This page explains how we collect and use personal information through our website, including text message communications, scheduling and contact forms, and other non-medical interactions. We also list our HIPAA Notice of Privacy Practices governing your health and medical information.
Effective Date: July 7, 2025
MindCraft Health LLC and MindCraft Concierge Services LLC (“we,” “our,” or “us”) are committed to protecting your privacy. This Website Privacy Policy explains how we collect, use, and safeguard personal information collected through our website, online forms, and third-party tools (like SMS/text communication services and analytics).
This Privacy Policy applies to all users of our website and those who interact with us via SMS or other digital communication channels. This policy does not govern medical records or health information collected through our patient portal, electronic medical record (EMR), or in the course of care, which are governed by our HIPAA Notice of Privacy Practices..
We may collect the following personal information:
Information may be collected when you:
We collect and use your information to:
By providing your phone number on this website, you consent to receive text messages from us for administrative or practice-related purposes such as appointment reminders, scheduling coordination, or practice, service, and relevant news updates. This consent is separate from any contact information collected through our patient portal or during the course of medical care, which is governed by our HIPAA Notice of Privacy Practices.
Mobile Opt-In, SMS consent, and phone numbers collected for SMS communication purposes will not be shared with third parties or affiliates for marketing purposes.
You may opt out of SMS messages at any time by replying “STOP.”
We may use cookies and similar tracking technologies to enhance your experience on our website, analyze usage, and improve our services. These may include first-party cookies (from our site) or third-party cookies (from services like Google Analytics, Meta Pixel, etc.).
Cookies allow us to:
You may opt out of cookies through your browser settings or via a cookie consent banner (if enabled). We do not use cookies to track or store protected health information (PHI).
If we implement new tracking technologies, we will update this policy accordingly.
We do not sell or rent your personal information. We may share some of your non-medical information with trusted service providers strictly for purposes of operating our business, website, and communication platforms (e.g. web hosting, analytics, and messaging platforms), but only as necessary. These providers are required to maintain the confidentiality and security of your information.
We implement appropriate technical and organizational safeguards to protect your data against unauthorized access, disclosure, or misuse.
You may:
If you have any questions about this Privacy Policy or your personal data, please contact us at:
MindCraft Health LLC
8 The Green #16016, Dover, DE 19901
info@mindcrafthealth.com
(302) 603-1005
Effective Date: July 7, 2025
By providing your phone number on this website, you consent to receive relevant text messages from MindCraft Health LLC. Phone Numbers obtained as part of the SMS consent process will not be shared with third parties for marketing purposes.
If you have consented to receive text messages from MindCraft Health LLC, you may receive messages related to the following:
This is separate from providing your phone number through our patient portal or during medical visits, which are governed by our HIPAA Notice of Privacy Practices.
Message frequency may vary depending on the type of communication. For example, patient portal users may receive 1-6 SMS messages per week related to their scheduled appointments during the week of the appointment. Text messages for portal message notifications or security authentication codes will vary based on usage. Subscribed updates will occur as new relevant content is available or published.
Please note that standard message and data rates may apply, depending on your carrier’s pricing plan. These fees may vary if the message is sent domestically or internationally.
You may opt-in to receive SMS messages from MindCraft Health LLC in the following ways:
You can opt out of receiving SMS messages at any time. To do so, simply reply "STOP" to any SMS message you receive. Alternatively, you can contact us directly to request removal from our messaging list.
Note that this only applies to text messages that are not medical or originated from the patient portal. Messages originated from the patient portal for medical reasons are governed under a separate HIPAA Privacy Policy and must be managed through your portal settings or by contacting our office directly. Replying STOP will not affect secure messages related to your care that are sent via the EMR system.
If you are experiencing any issues, you can reply with the keyword HELP. Or, you can get help directly from us at info@mindcrafthealth.com.
Visit https://www.mindcrafthealth.com/privacy#privacy-policy for our Privacy Policy and https://www.mindcrafthealth.com/privacy#sms-terms for our Terms of Service.
Effective Date: April 1, 2025
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATON. PLEASE REVIEW IT CAREFULLY.
We are committed to protecting the confidentiality of your medical information, and are required by law to do so. This notice describes how we may use your medical information at the Practice and how we may disclose it to others outside of the Practice. This notice also describes the rights you have concerning your own medical information. Please review it carefully and let us know if you have questions.
