Privacy Policy

Privacy Policy

Effective Date: January 1, 2017

Tristar Physical Therapy (“Tristar,” “we,” “our,” or “us”) is committed to protecting the privacy and security of your personal and health information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, communicate with us, or receive services from us.

1. Information We Collect

We may collect the following types of information:

A. Personal Information

  • Name, address, phone number, email address
  • Date of birth
  • Emergency contact information

B. Health Information (Protected Health Information – PHI)

  • Medical history
  • Diagnosis and treatment information
  • Therapy notes and outcomes
  • Insurance and billing information

C. Technical and Usage Information

  • IP address
  • Browser type
  • Device information
  • Website usage data (via cookies and analytics tools)

2. How We Use Your Information

We use your information to:

  • Provide physical and occupational therapy services
  • Schedule and manage appointments
  • Communicate with you regarding care (email, phone, SMS)
  • Process insurance claims and billing
  • Improve our services and website functionality
  • Comply with legal and regulatory requirements

3. HIPAA Notice of Privacy Practices

As a healthcare provider, Tristar complies with the Health Insurance Portability and Accountability Act (HIPAA).

Your Protected Health Information (PHI) may be used and disclosed for:

  • Treatment
  • Payment
  • Healthcare operations

You have rights under HIPAA, including:

  • Access to your records
  • Request corrections
  • Request restrictions on disclosures
  • Receive an accounting of disclosures

For more detailed information about your HIPAA rights, please contact us directly.

4. How We Share Your Information

We may share your information with:

  • Healthcare providers involved in your care
  • Insurance companies and billing processors
  • Business associates (e.g., EMR systems, IT providers)
  • Government authorities when required by law

All third-party vendors handling PHI are required to comply with HIPAA and sign Business Associate Agreements (BAAs) where applicable.

5. Microsoft 365 and Third-Party Services

We use third-party services, including but not limited to:

  • Microsoft 365 (email, scheduling, communication tools)
  • Electronic Medical Record (EMR) systems
  • Payment processors
  • Website hosting and analytics tools

These providers may process your information on our behalf and are required to maintain appropriate security and privacy safeguards.

6. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to:

  • Improve user experience
  • Analyze website traffic
  • Optimize performance

You can adjust your browser settings to refuse cookies; however, some features of the site may not function properly.

7. Data Security

We implement administrative, technical, and physical safeguards to protect your information, including:

  • Secure EMR systems
  • Encrypted communications where applicable
  • Access controls and authentication protocols

Despite these measures, no system is 100% secure.

8. Data Retention

We retain your information:

  • As required by healthcare regulations
  • As necessary for treatment, billing, and legal compliance
  • In accordance with state and federal record retention laws

9. Your Privacy Rights

Depending on your location, you may have rights to:

  • Access your personal data
  • Request correction or deletion
  • Restrict or object to processing
  • Request data portability

To exercise these rights, contact us using the information below.

10. Children’s Privacy

We provide services to minors with parental or guardian consent. We do not knowingly collect information from children without appropriate authorization.

11. Changes to This Policy

We may update this Privacy Policy periodically. Updates will be posted on this page with a revised effective date.

12. Contact Information

If you have questions about this Privacy Policy or your data, contact:

Tristar Physical Therapy
Email: privacy@tristarpt.com
Phone: 423-317-7772
Address: 325 W Morris Blvd. STE B, Morristown, TN 37813

SMS Messaging Terms

By providing your mobile phone number, you consent to receive SMS text messages from Tristar Physical Therapy related to appointments, scheduling, patient care, billing, and customer support. Message frequency may vary. Message and data rates may apply. Reply STOP to opt out at any time or HELP for assistance. Consent is not a condition of treatment or purchase.

We do not sell or share mobile phone information with third parties for marketing purposes.