Privacy Policy for Virtual Concierge MD

Home

Last Updated: 25 Aug 2025

Privacy Policy

Effective Date: August 25, 2025

Last Updated: August 25, 2025

1. Introduction

Virtual Concierge MD ("we," "us," "our," or the "Company"), operated by Theressia L. Washington, MD, P.C. and doing business as TessMD, is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our telemedicine services, website, mobile applications, SMS services, and patient portal (collectively, the "Services").

This Privacy Policy applies to all users of our Services, including patients ranging from pediatric to geriatric care. By using our Services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Services.

2. Services We Offer

Virtual Concierge MD provides comprehensive telemedicine services including:

  1. Primary Care Services: General medical care for all ages
  2. Testosterone Replacement Therapy (TRT): Hormone optimization and monitoring
  3. Medical Weight Loss Programs: Including GLP-1 medications and comprehensive weight management
  4. Sexual Health & Wellness: Confidential treatment for sexual health conditions
  5. Urgent Care Services: On-demand medical care for non-emergency conditions
  6. Virtual Second Opinions: Expert specialist consultations for complex medical conditions

3. Age Requirements and Pediatric Services

3.1 Age Restrictions by Service Type

General Medical Care:

  1. Available for patients from newborn through geriatric ages
  2. Patients under 18 require parental or guardian consent
  3. Parent or guardian must be present during all consultations for minors

Mental Health Services:

  1. Available for patients ages 10-17 with parental consent
  2. Not available for behavioral health conditions requiring specialized pediatric psychiatry

Specialized Services:

  1. Testosterone Replacement Therapy: Ages 18 and older only
  2. Medical Weight Loss Programs: Ages 18 and older only
  3. Sexual Health Services: Ages 18 and older only
  4. Primary Care Memberships: Ages 18 and older only

3.2 COPPA Compliance

In compliance with the Children's Online Privacy Protection Act (COPPA):

  1. We do not knowingly collect personal information from children under 13 without verifiable parental consent
  2. Parents must create and manage accounts for children under 18
  3. We implement age verification mechanisms to prevent unauthorized access by minors

3.3 Adolescent Privacy Rights (Ages 13-17)

While adolescents ages 13-17 require parental consent for our Services, we recognize their developing privacy rights:

  1. Certain state laws may permit adolescents to consent to specific health services independently
  2. We maintain confidentiality as required by applicable state laws
  3. Parents will be informed of privacy limitations based on state regulations

4. Information We Collect

4.1 Personal Information

We collect information you provide directly to us, including:

Account Information:

  1. Name, date of birth, gender
  2. Contact information (address, phone number, email)
  3. Government-issued identification for identity verification
  4. Insurance information (if applicable)
  5. Emergency contact information

Health Information:

  1. Medical history and current medications
  2. Symptoms and health concerns
  3. Laboratory results and diagnostic imaging
  4. Biometric data (blood pressure, weight, heart rate)
  5. Treatment preferences and care goals
  6. Mental health information

Payment Information:

  1. Credit/debit card information
  2. Billing address
  3. Transaction history

4.2 Automatically Collected Information

Device and Usage Data:

  1. IP address and device identifiers
  2. Browser type and operating system
  3. Mobile device information
  4. Usage patterns and preferences
  5. Location data (with your consent)

Telehealth Session Data:

  1. Video and audio during consultations
  2. Session timestamps and duration
  3. Technical quality metrics

4.3 SMS Communication Data

When you opt into our SMS services, we collect:

  1. Mobile phone number
  2. Carrier information
  3. Opt-in date, time, and method
  4. Message delivery confirmations
  5. Opt-out requests
  6. Response data to our messages

4.4 Biometric Data Collection

We may collect biometric data through:

  1. Facial recognition for identity verification
  2. Voice recordings during telehealth sessions
  3. Health monitoring device data (with your consent)
  4. At-home testing kit results

4.5 Artificial Intelligence and Automated Processing

We use AI and machine learning technologies to:

