, risk management, accreditation, training, audits

• To comply with legal and regulatory obligations (e.g., mandatory disclosures for public health)

• To communicate with you (appointment reminders, results notification, patient satisfaction surveys)

• To administer our website and improve our services

4. Disclosure of Information

We may disclose your PHI as permitted or required by law and as follows:

• To your referring provider, treating physicians, other healthcare providers involved in your care

• To your insurance company or third-party payors for payment purposes

• To business associates who perform functions on our behalf (e.g., IT support, billing services) under a Business Associate Agreement that requires compliance with HIPAA

• If required by law: e.g., for public health reporting, law enforcement, legal proceedings, health oversight activities

• We will obtain your written authorization for disclosures outside treatment, payment, and operations unless otherwise permitted by law.

5. Your Rights Regarding Your Health Information

Under HIPAA and California law (CMIA), you have the following rights (subject to applicable limitations):

• The right to request access to inspect and obtain a copy of your PHI.

• The right to request amendment or correction of your PHI.

• The right to receive an accounting of certain disclosures of your PHI.

• The right to request restrictions on certain uses/disclosures (though we are not required to agree to all requested restrictions).

• The right to request confidential communications by alternate means or at alternate locations.

• The right to receive a copy of our Notice of Privacy Practices.

• If applicable (depending on business size & services) under the CCPA/CPRA, rights to know what personal information we collect, disclose and/or sell, right to deletion or correction, right to opt out of sale — however PHI covered under HIPAA/CMIA may be exempt.

6. Security of Information

We employ administrative, physical and technical safeguards to protect the confidentiality, integrity, and availability of PHI in compliance with HIPAA’s Security Rule and California law. These include access controls, encryption, audit logs, workstation security, training of staff, and periodic review of practices. 

7. Retention and Disposal

Your records will be retained for the period required under applicable law (e.g., California Medical Records retention requirements) and will be disposed of securely when no longer needed.

8. Use of Website & Cookies

When you visit our website, we may collect non-health personal information (e.g., IP address, cookies) for analytics and site improvement. This information is de-identified and aggregated and does not include your PHI. If you are logged in or access a patient portal, any health information displayed is kept on secure systems compliant with HIPAA.

9. Third-Party Links & Services

Our website may contain links to third-party services (e.g., scheduling portals, payment processors). We are not responsible for the privacy practices of those third-parties; you should review their privacy policies. We ensure to the extent practicable that any third-party handling PHI on our behalf has appropriate agreements (Business Associate Agreements) in place.

10. Changes to This Privacy Policy

We may update this Policy from time to time. We will post the updated version with a “Last Updated” date. Continued use of our services after changes constitutes your acceptance of the updated Policy.

11. Contact Information

For questions, access requests, corrections or concerns regarding your health information or this Privacy Policy, please contact:

SonoMe Diagnostic Medical In.
Privacy Officer: Jillian Caceres
Phone: (951) 289-7102
Email: SonoMeDiagnostic@gmail.com