Last Updated: [December 15th, 2025 ]

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This Notice of Privacy Practices (“Notice”) describes how KZ Wellness, PLLC, its affiliates, and its licensed healthcare professionals (collectively, “KZ Wellness, PLLC,” “we,” “us,” or “our”) may use and disclose your Protected Health Information (PHI) and your rights regarding that information.

This Notice applies to all services provided by KZ Wellness, PLLC, including medical care, weight-management counseling, nutrition and education counseling, telehealth visits, and communications with affiliated providers, pharmacies, and therapy.

KZ Wellness, PLLC and its healthcare providers may share PHI with one another as necessary to provide treatment, obtain payment, and conduct healthcare operations in accordance with federal and Connecticut state privacy laws.

Protection of Your PHI

We are required by federal law (HIPAA) and Connecticut state law to maintain the privacy and security of your PHI — information that identifies you and relates to your past, present, or future physical or mental health, healthcare, or payment for services.
We must:

• Protect your PHI from unauthorized use or disclosure.
• Provide you with this Notice explaining our privacy practices.
• Follow the terms of this Notice as currently in effect.
• Notify you promptly if a breach occurs that may have compromised your PHI.

Uses and Disclosures of Protected Health Information

We may use and disclose your PHI without your specific written authorization in the following ways:

1. Treatment

We may use and share your PHI to provide, coordinate, or manage your healthcare and related services.

Examples include:

• Sharing information with the pharmacy for GLP-1/GIP prescriptions.
  
• Coordinating with your primary care provider or a specialist.
  
• Reviewing lab results to assess initial and follow up metabolic health.
  

2. Payment

Your PHI may be used or disclosed to bill and obtain payment for the services you receive.

Examples include:

• Sending prescriptions electronically to the pharmacy.

3. Healthcare Operations

We may use your PHI for business operations necessary to ensure quality care and efficient administration.

Examples include:

• Quality improvement
• Compliance programs, audits, or legal services.
• Providing information about health-related products or wellness programs.

We will not use your PHI for marketing or sale purposes without your written authorization.

Communications via Email or Text

We use technical and administrative safeguards to protect your personal information.  We do not use personal emails and text messages may not be secure.

• We recommend using our encrypted patient portal that links to your Practice Better account for sensitive communications.
• We will never sell or share your contact information for marketing without your explicit consent.

Uses and Disclosures That Do Not Require Authorization

We may use or disclose your PHI without authorization when permitted or required by law, including:

• Public Health: Reporting disease, injury, or vital statistics.
• Health Oversight: Compliance audits, licensure, or inspections.
• Legal Proceedings: In response to court orders or subpoenas.
• Law Enforcement: Investigations or identification purposes.
• Abuse or Neglect Reporting: To protect vulnerable populations.
• Research: If approved by an institutional review board or as permitted by law.
• Workers’ Compensation: For claims or benefits processing.
• National Security or Military: As authorized by applicable laws.
• Coroners, Organ Donation, or Funeral Directors: To facilitate authorized activities.

When required by Connecticut law, we will obtain your additional consent before disclosure.

Uses and Disclosures That Require Your Authorization

We will obtain your written authorization before using or disclosing your PHI for any purpose not described in this Notice.

This includes:

• Marketing communications not related to your care.
• Sale or exchange of PHI.
• Release of psychotherapy notes (if applicable).

You may revoke any authorization in writing at any time, except to the extent we have already relied on it.

Your Rights Regarding Your PHI

Under HIPAA and Connecticut law, you have the following rights:

1. Right to Access and Copies

You may inspect and obtain a copy of your medical record or billing information. Requests must be made in writing to privacy@kzwellness.com. Reasonable fees may apply for copies.

2. Right to Request Amendments

If you believe your PHI is incomplete or incorrect, you may request an amendment. If we deny your request, you will receive a written explanation and may submit a statement of disagreement.

3. Right to Request Restrictions

You may request limits on how we use or disclose your PHI for treatment, payment, or operations.

We are not required to agree unless the restriction involves a disclosure to a health plan for a service you paid for entirely out-of-pocket.

4. Right to Confidential Communications

You may request communications be sent to an alternate address or phone number. We will honor all reasonable written requests.

5. Right to an Accounting of Disclosures

You may request a list (“accounting”) of certain disclosures of your PHI made within the past six years, excluding those for treatment, payment, or operations.

6. Right to a Paper Copy

You may obtain a paper copy of this Notice at any time.

Telehealth and Electronic Information

If you receive care through telehealth, we will ensure all transmissions comply with HIPAA and Connecticut General Statutes § 19a-906.

• All sessions occur on HIPAA-compliant, encrypted platforms.
• You must be physically located in Connecticut during your appointment.
• Your telehealth consent will be documented before treatment begins.

Breach of Health Information

If a breach of unsecured PHI occurs, we will notify you within 60 days of discovery. The notice will include a description of what happened, the information involved, and steps you can take to protect yourself.

To Report a Concern or File a Complaint

If you believe your privacy rights have been violated, you may contact our Privacy Officer at: KZ Wellness, PLLC kzwellness@kzwellnesspllc.co, www.kzwellnesspllc.com

You may also file a complaint with:

U.S. Department of Health and Human Services

Office for Civil Rights

200 Independence Avenue SW

Washington, DC 20201

We will not retaliate against you for filing a complaint.

Revisions to This Notice

KZ Wellness, PLLC reserves the right to revise this Notice and apply those changes to all PHI we maintain. Updated versions will be posted on our website with a revised “Last Updated” date. You are entitled to a copy of the current Notice at any time.