The Practice uses an integrated electronic medical record system (the “EMR”), which is able to be accessed by, and may be shared with, other providers who may also provide care at MindCraft Health LLC and/or its sister company MindCraft Concierge Services LLC. Use of the integrated EMR enables the Practice providers to work together to better address your health care needs as an integrated team. The EMR enables the Practice to obtain, exchange and provide access to your medical data electronically, for Treatment, Billing and related Healthcare Operations purposes (as those terms are defined in the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (“HIPAA”)). The EMR allows the Practice providers to see a more complete picture of your health.
Treatment: We may use your medical information to provide you with medical services and supplies. We may also disclose your medical information to others who need that information to treat you, such as doctors, physician assistants, nurses, medical and nursing students, technicians, therapists, emergency service and medical transportation providers, medical equipment providers, and others involved in your care. The Practice also offers an integrated care model and participates in Collaborative Care Models, Behavioral Health Integration, and Chronic Care Management, all of which will require sharing of your medical records and other information amongst treating providers and the care team.
For example, we will allow other physicians treating you to have access to your Practice medical record. To assure that your other treatment providers have quick access to your latest health information, we may participate in a community-based electronic health information exchange. We also may use and disclose your medical information to contact you to remind you of an upcoming appointment, to inform you about possible treatment options or alternatives, or to tell you about health-related services available to you, or to perform follow-up calls to monitor your care experience.
Family Members and Others Involved in Your Care: We may disclose your medical information to a family member or friend who is involved in your medical care, or to someone who helps to pay for your care. We also may disclose your medical information to disaster relief organizations to help locate a family member or friend in a disaster. During visits with family members and other visitors, let your physician and Practice personnel know if you do not want them to disclose your medical information during the visit.
Payment: We may use and disclose your medical information or other information necessary to process claims to your insurance carrier, to get paid for the medical services we provide and for supplies we provide to you. This may include my diagnosis and other records generated in the course of my treatment. For example, your health plan or Health Insurance Company may ask to see parts of your medical record before they will pay us for your treatment.
Practice Operations: We may use and disclose your medical information if it is necessary to improve the quality of care we provide to patients or to run the Practice. We may use your medical information to conduct quality improvement activities, to obtain audit, accounting or legal services, or to conduct business management and planning. We may also use de-identified or aggregated patient data for quality improvement, research, health outcomes analysis, or collaborations with third parties, including but not limited to payors, healthcare organizations, and pharmaceutical companies, as permitted by law. For example, we may look at your medical record to evaluate the care provided by Practice personnel, your doctors, or other health care professionals.
Affiliated Entities & Operational Support: MindCraft Health LLC and MindCraft Concierge Services LLC are legally distinct entities that may collaborate to support your care. MindCraft Health LLC provides administrative and operational services to MindCraft Concierge Services LLC under a management agreement. These services may include access to shared systems for scheduling, billing, recordkeeping, and other non-clinical support functions.
Although the two entities are separate, they may use common contractors and platforms, including a shared electronic medical record (EMR) system, in accordance with applicable privacy and security rules. Access to your information is limited to the minimum necessary for permitted purposes and complies with HIPAA standards.
Your identifiable PHI will not be used or disclosed by either entity for marketing or non-care-related purposes without your written authorization.
Research & Analytics: We may use or disclose your medical information for research projects, such as studying the effectiveness of a treatment you received. These research projects must go through a special process that protects the confidentiality of your medical information. In addition, the Practice may use de-identified or aggregated patient data for healthcare analytics, treatment improvement, and collaboration with research partners, in accordance with applicable laws.
Required by Law: Your PHI may be used and disclosed when required to do so by any other law not already referred to in the preceding categories; such as required by the FDA, to monitor the safety of a medical device. We also are required to give information to the State Workers’ Compensation Program for work-related injuries. As permitted by law, we may release health information about you if you are a danger to yourself or others.
Victims of Abuse, Neglect or Domestic Violence. Your PHI may be disclosed to a governmental authority, including a social service or protective services agency, authorized by law to receive reports of such abuse, neglect, or domestic violence if there is a reasonable belief that you are a victim of abuse, neglect or domestic violence.
Public Health: We also may report certain medical information for public health purposes. For instance, we are required to report births, deaths, and communicable diseases to the State. We also may need to report patient problems with medications or medical products to the FDA, or may notify patients of recalls of products they are using.
