Thank you for choosing to be part of our community at Medical Risk Solutions LLC, doing business as My Health Onsite (“My Health Onsite,” “we,” “us,” “our”).  We are committed to protecting your personal information and your right to privacy.  If you have any questions or concerns about this Privacy Policy, or our practices with regard to your personal information, please contact us at


This Privacy Policy applies to all websites and online services of My Health Onsite, including and any other websites on which this Privacy Policy is posted or linked (collectively, the “Website”). When you visit our Website and use any of our services (the “Services,” which include the Website), we appreciate that you are trusting us with your personal information.  We take your privacy very seriously.  In this Privacy Policy, we seek to explain to you in the clearest way possible what information we collect, how we use it, and what rights you have in relation to it.  We hope you take some time to read through it carefully, as it is important.  By visiting the Website or using the Services, you agree to accept the practices described in this Privacy Policy.  If there are any terms in this Privacy Policy that you do not agree with, please discontinue use of our Services immediately. 


This Privacy Policy applies to all information collected through our Services (which, as described above, includes our Website) as well as any related services, sales, marketing or events.


The Patient Portal is governed by a separate privacy policy and terms of use, accessible on the Patient Portal. 


Information you provide to a My Health Onsite facility while being treated as a patient of that facility is defined as “Protected Health Information” under the Health Insurance Portability and Accountability Act and attendant regulations (HIPAA) and is subject to our Notice of Privacy Practices. 


Our Website may contain links to third-party websites which we do not operate or endorse.  This Privacy Policy does not apply to third-party websites, and we are not responsible for those websites.  Those websites may collect your personal information in accordance with their own privacy policies.  You should check the privacy policies of each website your visit.  Links to third party websites are provided solely for your convenience and any use or submission of data to such websites shall be at your sole risk. 


Please read this Privacy Policy carefully as it will help you understand what we do with the information that we collect. 



























Personal information you disclose to us


In Short: We collect personal information that you provide to us.


We collect personal information that you voluntarily provide to us when you express an interest in obtaining information about us or our products and Services, when you participate in activities on the Services, or otherwise when you contact us.


The amount of personal information that we know about you is entirely up to you to decide.  We will only know personal information about you if you choose to share this information about yourself; however, some Services may not be available unless we obtain a certain amount of personal information


The personal information that we collect depends on the context of your interactions with us and the Services, the choices you make, and the products and features you use.  The personal information we collect may include the following:


  • Information by which you may be personally identified, such as name, postal address, email address, telephone number, or any other information the Website collects that is defined as personal or personally identifiable information under applicable law (“personal information”);

  • Information that is about you, but does not identify you individually; and /or

  • Information about your internet connection, the equipment you use to access the Website and usage details. 


We collect this information:


  • Directly from you when you provide it to us;


  • Automatically as you navigate through the site.  Information collected automatically may include usage details, IP addresses and information collected through cookies, web beacons, and other automatic data collection technologies described below. 


  • Information that you provide by filling in forms on our Website; 


  • Records and copies of your correspondence (including email addresses) if you contact us;


  • The Website may offer you the ability to use social media services (collectively, “Social Media”) in conjunction with the Website.  When you access the Website through your Facebook or other Social Media account, we may, depending on your privacy settings, have access to information that you have provided to the Social Media platform. We may use this information for the purposes described in this Privacy Policy or at the time the information was collected.


All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information. 


Information we collect through automatic data collection technologies


As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain information about your equipment, browsing activities and patterns, including:


  • Details of your visits to our Website, including traffic data, location data, and other communication data and the resources that you access and use on the Website;


  • Information about your computer and internet connection, including your IP address, operating system, and browser type.


The technologies we use for this automatic data collection may include:


  • Cookies.  Cookies are small data files that are sent by a website and stored on your computer.  Cookies are used by most websites and can contain information about your use of our Website.  Most browsers have a setting to turn off the automatic acceptance of cookies.  If you do not want to accept cookies from our Website, use the internet Options or Preference menu items in your browser to turn cookies off or receive warnings when cookies are sent to your computer.  However, you should be aware that portions of our Website will not function properly if you do not accept cookies. 

  • Web Beacons.  A web beacon is a small transparent image placed on a website that may track visits to a particular page.  If you set your browser to decline or deactivate cookies, web beacons cannot function because they are used in conjunction with cookies.  


The information we collect automatically may include personal information, or we may maintain it or associate it with personal information we collect in other ways or receive from third parties.  It helps us to improve our Website and to deliver a better and more personalized service.



The Website is not intended for use by children under the age of 18. 


Specifically, the Website is not designed or intended to attract children under the age of 13.  No one under age 13 may provide any information to or on the Website.  We do not knowingly collect personal information from children under 13.  If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information.  If you believe we might have any information from or about a child under 13, please contact us at





In Short: We use collected information to provide services to you, communicate with you, improve your Website experience, and for business purposes.   


