HIPAA Compliance

How we protect your health information

Virtual IOP is committed to protecting the privacy and security of health information in accordance with the Health Insurance Portability and Accountability Act (HIPAA). This page explains how we handle health information and maintain compliance with federal privacy regulations.

What is HIPAA?

HIPAA is a federal law that creates national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge. It applies to:

  • Healthcare providers (doctors, clinics, hospitals)
  • Health plans (insurance companies, HMOs)
  • Healthcare clearinghouses
  • Business associates of these entities

Virtual IOP's Role

Directory Service

Virtual IOP operates as a directory service, not a healthcare provider. We:

  • • Do not provide medical services or treatment
  • • Do not access your medical records
  • • Do not store Protected Health Information (PHI)
  • • Connect you with HIPAA-compliant treatment providers

Information We Handle

What We Collect:

  • • Contact information (name, email, phone)
  • • General location (state/city)
  • • Type of treatment you're seeking
  • • Insurance provider (if voluntarily provided)

What We DON'T Collect:

  • • Medical diagnoses
  • • Treatment history
  • • Prescription information
  • • Clinical notes or records

Security Measures

While we are not a covered entity under HIPAA, we implement robust security measures to protect any information you share with us:

Technical Safeguards

  • • SSL encryption for all data transmission
  • • Secure servers with regular security updates
  • • Access controls and authentication
  • • Regular security audits

Administrative Safeguards

  • • Limited access to user information
  • • Staff training on privacy practices
  • • Confidentiality agreements
  • • Regular policy reviews

Provider HIPAA Compliance

All virtual IOP providers listed in our directory are required to:

  • Maintain full HIPAA compliance for their services
  • Use HIPAA-compliant video platforms for sessions
  • Protect all patient health information
  • Provide Notice of Privacy Practices to patients

Your Privacy Rights

When you contact a provider through our directory:

  • • The provider becomes responsible for protecting your health information
  • • You have all rights granted under HIPAA with that provider
  • • You can request their Notice of Privacy Practices
  • • You control how your health information is used and shared

Important Notice

Once you begin treatment with a virtual IOP provider, all communications about your care should go directly through that provider's secure, HIPAA-compliant channels. Do not share sensitive health information through our general contact forms or support channels.

Questions About Privacy?

If you have questions about how we handle information or our privacy practices:

Email: privacy@virtualiop.com

Phone: 1-800-VIRTUAL

For questions about a specific provider's HIPAA compliance or privacy practices, please contact that provider directly.