RhodesMed

Privacy Policy

Effective May 15, 2026 · Last updated July 9, 2026

RhodesMed PLLC (“RhodesMed,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we collect, use, disclose, and protect information when you visit our website, communicate with us, sign up for updates, interact with our advertising, or access links to our patient intake and patient management tools. It applies to all RhodesMed brands, including Sippa by RhodesMed, RhodesMed MEN, and RhodesMed Hair Restoration.

RhodesMed is a physician-led medical practice serving eligible adult patients located in Utah. This Privacy Policy applies to information collected through rhodesmed.com, related landing pages, website forms, emails, texts, advertising, and other digital interactions that link to this Privacy Policy.

This Privacy Policy does not replace our HIPAA Notice of Privacy Practices. Medical information created, received, maintained, or transmitted by RhodesMed in connection with your care may be protected health information under HIPAA. If this Privacy Policy conflicts with our duties under HIPAA or our HIPAA Notice of Privacy Practices, our HIPAA obligations and that Notice will control.

1. Information We Collect

We may collect information directly from you, automatically through website technologies, and from third-party service providers.

Information you provide to us

You may provide information when you:

  • Visit our website
  • Click “Get Started”
  • Contact us by email, phone, text, website form, or another communication channel
  • Sign up for emails, newsletters, or marketing updates
  • Interact with our advertisements
  • Schedule or begin intake through Healthie
  • Request information about RhodesMed services
  • Submit feedback, questions, or requests

The information you provide may include your name, email address, phone number, state of residence, communication preferences, marketing preferences, general questions or comments, information you voluntarily include in messages to us, and appointment or intake-related information if you choose to begin the patient process.

Please avoid sending sensitive medical details through ordinary website contact forms or general email unless specifically directed to do so through a secure channel. Patient intake and medical communications should occur through Healthie or another secure system provided by RhodesMed.

Information collected through Healthie

RhodesMed uses Healthie as its electronic health record and patient management system. If you begin intake, schedule a visit, complete forms, sign consents, communicate with the care team, or access patient services through Healthie, the information you provide may be collected and processed through Healthie.

Information collected through Healthie may include health information, intake responses, demographic information, billing information, consent forms, clinical notes, prescriptions, lab information, and patient communications.

Information collected in connection with patient care is subject to HIPAA and our HIPAA Notice of Privacy Practices.

Information collected automatically

When you visit our website, we may automatically collect certain information, such as:

  • IP address
  • Browser type, device type, and operating system
  • Pages viewed and links clicked
  • Referring website
  • Date and time of visit
  • General location derived from IP address
  • Website interactions and usage patterns
  • Advertising and analytics identifiers
  • Cookies and similar technologies

We do not use tracking technologies to collect protected health information, and we do not transmit protected health information to advertising or analytics vendors.

We do not place advertising or analytics tracking technologies on our patient intake pages or on the patient portal.

Information from third parties

We may receive information from third-party service providers, such as website hosting providers, analytics providers, advertising platforms, email marketing platforms, SMS or text messaging providers, our patient management system, payment processors, pharmacy, lab, or clinical service partners when applicable, and security, fraud prevention, and technical support providers.

2. How We Use Information

We may use information for the following purposes.

To provide and support our services

We may use information to respond to questions, help you begin intake, route you to Healthie or another secure patient system, schedule visits, manage patient communications, support care coordination, process payments, send administrative messages, provide patient support, and improve access to RhodesMed services.

To communicate with you

We may use your information, including through Healthie or other approved communication systems, to send or support:

  • Appointment-related messages
  • Intake reminders
  • Account or patient portal reminders
  • Payment reminders
  • Service updates
  • Patient care communications
  • Refill or follow up reminders
  • Text messages about your care and your account
  • Email newsletters and educational content, if you sign up for them
  • Marketing emails, if you sign up for them

You can unsubscribe from marketing emails using the unsubscribe link in the email. You may opt out of text messages by contacting us at [email protected]. RhodesMed does not send marketing text messages.

Even if you opt out of marketing communications, we may still send non-marketing messages related to appointments, intake, patient care, billing, account status, legal notices, safety-related matters, or other transactional or healthcare-related purposes.

