HIPAA Compliance

Notice of Privacy Practices for Protected Health Information (PHI).

Effective Date: April 11, 2026

This Notice of Privacy Practices ("Notice") describes how Vytora Health may use and disclose your Protected Health Information (PHI) to carry out treatment, payment, or healthcare operations and for other purposes that are permitted or required by law. We are required by law to maintain the privacy of your PHI, provide you with this Notice, and to abide by its terms.

Uses and Disclosures of PHI

Treatment. We may use and disclose your PHI to provide, coordinate, or manage your healthcare and related services, including communication with other healthcare providers.

Payment. We may use and disclose your PHI to obtain payment for healthcare services, including billing, collection activities, and sharing PHI with insurance companies or collection agencies.

Healthcare Operations. We may use and disclose your PHI for quality assessment, case management, accreditation, licensing, credentialing, and conducting medical reviews, audits, or legal services.

As Required by Law. We may use and disclose your PHI when required to do so by federal, state, or local law, including for public health and safety, health oversight activities, judicial and administrative proceedings, law enforcement, research, organ donation, workers' compensation, and military purposes.

For any use or disclosure of your PHI not described above, we will seek your written authorization. You have the right to revoke any such authorization at any time in writing, except to the extent we have already taken action in reliance on it.

Your Rights Regarding PHI

• Right to Inspect and Copy. Submit a written request to our Privacy Officer at privacy@vytorahealth.com. We may charge a reasonable fee for costs of copying or mailing.
• Right to Amend. You may request an amendment to your PHI if you believe it is incorrect or incomplete.
• Right to an Accounting of Disclosures. You may request an accounting of disclosures made in the past six years, except for disclosures made for treatment, payment, or healthcare operations.
• Right to Request Restrictions. You may request a restriction on our use or disclosure of your PHI. We are not required to agree but will consider all requests.
• Right to Confidential Communications. You may request that we communicate with you in a specific way or at a specific location.
• Right to a Paper Copy of This Notice. Contact our Privacy Officer to obtain a paper copy.
• Right to be Notified of a Breach. You have the right to be notified if we discover a breach of your PHI.

Transmission of PHI

We are committed to protecting the privacy of your PHI and ensure that any electronic transmission complies with the HIPAA Privacy Rule (45 CFR 164), including use of SSL or equivalent technology. While we implement these measures, no method of electronic transmission is completely secure. We continuously monitor and update our security practices.

State-Specific Provisions

In addition to federal HIPAA requirements, we comply with applicable state-specific privacy laws. States with additional privacy protections include California (CMIA), New York (Confidentiality of Information Law), Texas (Texas Medical Privacy Act), Florida, Illinois, and Massachusetts. If you reside in a state not listed with additional privacy protections, please contact our Privacy Officer for more information.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with our Privacy Officer or with the Secretary of the Department of Health and Human Services at www.hhs.gov/ocr/privacy/hipaa/complaints or by calling 1-877-696-6775. You will not be retaliated against for filing a complaint.

Contact Information