  1. Assist in symptom assessment and triage
  2. Analyze health trends and patterns
  3. Improve diagnostic accuracy
  4. Personalize treatment recommendations
  5. Detect potential drug interactions

5. How We Use Your Information

5.1 Healthcare Operations

We use your information to:

  1. Provide telemedicine consultations and medical treatment
  2. Process prescriptions and coordinate with pharmacies
  3. Communicate with you about your care
  4. Send appointment reminders via SMS (with your consent)
  5. Process payments and insurance claims
  6. Maintain and improve our Services
  7. Send health alerts and medication reminders via SMS (with your consent)

5.2 SMS Communications

With your explicit consent, we use your phone number to:

  1. Send appointment reminders and confirmations
  2. Notify you of prescription readiness
  3. Alert you to lab results availability (not the results themselves)
  4. Provide health tips and wellness updates
  5. Send promotional offers and discounts
  6. Deliver customer care messages
  7. Notify you of order shipments

All SMS communications:

  1. Include opt-out instructions
  2. Are sent between 8 AM - 9 PM local time (except emergencies)
  3. Comply with TCPA regulations
  4. Can be stopped at any time by texting STOP

5.3 Legal and Regulatory Compliance

We use your information to:

  1. Comply with healthcare regulations including HIPAA
  2. Report to prescription monitoring programs as required by law
  3. Respond to legal processes and government requests
  4. Prevent fraud and ensure Service security
  5. Meet state-specific telemedicine requirements
  6. Comply with TCPA and CTIA messaging guidelines

5.4 Research and Analytics

With appropriate safeguards, we may use de-identified information for:

  1. Medical research and clinical studies
  2. Quality improvement initiatives
  3. Population health management
  4. Service enhancement and development

6. How We Share Your Information

6.1 Healthcare Providers and Medical Staff

We share your health information with:

  1. Licensed physicians providing your care
  2. Clinical support staff involved in your treatment
  3. Specialists for consultations and second opinions
  4. Your designated primary care physician (with your consent)

6.2 Third-Party Service Providers

We work with trusted third parties including:

Pharmacy Partners:

  1. Licensed pharmacies for prescription fulfillment
  2. Compounding pharmacies for specialized medications
  3. Prescription benefit managers

Laboratory Services:

  1. CLIA-certified laboratories for diagnostic testing
  2. At-home testing kit providers
  3. Diagnostic imaging centers

Technology Partners:

  1. Telehealth platform providers (with signed Business Associate Agreements)
  2. Electronic health record systems
  3. Payment processors (PCI-DSS compliant)
  4. Cloud storage providers (HIPAA-compliant)
  5. SMS service provider (RingCentral - with Business Associate Agreement)

6.3 Legal Disclosures

We may disclose your information when required by law:

  1. Court orders and subpoenas
  2. Law enforcement requests (with appropriate legal process)
  3. Public health authorities
  4. Healthcare oversight agencies
  5. To prevent serious threats to health or safety

6.4 SMS Service Providers

We share limited information with RingCentral for SMS delivery:

  1. Phone number
  2. Message content
  3. Delivery confirmations All sharing is governed by a Business Associate Agreement ensuring HIPAA compliance.

7. International Users and Cross-Border Data Transfers

7.1 GDPR Compliance

For users in the European Union, we provide additional protections:

  1. Legal basis for processing (consent or legitimate interests)
  2. Right to data portability
  3. Right to restriction of processing
  4. Right to object to processing
  5. Right to lodge complaints with supervisory authorities

7.2 International Data Transfers

When transferring data internationally, we use:

  1. Standard Contractual Clauses approved by the European Commission
  2. Appropriate technical and organizational safeguards
  3. Encryption for all data transfers

8. Data Security and Retention

8.1 Security Measures

We implement comprehensive security measures including:

  1. End-to-end encryption for all telehealth sessions
  2. Multi-factor authentication for account access
  3. Regular security assessments and penetration testing
  4. Employee training on privacy and security
  5. Incident response and breach notification procedures
  6. Secure SMS gateway with encryption

