Notice of Privacy Policy
Gardenia Aesthetics & Wellness Notice of Privacy Practices
Effective Date: June 17, 2026
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN ACCESS THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Gardenia Aesthetics & Wellness is committed to protecting the privacy and security of your medical information. This Notice of Privacy Practices ("Notice") describes how we may use and disclose your Protected Health Information ("PHI"), your rights regarding your PHI, and our legal obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), the California Confidentiality of Medical Information Act (CMIA), and other applicable federal and state privacy laws.
Throughout this Notice, "Gardenia Aesthetics & Wellness," "Gardenia," "we," "us," and "our" refer to Gardenia Aesthetics & Wellness and its workforce members, healthcare providers, staff, contractors, and business associates as permitted by law.
Our Commitment to Protecting Your Privacy
We understand that medical information about you and your health is personal.
We are required by law to:
-
Maintain the privacy and security of your Protected Health Information.
-
Provide you with this Notice of Privacy Practices.
-
Follow the terms of this Notice currently in effect.
-
Notify affected individuals following certain breaches of unsecured Protected Health Information.
-
Comply with applicable federal and California privacy laws.
-
Protected Health Information ("PHI") includes information that identifies you and relates to:
-
Your physical health
-
Mental health
-
Medical history
-
Treatment received
-
Payment for healthcare services
-
Prescription information
-
Diagnostic testing
-
Medical records
How We May Use and Disclose Your Protected Health Information
The following categories describe different ways we may use and disclose your PHI without obtaining additional authorization.
1. Treatment
We may use and disclose your PHI to provide, coordinate, and manage your healthcare.
Examples include:
-
Evaluating your eligibility for treatment
-
Reviewing medical history
-
Developing treatment plans
-
Consulting with other healthcare providers
-
Coordinating referrals
-
Monitoring treatment progress
-
Prescribing medications
-
Reviewing laboratory results
Examples of services include:
-
Medical weight loss programs
-
Wellness consultations
-
Neurotoxin treatments
-
Dermal fillers
-
Microneedling
-
Laser treatments
-
IV therapy
-
Telehealth services
-
Other medical aesthetic procedures
2. Payment
We may use and disclose your PHI to obtain payment for services provided.
Examples include:
-
Processing payments
-
Verifying benefits
-
Submitting claims
-
Collecting balances
-
Reviewing medical necessity
-
Processing financing arrangements
3. Healthcare Operations
We may use and disclose PHI for healthcare operations necessary to run our practice.
Examples include:
-
Quality assessment activities
-
Clinical training
-
Credentialing
-
Licensing
-
Auditing
-
Risk management
-
Compliance reviews
-
Staff performance evaluations
-
Business planning
-
Customer service improvement
Appointment Reminders and Communications
We may contact you regarding:
-
Appointment reminders
-
Appointment confirmations
-
Follow-up instructions
-
Treatment recommendations
-
Laboratory reminders
-
Wellness program updates
-
Weight loss program communications
Communications may occur through:
-
Telephone
-
Voicemail
-
Email
-
Text messaging
-
Patient portals
-
Mail
-
Secure electronic systems
Health-Related Services and Benefits
We may communicate information regarding:
-
Treatment alternatives
-
Follow-up care
-
Wellness services
-
Weight loss programs
-
Health-related products and services offered by Gardenia Aesthetics & Wellness
Individuals Involved in Your Care
Unless you object, we may disclose relevant PHI to:
-
Family members
-
Caregivers
-
Individuals involved in your healthcare
-
Persons responsible for payment
We may also disclose information when necessary to notify family members regarding your condition, location, or care.
Business Associates
We may share PHI with trusted third-party service providers that assist us in operating our practice.
Examples include:
-
Electronic medical record vendors
-
Telehealth platforms
-
Billing companies
-
Payment processors
-
IT service providers
-
Secure messaging vendors
-
Compliance consultants
Business Associates are required to protect your information and comply with HIPAA requirements.
Uses and Disclosures Required by Law
We may disclose PHI when required by federal, state, or local law.
Examples include:
-
Public health reporting
-
Regulatory investigations
-
Court orders
-
Subpoenas
-
Law enforcement requests
-
Government audits
-
Professional licensing boards
Public Health Activities
We may disclose PHI for public health purposes including:
-
Reporting communicable diseases
-
Reporting adverse events
-
FDA-related reporting
-
Product recalls
-
Disease prevention activities
Health Oversight Activities
We may disclose PHI to agencies responsible for:
-
Healthcare oversight
-
Licensing
-
Accreditation
-
Certification
-
Inspections
-
Investigations
Law Enforcement Purposes
We may disclose PHI when permitted or required by law to law enforcement officials under specific circumstances.
