All your data is HIPAA compliant and encrypted.

HIPAA Privacy Notice

Last updated: March 23, 2026

VQ Healthy is designed to be HIPAA compliant. We protect your Protected Health Information (PHI) with the same standards used by healthcare organizations.
1. What is HIPAA?

The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that requires safeguards to protect the privacy and security of personal health information.

2. Protected Health Information (PHI)

PHI includes any individually identifiable health information. In VQ Healthy, this includes:

  • Your name and contact information
  • Health metrics (weight, blood sugar, heart rate, etc.)
  • Medication records and prescriber information
  • Appointment details
  • CGM (glucose monitor) data
3. How We Protect Your PHI
SafeguardImplementation
Encryption at RestAES-256-CBC for all PHI fields
Encryption in TransitTLS 1.2+ (HTTPS required)
Access ControlsSession-based authentication with 2FA option
Audit ControlsAll access and modifications logged with timestamp, user, IP
Integrity ControlsCSRF protection, input sanitization, prepared statements
Transmission SecuritySSL/TLS for all data transmission
Password Securitybcrypt hashing with cost factor 12
4. Your Rights Under HIPAA
  • Right to Access: You can view and export your health data at any time
  • Right to Amendment: You can request correction of your health records
  • Right to an Accounting of Disclosures: You can request a record of who has accessed your data
  • Right to Restrict Disclosures: You control which providers can access your information
  • Right to Confidential Communications: You choose how we contact you
5. Breach Notification

In the unlikely event of a data breach affecting your PHI, we will:

  • Notify you within 60 days of discovering the breach
  • Provide details about what information was affected
  • Describe steps we are taking to address the breach
  • Report to the HHS Secretary as required by law
6. Minimum Necessary Standard

We access, use, and disclose only the minimum amount of PHI necessary for the intended purpose. Provider connections only expose your medication list — not your full health data.

7. Contact Our Privacy Officer

For HIPAA-related questions or to exercise your rights:

VisionQuest Services LLC
Email: email4johnson@gmail.com

All your data is HIPAA compliant and encrypted.