8.2 Data Retention

We retain your information for:

  1. Medical records: As required by applicable state laws (typically 7-10 years)
  2. Account information: Duration of your relationship with us plus legal retention period
  3. Payment records: As required for tax and accounting purposes
  4. SMS consent records: Minimum 4 years per TCPA requirements
  5. De-identified data: Indefinitely for research and analytics

9. Your Privacy Rights

9.1 Access and Correction Rights

You have the right to:

  1. Access your personal and health information
  2. Request corrections to inaccurate information
  3. Receive your information in a portable format
  4. Request an accounting of disclosures

9.2 California Privacy Rights (CCPA/CPRA)

California residents have additional rights to:

  1. Know what personal information we collect
  2. Delete personal information (subject to legal exceptions)
  3. Opt-out of the sale of personal information (we do not sell personal information)
  4. Limit use of sensitive personal information
  5. Non-discrimination for exercising privacy rights

9.3 Marketing and Communications

You may opt-out of:

  1. Marketing emails by clicking "unsubscribe"
  2. Text messages by replying "STOP" to any SMS
  3. Push notifications through your device settings

SMS Opt-Out: Text STOP to any message to immediately stop all SMS communications. You will receive a confirmation that you've been opted out.

SMS Opt-In: After opting out, text START to resume SMS communications.

9.4 SMS-Specific Rights

You have the right to:

  1. Opt out of SMS at any time by texting STOP
  2. Request help by texting HELP
  3. Know the frequency of messages (up to 10 per month)
  4. Be informed of any charges (message and data rates may apply)
  5. File complaints about unwanted messages

10. Third-Party Websites and Applications

Our Services may contain links to third-party websites and applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any information.

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically. We will notify you of material changes by:

  1. Posting the updated Privacy Policy on our website
  2. Sending email notifications to registered users
  3. Sending SMS notifications (if opted in) for significant changes
  4. Requiring acknowledgment for continued use of Services

12. Contact Information

For questions about this Privacy Policy or to exercise your privacy rights, contact us at:

Privacy Officer

Virtual Concierge MD / TessMD

9663 Santa Monica Blvd, Suite 957

Beverly Hills, CA 90210

Email: privacy@virtualconciergemd.com

Phone: (310) 275-8377

Website: virtualconciergemd.com

Legal Center: https://legalcenter.virtualconciergemd.com

HIPAA Complaints: You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights.

SMS Complaints: For SMS-related issues, you may also file complaints with:

  1. Federal Communications Commission (FCC)
  2. Your state attorney general
  3. CTIA by forwarding unwanted messages to 7726 (SPAM)

13. SMS Privacy Addendum

This section provides additional details about our SMS practices:

Message Types

  1. Transactional: Appointment reminders, prescription notifications
  2. Promotional: Special offers, wellness tips (with separate consent)
  3. Customer Care: Follow-ups, satisfaction surveys

Carrier Compatibility

Our SMS service works with all major US carriers including AT&T, Verizon, T-Mobile, Sprint, and others.

No Sharing for Marketing

We never share your phone number with third parties for their marketing purposes.

Frequency Control

You control message frequency through your preferences. Default is up to 10 messages per month.

By using our Services, you acknowledge that you have read and understood this Privacy Policy and agree to be bound by its terms.

For a complete description of how we use and disclose your health information for treatment, payment, and healthcare operations, please see our Notice of Privacy Practices available at https://legalcenter.virtualconciergemd.com



On this Page
Contents 1. Introduction 2. Services We Offer 3. Age Requirements and Pediatric Services 4. Information We Collect 5. How We Use Your Information 6. How We Share Your Information 7. International Users and Cross-Border Data Transfers 8. Data Security and Retention 9. Your Privacy Rights 10. Third-Party Websites and Applications 11. Changes to This Privacy Policy 12. Contact Information 13. SMS Privacy Addendum

© 2025 Virtual Concierge MD

...