To improve our website and services

We may use information to understand how visitors use our website, improve website performance, analyze marketing effectiveness, troubleshoot technical issues, develop new content and patient resources, improve user experience, and measure advertising campaigns.

For advertising and marketing

We may use limited website interaction data to measure advertising performance, understand which campaigns bring visitors to the website, improve landing pages, and show or measure relevant advertising.

We do not sell patient medical records. We do not use protected health information for targeted advertising.

For legal, safety, and compliance purposes

We may use information to comply with applicable laws and regulations, protect patient safety, detect or investigate fraud, misuse, or security issues, enforce our Terms of Use, protect the rights, safety, and property of RhodesMed, patients, users, clinicians, and others, maintain records as required by law, and respond to lawful requests, subpoenas, court orders, or government requests.

3. How We Share Information

We may share information with the following categories of recipients.

Service providers and vendors

We may share information with vendors who help us operate our website, communications, marketing, analytics, patient management, payment processing, scheduling, security, and support functions. These may include website hosting providers, analytics providers, advertising platforms, email marketing providers, SMS or text messaging providers, Healthie, payment processors, IT and security providers, customer support tools, and professional advisors.

These vendors may only use information as permitted by their agreements with us and applicable law. Vendors that create, receive, maintain, or transmit protected health information on our behalf are business associates under HIPAA and are bound by a Business Associate Agreement.

Clinical and operational partners

When clinically appropriate or necessary to provide services, information may be shared with RhodesMed clinicians, medical advisors, labs, pharmacies, compounding pharmacies, payment processors, patient management systems, and other healthcare providers involved in your care, when permitted.

Health information shared for treatment, payment, and healthcare operations is addressed in our HIPAA Notice of Privacy Practices.

Advertising and analytics partners

We may share limited website activity information from our public marketing pages with analytics and advertising partners to understand website performance and measure advertising.

We do not disclose protected health information to advertising or analytics partners. We do not run these technologies on intake pages or the patient portal.

Legal and safety disclosures

We may disclose information if we believe it is necessary to comply with law, respond to legal process, cooperate with regulators or law enforcement, protect patient safety, prevent fraud or abuse, protect our rights or property, enforce our policies, or investigate security incidents.

Business transfers

If RhodesMed or part of our business is involved in a merger, acquisition, financing, restructuring, sale of assets, or similar transaction, information may be transferred as part of that transaction, subject to applicable law.

4. Cookies, Analytics, and Advertising Technologies

Our public marketing pages may use cookies, pixels, tags, scripts, and similar technologies. These technologies may help keep the website functioning, understand visitor behavior, measure traffic and performance, improve website design, measure advertising campaigns, remember preferences, and prevent fraud or misuse.

You can control cookies through your browser settings. Some website features may not work properly if cookies are disabled.

Where we use analytics or advertising tools such as Google Analytics or Google Ads, those providers may use cookies and similar technologies to collect or receive information from our website and elsewhere on the internet to provide measurement services and advertising features.

We do not place these technologies on our patient intake pages or on the patient portal. Those pages are used to collect and transmit health information, and we keep advertising and analytics vendors out of them.

5. Health Information and HIPAA

Some information collected by RhodesMed is protected health information under HIPAA. Protected health information is handled in accordance with HIPAA and our HIPAA Notice of Privacy Practices.

Examples of information that may be protected health information include:

  • Patient intake information submitted through Healthie
  • Medical history and symptoms
  • Treatment plans
  • Prescriptions
  • Lab results
  • Clinical notes
  • Patient portal communications
  • Billing information related to healthcare services

Healthie is a business associate of RhodesMed. Protected health information you submit through intake forms and the patient portal is transmitted directly to Healthie under a Business Associate Agreement. It does not pass through our marketing website, and it is not stored in our website software.

Our website also collects information that is not protected health information under HIPAA, such as general website analytics, marketing preferences, or general contact requests. Health-related information can be sensitive even when it is not protected health information. We aim to treat health-related information with care and to limit collection, use, and disclosure to appropriate purposes.

