ZYNDIO logo

ZYNDIO

Peptides, performance, and care

Compliance

HIPAA Notice of Privacy Practices

How protected health information is used, your rights, and how to file a privacy complaint.

Notice of Privacy PracticesHIPAA-alignedPatient rights
Compliance
Clinical privacy and data shield illustration in a soft blue palette
Counsel review required. This is a generic Notice of Privacy Practices template and is not attorney-drafted. Final legal review is required by counsel before production launch.

Compliance

HIPAA Notice of Privacy Practices

This notice describes how medical information about you may be used and disclosed and how you can access this information. Please review it carefully.

Last reviewed: April 25, 2026Effective date: April 25, 2026Contact: hello@zyndio.com

About this notice

This Notice of Privacy Practices describes how protected health information (PHI) about you may be used and disclosed in connection with services accessed through ZYNDIO, and how you can access this information. Please review it carefully.

ZYNDIO provides a technology platform that connects you with independent licensed clinicians, partner pharmacies, and laboratories. Each of those independent providers is a separate "covered entity" under the federal Health Insurance Portability and Accountability Act (HIPAA). They have agreed to handle PHI in a manner consistent with this notice. Where a specific provider has its own Notice of Privacy Practices, that more specific notice will also apply to PHI collected in that workflow.

What is protected health information (PHI)?

Protected Health Information, or PHI, is individually identifiable health information that relates to your past, present, or future physical or mental health, the health care provided to you, or the past, present, or future payment for that health care. Examples include your medical history, medications, lab results, prescription records, clinician notes, intake forms, and any treatment-related communications.

Information that is not connected to a clinical workflow — such as a marketing email signup or general site browsing — may not qualify as PHI. This notice covers PHI specifically. Other information is governed by our Privacy Policy.

How we use and disclose PHI

The clinicians, pharmacies, and laboratories that work with us may use and disclose PHI for the following purposes without your separate written authorization:

  • Treatment — providing, coordinating, and managing your health care, including consultations, prescription review, refill authorization, lab orders, and follow-up care.
  • Payment — billing for services, processing copays, verifying eligibility, collecting amounts owed, and resolving payment disputes.
  • Health care operations — quality review, clinical audits, training, accreditation, credentialing, business management, and compliance activities.
  • Business associates — sharing PHI with vendors that perform services on behalf of a provider (such as cloud hosting, e-prescribing, payment processing, or shipping coordination) under a written Business Associate Agreement.
  • As required by law — disclosures required by federal, state, or local law, including public health reporting, child and adult abuse reporting, and judicial or administrative proceedings.
  • Health and safety — to prevent or lessen a serious and imminent threat to the health or safety of you or another person.
  • Specialized purposes — military and veterans, workers compensation, coroners, organ donation, research with appropriate approvals, and certain national security activities, where permitted by HIPAA.

Disclosures that require your written authorization

Most uses and disclosures of PHI not described above will be made only with your written authorization. This includes most uses and disclosures of psychotherapy notes (where they exist), most uses and disclosures for marketing purposes, and any sale of PHI. You may revoke a written authorization at any time, in writing, except to the extent action has already been taken in reliance on it.

Your rights regarding PHI

You have the following rights with respect to PHI maintained about you. To exercise any of these rights, contact us at the address below. We may require requests to be in writing and may verify your identity before responding.

  • Right to access — you may inspect and obtain a copy of PHI maintained in a designated record set, in the form and format you request if it is readily producible. We may charge a reasonable, cost-based fee.
  • Right to amend — you may request that we amend PHI you believe is inaccurate or incomplete. We may deny the request in certain circumstances and will provide the reasons for the denial in writing.
  • Right to an accounting of disclosures — you may request an accounting of certain disclosures of PHI made in the six years prior to the request, excluding disclosures for treatment, payment, and health care operations and certain other categories.
  • Right to request restrictions — you may request a restriction on certain uses and disclosures of PHI for treatment, payment, or health care operations, or to family members involved in your care. We are not required to agree, except where you pay out-of-pocket in full for a service and ask us to restrict disclosure to a health plan.
  • Right to confidential communications — you may request that we communicate with you about PHI in a particular way or at a particular location (for example, by mail rather than email). We will accommodate reasonable requests.
  • Right to a paper copy of this notice — you may request a paper copy of this notice at any time, even if you have agreed to receive it electronically.
  • Right to be notified of a breach — you have the right to be notified following a breach of unsecured PHI, consistent with the HIPAA Breach Notification Rule.

Breach notification

If we or one of the providers that work with us discovers a breach of unsecured PHI, you will be notified without unreasonable delay and no later than required by applicable law. The notice will describe the information involved, what is being done to investigate and mitigate the breach, and the steps you can take to protect yourself.

Our duties

ZYNDIO and the clinicians, pharmacies, and laboratories we work with are required by law to maintain the privacy of PHI, to provide individuals with notice of legal duties and privacy practices with respect to PHI, and to abide by the terms of the notice currently in effect. We reserve the right to change the terms of this notice and to make the new notice provisions effective for all PHI that we maintain. Updated notices will be posted at this URL, and you can request a paper copy at any time.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with us by writing to the contact information below. You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. You will not be retaliated against for filing a complaint.

Contact us

For questions about this notice, to exercise any of your rights, or to file a privacy complaint, contact ZYNDIO Privacy Office at hello@zyndio.com. Mail correspondence may also be sent to ZYNDIO, Attn: Privacy Officer, c/o zyndio.com.