Privacy Policy
Last Updated: January 25, 2026
1. INTRODUCTION
Vanguard Men's Health ("Company," "we," "us," "our," or "Provider") is committed to protecting your privacy and ensuring you have a positive experience on our website and through our telemedicine services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our healthcare services.
Please read this Privacy Policy carefully. If you do not agree with our policies and practices, please do not use our services.
This Privacy Policy is subject to and incorporates by reference the provisions of our Terms & Conditions, which govern the use of our website and services.
2. INFORMATION WE COLLECT
2.1 Personal Health Information (PHI)
In accordance with the Health Insurance Portability and Accountability Act (HIPAA), we collect Protected Health Information (PHI) necessary to provide telemedicine services:
• Medical History: Symptoms, medications, allergies, past medical conditions, family history, and relevant lifestyle factors
• Appointment Information: Consultation dates, times, duration, and clinical notes
• Test Results: Laboratory values, hormone levels, imaging results, and diagnostic findings
• Treatment Plans: Prescribed medications, dosages, delivery methods, and therapeutic protocols
• Ongoing Monitoring Data: Follow-up assessments, symptom tracking, and treatment response information
• Payment/Insurance Information: Billing address, payment method, insurance carrier details, and claim information
2.2 Personal Identification Information
• Legal name and date of birth
• Social Security Number (for billing and tax purposes only)
• Address (residential and/or mailing)
• Email address
• Telephone number(s)
• Emergency contact information
2.3 Technology and Usage Information
• IP address and device identifiers
• Browser type and operating system
• Pages visited and time spent on website
• Links clicked and features used
• Referral source and site navigation patterns
• Device type, operating system, and unique device identifiers
• Cookies and similar tracking technologies (described in Section 9)
2.4 Communications Information
• Email correspondence with our clinical and administrative staff
• Text message (SMS) communications (see Section 7 for SMS-specific terms)
• Phone call recordings (when applicable and with prior consent)
• Voicemail messages
• Patient portal messages and notes
2.5 Information Collected from Third Parties
We may obtain health information from:
• Previous healthcare providers (with written authorization)
• Laboratory facilities where your tests are processed
• Pharmacy partners fulfilling your prescriptions
• Insurance carriers for billing verification
• Business associates who support our operations under HIPAA Business Associate Agreements (BAAs)
3. HOW WE USE YOUR INFORMATION
3.1 Primary Uses of PHI
Your Protected Health Information is used exclusively for:
A. Treatment: Diagnosing your condition, providing telemedicine consultations, prescribing medications, monitoring treatment response, and managing your ongoing care
B. Payment: Processing insurance claims, billing statements, payment collection, and verifying coverage
C. Healthcare Operations: Scheduling appointments, communicating treatment information, ensuring continuity of care, quality improvement, and staff training (all in de-identified or limited format)
3.2 Limited Uses of Personal Information
• Service Improvement: Analyzing patient feedback to improve clinical protocols and service delivery
• Compliance: Meeting legal obligations, regulatory requirements, and accreditation standards
• Security: Detecting fraudulent activity and protecting against unauthorized access or data breaches
• Administrative: Account maintenance, password reset, billing inquiries, and appointment reminders
3.3 Communication Uses
We may use your contact information to:
• Confirm appointments and send appointment reminders
• Provide test results and treatment updates
• Send prescription refill notifications
• Deliver important clinical or administrative communications
• Respond to your inquiries or requests
We will NEVER use your health information for marketing, advertising, or sale to third parties without your explicit written consent.
3.4 De-Identified Data
We may use de-identified health information (data from which all personally identifiable information has been removed) for:
• Clinical research (with IRB approval)
• Statistical analysis and quality reporting
• Educational purposes
• Operational improvements
• Public health surveillance (when required by law)
4. HIPAA COMPLIANCE AND YOUR RIGHTS
4.1 HIPAA Privacy Rule
As a HIPAA-covered entity, Vanguard Men's Health maintains all Protected Health Information in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Your PHI is protected under the HIPAA Privacy Rule (45 CFR §§ 164.100-164.534).