6. Text Messages and Email Communications

Messages about your care and your account

RhodesMed uses Healthie, our electronic health record and patient portal, to communicate with patients by text message and email. Messages sent through Healthie support your care and your account, and may include intake, scheduling, appointment reminders, patient portal notifications, care coordination, billing, and refill or follow up reminders.

These messages are part of your treatment and the operation of your account. Message and data rates may apply. Message frequency may vary.

We do not send marketing text messages

RhodesMed does not send marketing or promotional text messages. The only text messages we send relate to your care and your account.

If this changes, we will update this Privacy Policy and obtain the consent required by law before sending any marketing text message.

Email

If you sign up for emails or newsletters, we may send educational or promotional emails. You may unsubscribe from marketing emails at any time using the unsubscribe link in the email.

Unsubscribing from marketing emails does not stop messages about your appointments, intake, patient care, billing, account status, legal notices, or safety-related matters.

Opting out of text messages

You may opt out of text messages at any time by contacting [email protected].

If you opt out, you may stop receiving appointment reminders, refill reminders, and other information you need for your care. Please tell us how you would prefer to be reached.

Security of text messages

SMS and text messaging may not be fully secure. Please avoid sending sensitive medical information by ordinary text message. Use the patient portal for clinical communication.

7. Payment Information

If you make a payment, payment information is processed by a third-party payment processor. We do not store full payment card information on our website.

Payment processors may collect and process your payment information according to their own privacy and security practices.

8. Data Security

We use reasonable administrative, technical, and physical safeguards designed to protect information from unauthorized access, loss, misuse, disclosure, alteration, or destruction.

No website, internet transmission, email, text message, or electronic storage system is completely secure. We cannot guarantee absolute security.

If you believe your information may have been compromised, please contact us at [email protected].

9. Data Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide services, maintain records, comply with legal obligations, resolve disputes, enforce agreements, support patient care, maintain business records, and improve website and service operations.

Medical records and patient information are retained according to applicable healthcare record retention laws and professional requirements.

10. Your Choices and Privacy Rights

Depending on where you live and applicable law, you may have rights to:

  • Request access to certain personal information
  • Request correction of inaccurate information
  • Request deletion of certain information
  • Opt out of certain marketing communications
  • Opt out of certain targeted advertising or cookie-based tracking
  • Request information about categories of information collected, used, or shared
  • Withdraw consent where processing is based on consent

To make a privacy request, contact us at [email protected].

We may need to verify your identity before responding. Some information may be exempt from deletion or access requests, including information we must keep for legal, medical, compliance, billing, security, or recordkeeping reasons.

If your request relates to protected health information or medical records, it will be handled under HIPAA and our HIPAA Notice of Privacy Practices, which provide their own rights of access and amendment.

11. Utah and State Privacy Notices

RhodesMed currently serves eligible adult patients located in Utah.

Certain state privacy laws may provide additional rights if they apply to us or to your information. Where they apply, we will honor legally required privacy rights. Information governed by HIPAA is generally exempt from state consumer privacy laws and is handled under HIPAA instead.

We do not sell personal information. We may use advertising and analytics technologies on our public marketing pages that some privacy laws define as targeted advertising or sharing. You may contact us at [email protected] to ask about available opt-out choices.

12. Children's Privacy

RhodesMed services are intended for adults only.

Our website and services are not directed to children or minors. We do not knowingly collect personal information from individuals under 18. If we learn that we have collected personal information from a minor without appropriate authorization, we will take steps to delete it or otherwise address it as required by law.

13. Third-Party Websites and Services

Our website may link to third-party websites or services, including Healthie, payment processors, labs, pharmacies, email platforms, or other tools.

We are not responsible for the privacy practices of third-party websites or services that we do not control. Please review the privacy policies of those third parties.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we update it, we will revise the last updated date above.

If changes are material, we may provide additional notice, such as by posting a notice on our website or contacting you through available communication channels.

Your continued use of the website after changes are posted means you acknowledge the updated Privacy Policy.

15. Contact Us

If you have questions about this Privacy Policy, our privacy practices, or your privacy choices, please reach out.

RhodesMed [email protected]

Care is provided by RhodesMed PLLC. Administrative services may be supported by 146 Holdings LLC.

For medical emergencies, call 911 or go to the nearest emergency department.