Start Your Weightloss Journey

Facebook-f Twitter Youtube
We are pleased to offer the convenience of telemedicine visits to our patients.

Privacy Policy

LOTUS WEIGHT LOSS HEALTH PRIVACY POLICY AND HIPAA NOTICE OF PRIVACY PRACTICES

Effective Date:  January 4, 2025
Last Updated: July 6, 2025

ABOUT THIS NOTICE

This Privacy Policy and HIPAA Notice of Privacy Practices describes how Lotus Wellness and Weight Loss Center, Dr. Gopika Gangupantula, and our affiliated healthcare providers (“we,” “us,” or “our”) collect, use, disclose, and protect your personal information and Protected Health Information (PHI) when you use our website, mobile applications, telehealth services, weight loss programs, dietary supplements, and FDA-approved medication services.

We are a HIPAA-covered entity providing healthcare services including telemedicine consultations, weight management programs, dietary supplement guidance, and dispensing of FDA-approved medications for weight loss.

PROTECTED HEALTH INFORMATION (PHI) UNDER HIPAA

What is PHI?

Protected Health Information includes any information that can identify you and relates to your past, present, or future physical or mental health, healthcare services provided to you, or payment for healthcare services. This includes:

  • Medical records and treatment information
  • Prescription records and medication history
  • Weight loss progress data and measurements
  • Telehealth consultation recordings and notes
  • Laboratory results and diagnostic information
  • Insurance and payment information
  • Photographs and body composition data

Our Obligations Under HIPAA

We are required by law to:

  • Maintain the privacy and security of your PHI
  • Provide you with this Notice of Privacy Practices
  • Follow the terms of this Notice
  • Notify you of any breaches of your PHI

Your Rights Under HIPAA

You have the right to:

  • Access your PHI and request copies of your medical records
  • Amend incorrect or incomplete PHI
  • Request restrictions on how we use or disclose your PHI
  • Request confidential communication through alternative means
  • File a complaint with us or the Department of Health and Human Services
  • Receive an accounting of disclosures of your PHI

INFORMATION WE COLLECT

Personal Information:

  • Name, address, phone number, email address, date of birth
  • Government-issued identification numbers
  • Emergency contact information
  • Insurance information and payment methods

Health Information:

  • Medical history and current health conditions
  • Current medications and allergies
  • Weight, height, and body composition measurements
  • Dietary habits and exercise routines
  • Progress photos and measurements
  • Vital signs and biometric data
  • Telehealth consultation data

Technical Information:

  • Device information and IP addresses
  • Usage data and application interactions
  • Location data (with consent)
  • Cookies and similar tracking technologies

HOW WE USE YOUR INFORMATION

Treatment, Payment, and Healthcare Operations (TPO)

We may use and disclose your PHI without your authorization for:

Treatment:

  • Providing medical consultations and telehealth services
  • Prescribing and dispensing FDA-approved medications
  • Coordinating care with other healthcare providers
  • Monitoring your progress and adjusting treatment plans

Payment:

  • Processing subscription payments and insurance claims
  • Billing for services and medications
  • Conducting payment-related activities

Healthcare Operations:

  • Quality assurance and improvement activities
  • Staff training and competency assessments
  • Business planning and development
  • Compliance monitoring and risk management

Marketing and Communications

HIPAA-Compliant Marketing: We may use your PHI for certain marketing activities without authorization, including:

  • Appointment reminders and follow-up communications
  • Information about treatment alternatives
  • General health and wellness information

Marketing Requiring Authorization: We will obtain your written authorization before using PHI for:

  • Promotional materials for third-party products or services
  • Communications that involve financial remuneration from third parties
  • Marketing of non-health related products or services

TELEHEALTH SERVICES COMPLIANCE

Informed Consent for Telehealth

Before providing telehealth services, we will obtain your informed consent, which includes:

  • Documentation of your identity and location
  • Explanation of telehealth technology and limitations
  • Privacy and security measures in place
  • Your right to refuse or discontinue telehealth services

Technology Requirements

We use HIPAA-compliant telehealth platforms that provide:

  • End-to-end encryption for all communications
  • Secure data storage and transmission
  • Access controls and audit trails
  • Business associate agreements with technology vendors

Recording and Documentation

  • Telehealth sessions may be recorded for quality assurance with your consent
  • All consultations are documented in your medical record
  • Recordings are stored securely and deleted according to retention policies

FDA-APPROVED MEDICATIONS AND SUPPLEMENTS

Prescribing and Dispensing

  • Only licensed healthcare providers prescribe FDA-approved medications
  • All prescriptions comply with federal and state regulations
  • We maintain proper records of all medication dispensing
  • Controlled substances are prescribed in compliance with DEA regulations