A. Access Your Medical Records
• Request a copy of your medical records within 30 days
• Access your records in electronic format if stored electronically
• Obtain records at reasonable cost (copying and shipping fees may apply)
• Request records be sent directly to another healthcare provider
B. Request Corrections
• Amend inaccurate or incomplete information in your medical record
• Submit corrections in writing with supporting documentation
• Receive acknowledgment of requests within 60 days
• Request your amendment be noted in your record if we disagree with the correction
C. Request Restrictions on Use and Disclosure
• Request limitations on how your PHI is used or disclosed
• Request that we not disclose information to your health insurance plan for payment if you pay out-of-pocket for specific services
• We will honor reasonable requests, though we are not required to agree to all restrictions
D. Receive Confidential Communications
• Request that we contact you only at specific addresses or phone numbers
• Request communications in alternative formats (encrypted email, sealed envelopes, etc.)
E. Request an Accounting of Disclosures
• Receive a detailed list of all disclosures of your PHI made for non-treatment purposes
• Receive disclosures in writing within 60 days of request
• Request accounting for up to six years prior (longer if required by law)
• Receive one free accounting per 12-month period; additional requests may incur reasonable fees
F. Opt-Out of Marketing and Fundraising
• Request removal from any marketing or fundraising lists
• Opt-out of communications for promotional purposes
G. File a Privacy Complaint
• Contact us with privacy concerns (Section 12)
• File a complaint with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights without penalty or retaliation
4.3 How to Exercise Your Rights
To exercise any of these rights:
1. Submit a written request to our Privacy Officer (contact information in Section 12)
2. Clearly specify which right you are requesting
3. Provide your full legal name, date of birth, and medical record number
4. Include any supporting documentation if requesting amendments
5. We will respond within 30-60 days depending on the request type
5. DISCLOSURE OF YOUR INFORMATION
5.1 Permitted Disclosures WITHOUT Authorization
Your PHI may be disclosed without your authorization only in the following circumstances:
A. Treatment: To healthcare providers involved in your care (with coordination of care)
B. Payment: To insurance companies, billing agencies, and healthcare clearinghouses for claims processing
C. Healthcare Operations: To staff members who need information to provide services, conduct quality assurance, or meet accreditation requirements
D. Legal Requirement: When disclosure is required by law, regulation, or court order:
• Public health authorities (disease reporting, epidemiological investigation)
• Law enforcement (with proper legal process)
• Correctional institutions (if you are incarcerated)
• Military commanders (if you are military personnel)
• Organ procurement organizations (for transplant purposes)
• Emergency circumstances (when necessary to prevent serious harm)
• Workers' compensation authorities
E. Business Associates: To contractors and service providers who have signed a Business Associate Agreement (BAA) requiring HIPAA compliance:
• Laboratory testing services
• Pharmacy fulfillment partners
• Billing and collection agencies
• IT support and data hosting providers
• Appointment scheduling and patient management platforms
F. Abuse, Neglect, or Domestic Violence: To appropriate authorities when required or permitted by law
G. Health Oversight Activities: To regulatory, licensing, and accreditation agencies for compliance audit
5.2 Disclosures WITH Your Authorization
Except as permitted above, we will ONLY disclose your PHI if you provide written authorization. You may authorize disclosure to:
• Family members or designees
• Attorneys or legal representatives
• Previous or subsequent healthcare providers
• Employers or educational institutions
• Insurance companies (beyond claims processing)
• Any other party you specify
Authorization Requirements:
• Must be in writing and clearly signed by you
• Must specify what information may be disclosed
• Must identify the recipient of the information
• Must include an expiration date
• May be revoked at any time in writing
5.3 Conditions Where We Will NOT Disclose
We will NOT disclose your PHI:
• To marketing companies or advertisers without explicit written consent
• To data brokers or aggregators
• For sale or commercial purposes
• To your employer or insurance company without authorization (except as required by law)
• To relatives, friends, or other third parties without your authorization
• For any purpose unrelated to your treatment, payment, or healthcare operations
6. DATA SECURITY AND PROTECTION
6.1 Administrative Safeguards
• Role-based access controls limiting staff access to minimum necessary information
• Employee training on HIPAA and privacy practices (required annually)
• Background checks for all personnel with access to PHI
• Written policies and procedures governing information security
