top of page
IDS_Title_banner.jpg

Privacy Policy

Effective Date: July 15, 2025

​

1. Introduction

Innovative Diabetic Solutions (“we”, “us”, “our”) respects your privacy and commits to protecting your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information, in compliance with the federal HIPAA Privacy & Security Rules and applicable Florida state laws.

 

2. Covered Entity & State Obligations

We are a HIPAA-covered entity handling Protected Health Information (PHI) in compliance with 45 CFR Parts 160 & 164. In addition, as a medical provider in Florida, we comply with Florida laws that provide enhanced protections for medical records and patient privacy.

 

3. What We Collect

  • Identifiers & Contact Info: Name, address, date of birth, insurance details.
     

  • Health Data (PHI): Medical conditions, treatment history, insulin infusion records.
     

  • Technical Data: IP addresses, usage patterns, device/browser info.
     

4. How We Use & Disclose PHI

As permitted under HIPAA, and Florida law:

  • Treatment, payment, healthcare operations (TPO).
     

  • With patient authorization for purposes beyond TPO.
     

  • State-required disclosures:
     

    • Abuse, neglect, or exploitation of vulnerable adults or children must be reported to state agencies (Fla. Stat. §â€¯415.1034).
       

    • Sexual battery, criminal conduct, or death reporting as required by Fla. Stat. §â€¯456.057 and §â€¯794.027.
       

    • Infectious disease reporting (e.g., TB, STDs, cancer, etc.) to Florida Department of Health under Fla. Stat 38 1.026, 392.53, 384.25, 385.202.
       

  • We apply the minimum necessary standard for disclosures (Florida Department of Health).
     

5. Florida Patient Rights

Under state law (Fla. Stat. §â€¯381.026 & §â€¯456.057), patients have rights to:

  • Know provider names and qualifications.
     

  • Request prompt responses to inquiries, access to support services.
     

  • Obtain copies of medical records and itemized bills.
     

  • Refuse treatment, receive interpreter services, bring guests.
     

  • Be informed if treatment is experimental and consent accordingly (Florida Senate, Florida Board of Medicine).
     

6. Florida Security & Record-Keeping Requirements

Records owners must have written policies, procedures, and training for medical record confidentiality and security, and track all disclosures of patient records (Florida Senate).

 

7. Florida Data Security & Breach Notification

Under the Florida Information Protection Act (Fla. Stat. §â€¯501.171), we must implement reasonable data-protection measures for personal information, including PHI (The HIPAA Journal). In the event of a breach affecting over:

  • 500 individuals: notify Florida’s Dept. of Legal Affairs within 30 days, HHS OCR, and affected individuals.
     

  • Business associate breaches: must notify us within 10 days (The HIPAA Journal, howellbuchanandstrong.com).

 

8. Your Rights under HIPAA

You also retain federal HIPAA rights:

  • Access/receive copies of your PHI within 30 days.
     

  • Amend records, receive an accounting of disclosures (last 3 years).
     

  • Request restrictions, confidential communications, file complaints with us or HHS OCR (HHS.gov, Wikipedia, Florida Department of Health).

 

9. Safeguards

We maintain:

  • Administrative: Privacy Officer, staff training, regular risk assessments.
     

  • Technical: Encryption, secure electronic systems, MFA.
     

  • Physical: Secure facilities, restricted access, proper disposal methods.

 

10. Business Associates

We use vendors (e.g., billing, data hosts) bound by Business Associate Agreements (BAAs) that require HIPAA and Florida legal compliance.

 

11. Breach Notification Protocol

In the event of unauthorized PHI disclosure, we will promptly notify affected individuals, HHS OCR, and Florida’s Dept. of Legal Affairs if > 500 records are affected.

 

12. Notice of Privacy Practices

We provide a HIPAA-compliant Notice of Privacy Practices at first contact. This reflects our uses, your rights, and contact info—including alignment with Florida patient rights protections.

 

13. Updates to This Policy

We may revise this policy for changes in HIPAA, HITECH, Florida statutes (e.g. new reporting or data-security rules). Updates will be posted here with revised effective dates.

 

14. Complaints

If you believe your privacy rights were violated:

  • Contact our Privacy Officer at info@innovativediabeticsolutions.com or (561) 368‑4273.
     

  • File with the U.S. Department of Health & Human Services, Office for Civil Rights or the Florida Department of Health.

bottom of page