Last Updated :03/12/2025 03:04 PM

Introduction

Welcome to NY Best Medical. We value your privacy and are committed to protecting your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services. Our practices are designed to ensure that your data is handled responsibly and only for clearly defined purposes.

Scope and Applicability

This Privacy Policy applies to all information collected through our website and services. It covers both general personal information and the health information you provide when receiving care from us. The policy details our security controls, risk management practices, and procedures for responding to incidents, all designed to protect your information.

Information We Collect

Personal Information

• General Data: Name, email address, phone number, and any other information you voluntarily provide.
• Health Information: Details related to your health status, medical history, treatments, or healthcare services you receive from us (such as physical examinations, annual physicals, TB testing, drug screening, vaccinations, and telehealth visits).

Usage Data

• Information about your interactions with our website, such as IP address, browser type, operating system, and other technical details.

How We Use Your Information

We use the collected information for various purposes, including:

• Service Provision: To deliver and maintain our healthcare services and online platforms.
• Communication: To send you updates related to your appointments, healthcare services, and promotional materials (only if you have opted in).
• Enhancement: To analyze and improve our website, services, and overall user experience.
• Compliance and Operations: To fulfill our legal, regulatory, and operational obligations and to manage care processes like diagnosis, treatment, and quality assessment.

Purposeful Use Only

We commit to using your data solely for explicitly defined and necessary purposes. Every collection and use of your information is carefully considered and limited to what is required to provide you with quality healthcare services and support.

Sharing Your Information

We do not sell, trade, or rent your personal information. Your data is shared only under the following circumstances:

With Trusted Service Providers

• Third-Party Reliability: We partner only with reputable third-party service providers who meet our strict data protection requirements. These providers are contractually obligated to use your information solely to assist in our service delivery and are subject to regular oversight.
• Communication of Changes in Subprocessors: If we engage a new subprocessor or replace an existing one, we will notify you or provide a mechanism to object to such changes before the subprocessor begins handling your personal information (unless prohibited by law).

For Legal and Regulatory Requirements

• We may disclose your information when required by law or to comply with valid requests from public authorities, such as law enforcement.
• Notification of Disclosures to Third Parties: We maintain records of all disclosures of personal information to third parties. If we receive a legally binding request for disclosure, we will notify you unless prohibited by law.

Security of Your Information

We implement robust administrative, physical, and technical safeguards to protect your personal and health information, including:

• Encryption: Data is encrypted during transmission (using SSL/TLS) and while stored.
• Access Controls: Strict access controls and authentication measures limit access to your information.
• Audit Logging & Monitoring: Regular monitoring and maintenance of audit logs help detect and prevent unauthorized access.
• Employee Training: Our team receives ongoing training on data privacy and security practices.

While we strive to protect your data using these industry-standard measures, no method of electronic storage or transmission is completely secure.

Risk Management and Incident Response

• Risk Assessments: We perform regular risk assessments to identify and mitigate potential threats to your data.
• Incident Response: Our documented incident response plan outlines the procedures for managing and reporting any security incidents.
• Data Processing Monitoring: We log and monitor data processing activities. Any errors or anomalies are documented, investigated, escalated, and corrected in accordance with our policies and procedures.
• Continuous Improvement: We continuously update our security practices to address emerging risks and vulnerabilities.

Breach Notification Procedures

In the event of a data breach involving your personal or health information:

• Investigation and Containment: We will promptly investigate the incident and take steps to contain the breach.
• Notification: Affected individuals will be notified promptly, with details of the breach and recommended actions.
• Remediation: We will inform you of the steps taken to address and prevent future incidents.
• Regulatory Reporting: Where required, we will report the incident to the appropriate authorities.

Your Rights

General Privacy Rights

• Access & Correction: You have the right to request access to your personal information and to request corrections if any information is inaccurate.
• Mechanisms to Object: You have the right to object to certain types of processing, including direct marketing. To do so, please contact us at privacy@nybestmedical.com.

Requests for Deletion

• Deletion Requests: If you wish to have your personal or health information deleted when it is no longer needed for our legitimate purposes, you can submit a deletion request. We will review such requests in accordance with our data retention policies and legal obligations.

Rights Regarding Health Information

• Access: You have the right to access your health information held by us.
• Amendment: If you believe your health information is incomplete or incorrect, you may request an amendment.
• Disclosure History: You may request an account of disclosures of your health information.
• Complaints: If you feel your rights have been compromised, please contact us.
• Identity Verification: To protect your privacy, we may require you to provide sufficient information to verify your identity (or the authorization of an agent) before fulfilling data subject requests. If we cannot confirm your identity or authorization, we will notify you, deny the request, and retain supporting documentation.

Marketing Express Consent

We will only send promotional materials or marketing communications if you have opted in. Providing consent for marketing is voluntary and not a condition for receiving our healthcare services.

Consulting with Customer Prior to PII Disclosures

If we receive a request from an authorized agent, we will confirm directly with the data subject that the agent is authorized to make the request on their behalf before fulfilling it, unless prohibited by law.

Data Retention and Secure Disposal

• Retention Policy: We retain your personal and health information only as long as necessary to provide our services and comply with our legal obligations.
• Secure Disposal: When your data is no longer required, we will dispose of it securely to prevent unauthorized access.

Change to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant modifications, we will post a notice on our website or notify you through other appropriate means. Any changes become effective upon posting. By continuing to use our services after updates are posted, you agree to the revised policy. We encourage you to review this policy periodically to stay informed about how we protect your information.

Contact Us

If you have any questions or concerns regarding this Privacy Policy or your data privacy rights, please contact us:

Phone: (718) 972 3693
Email: privacy@nybestmedical.com
Mailing Address: 2965 Ocean Parkway, Suite 2A, Brooklyn, NY, 11235