• Access logs and audit trails monitoring information access
• Secure email communication using encryption for PHI
6.2 Physical Safeguards
• Secure facilities with controlled access (badges, locks)
• Surveillance monitoring of sensitive areas
• Secure document storage and destruction protocols
• Workstation security standards
• Proper disposal of equipment containing PHI (certified data destruction)
6.3 Technical Safeguards
• Encryption of all data in transit (SSL/TLS 256-bit minimum) and at rest (AES-256 minimum)
• Firewalls and intrusion detection/prevention systems
• Regular vulnerability assessments and penetration testing
• Secure authentication requiring strong passwords and multi-factor authentication
• Regular security patches and software updates
• Data backup and disaster recovery systems
• Encrypted connections for all patient portal access
• Regular security audits by third-party firms
6.4 Limitations
While we implement industry-standard security measures, no system is 100% secure. We cannot guarantee absolute security of any information transmitted over the internet. You use our services and transmit information at your own risk. However, we are committed to continuous improvement of our security infrastructure.
7. SMS MESSAGING, A2P 10DLC COMPLIANCE, AND TCPA
7.1 SMS Communication Purpose and Consent
Vanguard Men's Health uses SMS (text messaging) to communicate with patients regarding:
• Appointment scheduling, confirmation, and reminders
• Test result notifications
• Prescription refill reminders
• Important clinical updates or changes to treatment plans
• General account or appointment-related administrative information
IMPORTANT: You are consenting to receive text messages only for healthcare-related communications directly related to your treatment. We will NOT use SMS for marketing, promotional, or unsolicited commercial purposes without separate explicit written consent.
When you provide your phone number to Vanguard Men's Health:
1. You acknowledge that you understand you may receive text messages from us
2. You affirmatively consent to receive text messages at the number you provide
3. You confirm you are the person authorized to use that phone number
4. You confirm that you have reviewed this section of our Privacy Policy
7.2 A2P 10DLC Registration Compliance
We maintain A2P 10DLC (Application-to-Person 10-Digit Long Code) registration as required by U.S. carriers. This registration ensures:
• Legitimate business SMS communications
• Message delivery reliability
• Compliance with carrier regulations
• Accountability and transparency in messaging practices
Our A2P registration documents and messaging policies are maintained with carrier networks and are available for regulatory review.
7.3 TCPA Compliance (Telephone Consumer Protection Act)
Our SMS practices comply fully with the Telephone Consumer Protection Act (47 U.S.C. § 227) and FCC regulations:
A. Consent Requirements
• Healthcare treatment messages require prior express consent (not prior express written consent)
• Healthcare-related appointment confirmations, wellness communications, and treatment notifications are exempt from certain TCPA requirements when sent by a HIPAA-covered entity
• You are providing prior express consent to receive healthcare-related text messages by providing your phone number and acknowledging this Policy
B. Messaging Restrictions
• Messages are sent only during reasonable hours (8:00 AM – 9:00 PM recipient's local time)
• Messages are sent ONLY for healthcare treatment, appointment-related communications, or patient-requested information
• Messages do NOT include unsolicited advertising, marketing, or telemarketing content
C. Identification Requirements
• Each message clearly identifies Vanguard Men's Health as the sender
• Messages include a clear mechanism to opt-out of receiving future SMS
D. Opt-Out Rights
• You may opt-out of receiving text messages at any time by:
o Replying "STOP" to any text message
o Contacting us directly (see Section 12)
o Updating your communication preferences in your patient portal
• Upon receipt of opt-out request, we will cease SMS communication within 24 hours
• Opt-out does NOT apply to messages required for treatment (such as urgent clinical notifications)
E. Quiet Hours Compliance
• We do not send marketing or promotional texts before 8:00 AM or after 9:00 PM in your local time zone
• Healthcare-related urgent clinical notifications may be sent at any time if medically necessary
F. Prohibited Messages
• No artificial voice or prerecorded messages
• No messages using automatic telephone dialing systems (ATDS) except as permitted for healthcare purposes
• No messages to emergency services numbers
• No messages to numbers that have requested opt-out
7.4 Standard Message & Data Rates Apply
Text messaging uses your mobile device's standard text messaging service. Standard message and data rates from your wireless carrier may apply. Vanguard Men's Health is not responsible for any charges incurred by your mobile carrier for receiving text messages. Contact your wireless carrier if you have questions about your plan's text message rates.