Public Safety: We may disclose medical information for public safety purposes in limited circumstances. We may disclose medical information to law enforcement officials in response to a search warrant or a grand jury subpoena. We also may disclose medical information to assist law enforcement officials in identifying or locating a person, to prosecute a crime of violence, to report deaths that may have resulted from criminal conduct, and to report criminal conduct at the Practice. We also may disclose your medical information to law enforcement officials and others to prevent a serious threat to health or safety.
Health Oversight Activities: We may disclose medical information to a government agency that oversees the Practice or its personnel, such as the State Department of Health, the federal agencies that oversee Medicare, the Board of Medical Examiners or the Board of Nursing. These agencies need medical information to monitor the Practice’s compliance with state and federal laws.
Coroners, Medical Examiners and Funeral Directors: We may disclose medical information concerning deceased patients to coroners, medical examiners and funeral directors to assist them in carrying out their duties.
Organ and Tissue Donation: We may disclose medical information to organizations that handle organ, eye or tissue donation or transplantation.
Military, Veterans, National Security and Other Government Purposes: If you are a member of the armed forces, we may release your medical information as required by military command authorities or to the Department of Veterans Affairs. The Practice may also disclose medical information to federal officials for intelligence and national security purposes, or for presidential Protective Services.
Judicial Proceedings: The Practice may disclose medical information if the Practice is ordered to do so by a court or if the Practice receives a subpoena or a search warrant. You will receive advance notice about this disclosure in most situations so that you will have a chance to object to sharing your medical information.
Disclosures to You or for HIPAA Compliance Investigations. The Practice may disclose your PHI to you or to your personal representative and is required to do so in certain circumstances described below in connection with your rights of access to your PHI and to an accounting of certain disclosures of your PHI. The Practice must disclose your PHI to the secretary of the United States Department of Health and Human Services (the "Secretary") when requested by the Secretary in order to investigate Practice’s compliance with privacy regulations issued under the federal Health Insurance Portability and Accountability Act of 1996.
Patient List & Communication Outreach. The Practice may use some of your PHI to maintain a list of patients it has served. This information may include your name, treatment facility, and the services Practice provided to you. The Practice may use this list and your contact information to notify you about available services, health-related programs, or updates relevant to your care. You may opt out of such communications at any time by notifying the Practice in writing.
Uses and Disclosures for Which Your Authorization is Required: With limited exceptions, the Practice must obtain your written authorization before it may disclose your medical information in the following circumstances: (1) to disclose psychotherapy notes, (2) to conduct marketing activities involving identifiable patient data, or (3) to sell your identifiable medical information to a third party. The Practice does not sell or share identifiable patient data for marketing or commercial purposes without your explicit written consent.
Information with Additional Protection: Certain types of medical information have additional protection under state or federal law. For instance, medical information about communicable disease and HIV/AIDS, and evaluation and treatment for a serious mental illness is treated differently than other types of medical information. For those types of information, the Practice is required to get your permission before disclosing that information to others in many circumstances.
Other Uses and Disclosures Requiring Authorization: If the Practice wishes to use or disclose your medical information for a purpose that is not discussed in this Notice, the Practice will seek your written authorization. If you give your authorization to the Practice, you may take back that authorization any time, unless we have already relied on your authorization to use or disclose the information. If you ever would like to revoke your authorization, please notify the Practice Manager in writing.
Right to Request Your Medical Information: You have the right to look at your own medical information and to get a copy of that information. (The law requires us to keep the original record.) This includes your medical record, your billing record, and other records we use to make decisions about your care. To request your medical information, write to the Practice Office. Federal and state laws permit a reasonable cost-based fee to be charged for the copying of patient records. You will be notified in advance what this copying will cost. You can look at your record at no cost. There will not be a charge to send your records to another physician’s office.
Right to Request Amendment of Medical Information You Believe Is Erroneous or Incomplete: If you examine your medical information and believe that some of the information is wrong or incomplete, you may ask us to amend your record. To ask us to amend your medical information, write to the Practice Manager.
Right to Get a List of Disclosures of Your Medical Information: You have the right to request a list of the disclosures we make of your medical information. If you would like to receive such a list, write to the Practice Manager. We will provide the first list to you free, but we may charge you for any additional lists you request during the same year. We will tell you in advance what this list will cost.
