Privacy Policy

Heart Rhythm Center
Last updated: [Jan,02, 2026]

1. Who We Are

Heart Rhythm Center (“we,” “us,” or “our”) is a medical practice specializing in cardiac electrophysiology and heart rhythm care, located in Philadelphia, Pennsylvania, USA.

Contact:

  • Address: 2301 E Allegheny Ave, Suite 140, Philadelphia, PA 19134
  • Phone: (267) 457-3977 / +1 (267) 457-3977
  • Email: info@hrphl.com
  • Website: hrphl.com

This Privacy Policy explains how we collect, use, disclose, and protect information, including any medical and personal information, in accordance with applicable U.S. federal law (including HIPAA where applicable), Pennsylvania law, and local regulations.

2. Scope of This Policy

This Policy applies to information we collect:

  • On our website hrphl.com
  • Through online forms (e.g., appointment requests, contact forms)
  • Through patient portals or electronic medical record systems we provide access to
  • By phone, email, or other electronic communications you send to us

For clinical care, insurance billing, and medical records, additional federal and state healthcare privacy laws (including HIPAA and related regulations) may apply. When those laws offer stronger protections than this Policy, they control.

3. Information We Collect

3.1 Personal Information

We may collect the following types of personal information:

  • Identifiers: name, date of birth, mailing address, email address, phone number
  • Account information: usernames or identifiers used to access patient portals or online services
  • Insurance and billing information: insurance carrier, policy numbers, billing address, payment information (processed through secure third‑party payment processors; we do not store full credit card numbers)

3.2 Medical / Health Information (Protected Health Information, “PHI”)

In connection with providing medical services, we may collect:

  • Medical history, diagnoses, medications, allergies, lab and test results
  • Heart rhythm and cardiovascular data, including ECG/EKG, monitoring reports, and implantable device data
  • Treatment plans, clinical notes, and records of visits
  • Referring physician and other healthcare provider information

This information is protected by federal and state law. We handle PHI in accordance with applicable law, including HIPAA where it applies. You may also receive a separate “Notice of Privacy Practices” describing how we use and disclose PHI for treatment, payment, and healthcare operations.

3.3 Technical and Usage Information

When you visit our website, we may automatically collect:

  • Log and usage data: IP address, browser type, device type, pages viewed, date and time of visits, referring URLs
  • Cookies and similar technologies: small text files stored on your device to recognize your browser, remember preferences, and analyze site usage

You can control cookies through your browser settings. Disabling some cookies may affect site functionality.

4. How We Use Your Information

We may use your information to:

  • Provide medical care, schedule appointments, and manage your treatment
  • Communicate with you regarding appointments, test results (where permitted), and care instructions
  • Verify insurance eligibility and process claims, billing, and payments
  • Operate, maintain, and improve our website, patient portals, and online services
  • Respond to inquiries, requests, and messages you send us
  • Comply with legal and regulatory requirements, including public health reporting and mandatory disclosures
  • Protect the security and integrity of our systems, prevent fraud or abuse, and enforce our policies

We do not sell your personal information or PHI.

5. How We Share Information

We may share your information as permitted or required by law, including:

  • With healthcare providers and facilities involved in your care (e.g., referring or consulting physicians, hospitals, laboratories, imaging centers, pharmacies).
  • With your health insurance company and billing entities for coverage verification, authorization, claims processing, and payment.
  • With service providers and business associates who perform services on our behalf (e.g., electronic medical record vendors, IT and security providers, billing services, email and texting systems). These parties are required to safeguard your information and use it only for contracted purposes.
  • When required by law or for safety, such as reporting certain diseases to public health authorities, responding to valid court orders, subpoenas, or government requests, or when necessary to prevent or lessen a serious and imminent threat to health or safety.
  • With your authorization, where required, for uses or disclosures not otherwise permitted by law.

We do not share PHI for marketing purposes without your explicit authorization where required by law.

6. Data Security

We use reasonable physical, administrative, and technical safeguards to protect personal information and PHI, including:

  • Access controls and authentication for staff and systems
  • Encryption and secure transmission where appropriate
  • Regular updates and monitoring of systems for vulnerabilities

However, no system is completely secure. We cannot guarantee absolute security of information transmitted over the internet. You are responsible for maintaining the confidentiality of any portal credentials and for logging out of secure sessions when using shared devices.

7. Data Retention

We retain medical records and related information for the periods required by applicable federal and Pennsylvania laws and professional standards.
Non‑medical website data may be retained for as long as necessary to fulfill the purposes outlined in this Policy, comply with legal obligations, resolve disputes, and enforce our agreements.

8. Your Rights

Depending on the context and applicable law, you may have the right to:

  • Access and obtain a copy of your medical records and other information we maintain about you
  • Request corrections to your medical records or personal information if you believe they are inaccurate or incomplete
  • Request restrictions on certain uses and disclosures of your information (we will review such requests in accordance with applicable laws and are not always required to agree)
  • Request communications by alternative means or at alternative locations (e.g., at a different address or phone number)
  • Receive an accounting of certain disclosures of your PHI
  • Receive notice if there is a breach of your unsecured PHI, as required by law

To exercise these rights, contact us using the information in Section 1. Certain requests may need to be submitted in writing, and we may need to verify your identity.

9. Children’s Privacy

Our clinical services are provided to patients as permitted under applicable medical and consent laws. Our website is not intended to collect information from children under 13 without the consent of a parent or legal guardian. If you believe we have collected information from a child under 13 via the website without proper consent, please contact us so we can take appropriate action.

10. Third‑Party Websites and Services

Our website may contain links to third‑party sites or services (for example, external patient portals, payment processors, educational resources). We are not responsible for the privacy practices, content, or security of these third parties. We encourage you to review the privacy policies of any third‑party sites or services you use.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or technology. When we make material changes, we will update the “Last Updated” date at the top of this page and, where required, provide additional notice.

12. Contact Information

If you have questions about this Privacy Policy, our privacy practices, or your rights, please contact us at:

Heart Rhythm Center
2301 E Allegheny Ave, Suite 140
Philadelphia, PA 19134
Phone: (267) 457-3977 / +1 (267) 457-3977
Email: info@hrphl.com
Website: hrphl.com