7.5 Message Frequency
The frequency of text messages varies based on:
• Your appointment schedule
• Test result availability
• Prescription refill status
• Your individual treatment plan
You may receive approximately 1-4 text messages per week during active treatment, though frequency varies. Patients may request reduced frequency communications by contacting us.
8. COOKIES AND TRACKING TECHNOLOGIES
8.1 Use of Cookies
Our website uses "cookies" (small text files stored on your device) to:
• Remember your login information and session preferences
• Track your browsing patterns to improve site functionality
• Analyze website traffic and user behavior
• Personalize your experience
• Enable security and fraud detection
8.2 Types of Cookies
A. Essential Cookies: Required for website functionality (login, session management, security). Cannot be disabled.
B. Analytics Cookies: Track website usage and behavior to improve our site and services. You may disable these, though some functionality may be reduced.
C. Preference Cookies: Remember your settings and preferences.
8.3 Third-Party Tracking
We may use third-party analytics services (such as Google Analytics) that collect information about your website usage. These services have their own privacy policies, and we encourage you to review them.
8.4 Do Not Track
Some browsers include a "Do Not Track" feature. We honor Do Not Track signals where technically feasible, though we may continue to collect analytics data for operational purposes.
9. CHILDREN'S PRIVACY
Our services are not intended for individuals under 18 years of age. We do not knowingly collect information from minors. If we become aware that we have collected information from a minor, we will delete such information immediately. Parents or guardians who believe we have collected information from a minor should contact us immediately (Section 12).
10. TEXAS AND STATE-SPECIFIC PRIVACY
10.1 Texas Medical Board Requirements
As a telemedicine provider in Texas holding a current Texas Medical Board License, we comply with all requirements under Texas Medical Practice Act and Texas Board of Medicine rules:
• Patient information is maintained in confidential medical records
• Records are retained for minimum of 7 years from last patient encounter
• Records are securely destroyed and not resold
• Telemedicine consultations meet standard of care requirements
• Prescribing is based on proper medical evaluation
10.2 State Privacy Laws
We comply with all applicable state privacy laws including:
• California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) — if you are a California resident
• Virginia Consumer Data Protection Act (VCDPA) — if you are a Virginia resident
• Other state-specific privacy regulations — as applicable to your residence
11. DATA RETENTION AND DELETION
11.1 Retention Periods
Medical Records: Maintained for minimum of 7 years from final patient encounter per Texas Medical Board requirements and HIPAA standards. Records of minors retained until age of majority plus 7 years.
Billing Records: Retained for minimum of 7 years for tax and audit purposes.
System Backup: Maintained on secure servers for 30-90 days for disaster recovery purposes only.
Email Communications: Archived for minimum of 6 years per compliance requirements.
11.2 Secure Destruction
When retention periods expire:
• Paper records are shredded on-site by certified destruction services
• Electronic records are securely deleted using certified data destruction methods
• Backup systems are securely wiped
• Third-party service providers certify destruction
11.3 Right to Request Deletion
Subject to legal retention requirements, you may request deletion of your medical record by submitting written request to our Privacy Officer. We will honor deletion requests to extent permitted by law, though we must retain records required for:
• Ongoing treatment
• Legal/compliance obligations
• Tax/financial obligations (7 years minimum)
12. BREACH NOTIFICATION
12.1 Breach Definition
A "breach" is the unauthorized access, acquisition, use, or disclosure of Protected Health Information that compromises the security or privacy of the information.