Right to Request Restrictions on How the Practice Will Use or Disclose Your Medical Information for Treatment, Payment, or Health Care Operations: You have the right to request the Practice from making uses or disclosures of your medical information to treat you, to seek payment for care, or to operate the Practice. In many cases, the Practice is not required to agree to your request for restriction, but if we do agree, we will comply with that agreement. However, the Practice must agree to your request not to disclose to your health plan any medical information about items or services for which you have paid in full, unless such disclosure is required for treatment or by law. If you do not want the practice to notify your health plan, you must notify us at the time of your registration in writing as well as make immediate arrangements to pay in full for your treatment or visit.
Right to Revoke Your Authorization. You may revoke Your Authorization, Your Marketing Authorization or any written authorization obtained in connection with your PHI, except to the extent that the Practice and/or Health Professionals have taken action in reliance upon it, by delivering a written revocation statement to the Practice Office.
Right to Request Confidential Communications: You have the right to ask us to communicate with you in a way that you feel is more confidential. For example, you can ask us not to call your home, but to communicate only by mail. To do this, write to the Practice Manager. At your request, you can also ask to speak with your health care providers in private outside the presence of other patients or family.
Right to a Paper Copy: If you have received this notice electronically, you have the right to a paper copy at any time. You may download a paper copy of the notice from the patient portal, or you may obtain a paper copy of the notice from the Practice Manager.
The Practice is required by law to protect the privacy of your medical information, give you this Notice of Privacy Practices, and follow the terms of the Notice that is currently in effect. The Practice is also required to notify you if there is a breach of your unsecured medical information.
This Notice of Privacy Practices applies to the Practice and its personnel, volunteers, students, and trainees.
From time to time, we may change our practices concerning how we use or disclose patient medical information, or how we will implement patient rights concerning their information. We reserve the right to change this Notice and to make the provisions in our new Notice effective for all medical information we maintain. If we change these practices, we will publish a revised Notice of Privacy Practices. You can get a copy of our current notice of Privacy Practices at any time by contacting the Practice Manager.
Please tell us about any problems or concerns you have with your privacy rights or how the Practice uses or discloses your medical information.
If for some reason the Practice cannot resolve your concern, you may also file a complaint with the Director, Office for Civil Rights of the U.S. Department of Health and Human Services. Upon request, the Privacy and Security Office will provide you with the correct address for the Director. We will not penalize you or retaliate against you in any way for filing a complaint with the federal government.
MindCraft Health LLC is a separate legal entity from MindCraft Concierge Services LLC. MindCraft Health LLC maintains a formal Management Services Organization (MSO) agreement with MindCraft Concierge Services LLC, which provides for shared infrastructure, administrative, and operational support. While both entities may utilize common infrastructure, staff, and independent contractors under the MSO agreement, each functions as an independent and distinct business. The MSO arrangement does not imply any shared clinical responsibility or liability. All clinical services, care decisions, and professional expertise are rendered solely by the treating provider, acting as an independent contractor under the authority of the respective entity.
Use of services from MindCraft Concierge Services LLC is entirely optional and is not a condition for receiving care from MindCraft Health LLC. Concierge services are entirely optional, are not billed to insurance, and require separate consent and direct payment.
Practice: Refers to MindCraft Health LLC, the covered entity responsible for maintaining Protected Health Information (PHI) and providing this Notice of Privacy Practices, as well as any affiliated professional entities (such as professional corporations or professional limited liability companies) that are owned by, operated by, or under common control with MindCraft Health LLC and provide healthcare services under the MindCraft Health brand. This does not include MindCraft Concierge Services LLC or any of its providers or affiliates.
MindCraft Concierge Services LLC: A separate legal entity offering cash-based services that contracts with MindCraft Health LLC for administrative and operational support, including operational functions such as billing, scheduling, and maintaining electronic medical records, under a management agreement.
Protected Health Information (PHI): Health information, including demographic data, that identifies you and relates to your past, present, or future physical or mental health or condition, the provision of health care to you, or payment for that care.
Electronic Medical Record (EMR): A digital system used by the Practice and its affiliates to document, manage, and coordinate care and services.
Treatment, Payment, and Healthcare Operations (TPO): Legal basis under HIPAA for sharing PHI without patient consent to deliver care, coordinate billing, and manage practice operations.
Business Associate: A third-party vendor or entity that handles PHI on behalf of the practice under a Business Associate Agreement.
Patient Portal: A secure web platform that allows patients to access their health records, message providers, complete and access forms, and manage appointments or medication. The patent portal is available at patient.mindcrafthealth.com.
-svg.webp){kind=icon}