Judicial and Administrative Proceedings
We may disclose PHI in response to:
-
Court orders
-
Administrative orders
-
Subpoenas
-
Discovery requests
-
Legal proceedings
Serious Threat to Health or Safety
We may disclose PHI when necessary to prevent or lessen a serious threat to:
-
Your health
-
Your safety
-
The health or safety of another person
-
Public safety
Research
Under certain circumstances, PHI may be used or disclosed for research activities when authorized by law or approved by an Institutional Review Board.
Workers' Compensation
We may disclose PHI as authorized by workers' compensation laws and similar programs.
Uses and Disclosures Requiring Your Written Authorization
Certain uses and disclosures require your written authorization.
These include:
Marketing
Most uses of PHI for marketing purposes require written authorization.
Sale of PHI
We will not sell your Protected Health Information without your written authorization.
Use of Photographs
Marketing use of photographs, videos, testimonials, or before-and-after images generally requires separate written authorization.
Other Uses
Any use or disclosure not described in this Notice will require your written authorization unless otherwise permitted or required by law.
You may revoke an authorization at any time in writing, except to the extent action has already been taken.
Your Rights Regarding Your Medical Information
You have the following rights regarding your PHI.
Right to Access Records
You have the right to inspect and obtain a copy of your medical records, subject to certain exceptions.
Requests must be submitted in writing.
Reasonable fees may apply as permitted by law.
Right to Request Amendments
If you believe information in your records is incorrect or incomplete, you may request an amendment.
We may deny certain requests as permitted by law.
Right to an Accounting of Disclosures
You may request a list of certain disclosures made outside treatment, payment, and healthcare operations.
Right to Request Restrictions
You may request restrictions on certain uses or disclosures of PHI.
While we are not required to agree to every request, we will comply when required by law.
Right to Confidential Communications
You may request that communications be sent through alternative means or locations.
Examples include:
-
Alternative mailing address
-
Different phone number
-
Alternative email address
Right to Receive a Paper Copy
You may request a paper copy of this Notice at any time.
Right to Breach Notification
You have the right to be notified following certain breaches involving unsecured Protected Health Information.
Electronic Communications and Telehealth
Gardenia Aesthetics & Wellness may utilize:
-
Electronic medical records
-
Telehealth technologies
-
Secure messaging platforms
-
Patient portals
While reasonable safeguards are implemented, no method of electronic transmission can be guaranteed completely secure.
Artificial Intelligence and Administrative Technologies
Gardenia Aesthetics & Wellness may utilize artificial intelligence tools and automated technologies to assist with:
-
Appointment scheduling
-
Administrative support
-
Patient communication
-
Educational content
Artificial intelligence technologies do not replace professional medical judgment.
Clinical decisions are made by licensed healthcare professionals.
Our Responsibilities
We are required to:
-
Maintain the privacy of your PHI.
-
Provide notice of our legal duties and privacy practices.
-
Abide by the terms of this Notice.
-
Notify you following certain breaches.
-
Comply with HIPAA, HITECH, CMIA, and applicable privacy laws.
Changes to This Notice
We reserve the right to revise this Notice at any time.
Revised Notices may apply to information already maintained as well as information received in the future.
Current versions will be posted on our website and available upon request.
Complaints
If you believe your privacy rights have been violated, you may file a complaint without fear of retaliation.
You may contact:
Privacy Officer
Karl Amparo, MSN-Ed, FNP-C
Privacy Officer
Gardenia Aesthetics & Wellness
7184 Archibald Ave., Rancho Cucamonga, CA 91730
Email: privacy@gardeniaaesthetics.com
Phone: (Insert Office Number)
You may also file a complaint with:
U.S. Department of Health and Human Services
Office for Civil Rights
Complaint information is available at:
https://www.hhs.gov/hipaa/filing-a-complaint
We will not retaliate against you for filing a complaint.
Contact Information
Gardenia Aesthetics & Wellness
7184 Archibald, Ave. Rancho Cucamonga, CA 91730
Email: info@gardeniaaesthetics.com
Website: www.gardeniaaesthetics.com
Phone: (909)476-0448