12.2 Breach Notification Timeline
If a breach occurs affecting your PHI:
• You will be notified within 60 days of discovery of the breach
• Notification will be provided by mail to your last known address, or by email if you have consented to electronic communication
• Notification will include:
o Description of the breach
o Types of information involved
o Steps you should take to protect yourself
o What Vanguard Men's Health is doing to investigate and prevent recurrence
o Contact information for questions
12.3 Reporting to Authorities
We will notify:
• U.S. Department of Health and Human Services (HHS) within 60 days if 500+ individuals affected
• Appropriate law enforcement if evidence of criminal activity
• Media outlets if 500+ individuals in same jurisdiction affected
13. BUSINESS ASSOCIATES AND THIRD PARTIES
13.1 Business Associate Agreements
Any third party that handles your PHI is required to sign a Business Associate Agreement (BAA) committing to the same privacy and security protections required of us. Our current business associates include:
• Laboratory testing services (for hormone and health assessments)
• Pharmacy partners (for medication fulfillment and delivery)
• Secure patient portal and telemedicine platform providers
• Electronic health record (EHR) hosting and IT support
• Billing and collections agencies
• GoHighLevel CRM and SMS platform (A2P 10DLC messaging)
13.2 Your PHI with Business Associates
When we share your information with business associates:
• Sharing is limited to minimum necessary information
• Business associates agree to HIPAA compliance
• We remain responsible for their use of your information
• Business associates may not use your information for their own purposes
13.3 Links to Third-Party Sites
Our website may contain links to third-party websites. We are not responsible for the privacy practices of third-party sites. We encourage you to review their privacy policies before providing any information.
14. INTERNATIONAL USERS
Our services are intended for U.S. patients only. If you access our site from outside the United States, you assume all liability and risks. We do not knowingly provide services to individuals outside the U.S. and comply with U.S. healthcare regulations only.
15. AMENDMENTS TO THIS PRIVACY POLICY
15.1 Policy Changes
We reserve the right to modify this Privacy Policy at any time. Changes will be:
• Posted on our website with updated "Last Updated" date
• Effective immediately upon posting
• Communicated to patients via email or patient portal notification if material changes occur
Material Changes (affecting patient rights or our obligations) will be communicated directly to you.
15.2 Your Continued Use
Continued use of our services after policy changes constitutes your acceptance of the updated Privacy Policy.
16. CONTACT INFORMATION
16.1 Privacy Officer and Data Protection Contact
Questions, Requests, or Concerns?
Vanguard Men's Health Privacy Officer
Mailing Address:
Vanguard Men's Health
6160 Warren Parkway Suite 100
Frisco, TX 75034
Email:
[email protected]
Phone:
[Business phone number]
Response Time: We will respond to privacy inquiries within 30 business days.
File a HIPAA Complaint:
U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: (202) 619-0257
Website: https://www.hhs.gov/ocr/privacy/hipaa/complaints/
You may file a privacy complaint with HHS without fear of retaliation.
17. ACKNOWLEDGMENT
By using Vanguard Men's Health services and/or accessing our website, you acknowledge that:
1. You have read and understood this Privacy Policy
2. You consent to collection and use of your information as described
3. You consent to receive SMS messages as described in Section 7
4. You understand your HIPAA rights as outlined in Section 4
5. You understand our privacy and security practices
END OF PRIVACY POLICY
Vanguard Men's Health
Vanguard Men’s Health specializes in personalized, physician-led hormone optimization and men’s wellness care. We combine medical expertise, advanced diagnostics, and a patient-first approach to help men restore energy, confidence, and long-term health—without insurance hassles or rushed appointments.
Links
© 2026 Vanguard Men's Health. All rights reserved.