Supplement Information

  • Dietary supplements are regulated under the Dietary Supplement Health and Education Act (DSHEA)
  • We provide accurate information about supplement ingredients and potential effects
  • Health claims are substantiated with appropriate scientific evidence

Adverse Event Reporting

  • We maintain procedures for reporting adverse events to the FDA
  • Patients are encouraged to report any adverse reactions
  • We comply with all pharmacovigilance requirements

MARKETING COMPLIANCE

CAN-SPAM Act Compliance

All marketing emails include:

  • Clear identification of the sender
  • Truthful subject lines
  • Physical mailing address
  • Clear opt-out mechanisms
  • Prompt processing of unsubscribe requests

TCPA Compliance

For automated communications, we:

  • Obtain prior express written consent for marketing messages
  • Provide clear opt-out instructions
  • Honor opt-out requests immediately
  • Maintain records of all consent and opt-out requests

FTC Health Claims Compliance

All health-related marketing claims are:

  • Truthful and substantiated with competent and reliable scientific evidence
  • Clearly distinguishable from medical advice
  • Accompanied by appropriate disclaimers
  • Compliant with FDA regulations for health claims

DATA SECURITY AND PROTECTION

Technical Safeguards

  • Encryption: All PHI is encrypted in transit and at rest using industry-standard encryption
  • Access Controls: Role-based access controls limit PHI access to authorized personnel
  • Audit Trails: Comprehensive logging of all PHI access and modifications
  • Automatic Logoff: Systems automatically log off after periods of inactivity

Administrative Safeguards

  • Privacy Officer: Designated privacy officer responsible for HIPAA compliance
  • Security Officer: Designated security officer responsible for data protection
  • Training: Regular privacy and security training for all staff
  • Incident Response: Procedures for responding to security incidents and breaches

Physical Safeguards

  • Secure facilities with restricted access
  • Workstation security measures
  • Device and media controls
  • Secure disposal of PHI-containing materials

THIRD-PARTY SHARING

Business Associates

We may share PHI with business associates who perform services on our behalf, including:

  • Technology vendors and platform providers
  • Billing and payment processing companies
  • Legal and accounting services
  • Marketing and communication service providers

All business associates sign HIPAA-compliant Business Associate Agreements

Required Disclosures

We may disclose PHI without your authorization when required by law:

  • Public health authorities
  • Law enforcement agencies
  • Court orders and legal proceedings
  • Regulatory agencies (FDA, DEA, state boards)

PATIENT RIGHTS AND CHOICES

Access and Portability

  • You may request copies of your medical records
  • We provide records in your preferred format when possible
  • You may request electronic copies of your PHI
  • We may charge reasonable fees for copying and transmission

Amendment Rights

  • You may request amendments to your PHI
  • We will respond to amendment requests within 60 days
  • If we deny your request, we will provide a written explanation

Restrictions

  • You may request restrictions on how we use or disclose your PHI
  • We are not required to agree to restrictions except for disclosures to health plans for services you paid for in full
  • We will honor restrictions we agree to

Confidential Communications

  • You may request to receive communications through alternative means or locations
  • We will accommodate reasonable requests

BREACH NOTIFICATION

In the event of a breach of your PHI, we will:

  • Notify you within 60 days of discovery
  • Provide details about the breach and steps taken
  • Offer credit monitoring or other protective services if appropriate
  • Report the breach to the Department of Health and Human Services

RETENTION AND DISPOSAL

  • Medical records are retained according to federal and state requirements
  • PHI is securely destroyed when no longer needed
  • Electronic data is permanently deleted using approved methods
  • Physical records are shredded or incinerated

COMPLAINT PROCEDURES

If you believe your privacy rights have been violated, you may:

  • File a complaint with our Privacy Officer
  • Contact the Department of Health and Human Services Office for Civil Rights
  • File complaints without fear of retaliation

Privacy Officer Contact:
Sachin Gangupantula

Lotus Wellness and Weight Loss Center
1213 Coffee Rd, Ste D, Modesto CA 95355
Phone: (209) 317-9074
Email: Lotus Weight Loss

CHANGES TO THIS POLICY

We reserve the right to change this policy and make new provisions effective for all PHI we maintain. We will:

  • Post updated policies on our website
  • Provide copies of revised policies upon request
  • Notify you of material changes that affect your rights

CONTACT INFORMATION

For questions about this Privacy Policy or your privacy rights:

Lotus Wellness and Weight Loss Center
Dr. Gopika Gangupantula
1213 Coffee Rd, Ste D, Modesto CA 95355
Phone: (209) 317-9074
Email: Lotus Weight Loss

Acknowledgment: By using our services, you acknowledge that you have received and understand this Privacy Policy and HIPAA Notice of Privacy Practices.

 

We value your privacy. Our website uses cookies to enhance your browsing experience and ensure the site functions properly. By continuing to use this site, you acknowledge and accept our use of cookies.

Accept All Accept Required Only