The information we collect (automatically and when you provide it) during your visit to our website is used for the following purposes:


  • Monitor, review, measure, and analyze utilization of the Website;

  • Modify and enhance the Website;

  • Improve the content and design of the Website;

  • Maintain the safety, security, and integrity of the Website, Services, databases, other technology assets, and business;

  • Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity;

  • Activities to verify or maintain the quality or safety of Services and to improve, upgrade, or enhance Services;

  • Conduct research and analysis;

  • Respond to your requests for information, products or services;

  • Respond to your questions and concerns;

  • Distribute news and other health information requested by Website visitors;

  • Administer user accounts;

  • To fulfill any other purpose for which you provide it;

  • Notify you about changes to the Website or any products or services we offer;

  • In any other way we may describe when you provide the information;

  • For any other purpose with your consent.





In Short: We only share information with your consent, to comply with laws, to provide you with services, to protect your rights, or to fulfill business obligations. 


We may process or share your data that we hold based on the following legal basis:


  • Consent:  We may process your data if you have given us specific consent to use your personal information for a specific purpose.


  • Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.


  • Performance of a Contract:  Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.


  • Legal Obligations:  We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental request, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).


  • Vital Interests:  We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.


More specifically, we may need to process your data or share your personal information in the following situations:


  • Business Transfers.  We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.


  • Affiliates.  We may share your information with our affiliates, in which case we will require those affiliates to honor this Privacy Policy.  Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us.


  • Business Partners.  We may share your information with our business partners to offer you certain products, services, or promotions. 





In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy unless otherwise required by law.


We will only keep your personal information for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).  No purpose in this Privacy Policy will require us keeping your personal information for longer than 2 years.


When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example,  because your personal information has been stored in backup archive), then we will securely store your personal information and isolate it from any further processing until deletion is possible. 





In Short: We aim to protect your personal information through a system of organizational and technical security measures. 


We have implemented appropriate technical and organizational security measures designed to protect the security of any personal information we process.  However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security, and improperly collect, access, steal, or modify your information.  Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk.  We are not responsible for circumvention of any privacy settings or security measure contained on the Website. 


Please keep in mind that when you voluntarily disclose information about yourself in the public domain (for example, through bulletin boards, chat rooms, emails) it can be collected and used by third parties to contact you or for unauthorized purposes.


You should only access the Services within a secure environment. 





In Short: You may review, change, or terminate your account at any time.


We strive to make sure that our information is reliable, accurate, and up-to-date. While personal information is maintained by us, you may access the personal information that we have collected directly from you, to the extent required by law, to review, update, and correct inaccuracies.  There may be limits to the amount of information we can practically provide.  For example, we may limit access to personal information where the burden or expense of providing access would be disproportionate to the risks to an individual’s privacy or where doing so would violate others’ rights. 


You may ask us to delete all or some of your personal information.  Please note that some information may remain in our records even after you request deleting of your personal information, to the extent required by applicable laws.  To request to review, update, or delete your personal information, please submit your request to:


Medical Risk Solutions LLC

2710 Rew Circle, Suite 200

Ocoee, FL 34761

United States


You may terminate your account at any time.  Please note that we will retain your personal information even after you close your account if reasonably necessary to comply with legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce a user agreement, or fulfil your request to “unsubscribe” from further messages from us.  We will retain anonymized information after your account has been closed.  Please note that information you provide to a My Health Onsite facility while being treated as a patient of that facility is subject to our Notice of Privacy Practices and that medical records are retained in accordance with applicable legal requirements.  Also note that information you provide to the Patient Portal is governed by a separate privacy policy that is accessible on the Patient Portal.


Please note that our Website is not intended for visitors located in the EEA, as My Health Onsite is a U.S.A. entity providing services in the U.S.A.  Any personal information collected about EEA visitors through the Website is processed in the United States by us or a party acting on our behalf.  When you provide personal information to us through the Website, you consent to the transfer, storage, and processing of your personal information in the United States. 





Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected.  At this stage, no uniform technology standard for recognizing and implementing DNT signals has been finalized.  As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online.  If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy. 





In Short: Yes, we will update this Privacy Policy as necessary to stay compliant with relevant laws.


We reserve the right to update this Privacy Policy at any time, at our discretion.  The updated version will be indicated by an updated “Revised” date and the updated version will be effective as soon as it is accessible.  If we make material changes to this Privacy Policy, we may notify you either by prominently posting a notice of such changes on the Website or by directly sending you a notification.  We encourage you to review this Privacy Policy frequently to be informed of how we are protecting your information. 





If you have questions or comments about this Privacy Policy, you may email us at or by post to:


Medical Risk Solutions LLC

2710 Rew Circle, Suite 200

Ocoee, FL 34761

United States


4825-7560-9304, v. 1








Each time you visit a health care provider, a record of your visit is made. Typically, this record contains your symptoms, examination and test results, diagnoses, treatment, a plan for future care or treatment, and billing-related information. This notice applies to all of the records of your care generated by the health center, whether made by health center staff members, agents of the health center, or your personal doctor. 



We are required by law to maintain the privacy of protected health information, provide a description of our privacy practices with respect to protected health information, and notify affected parties in the event of a breach of unsecured protected health information. We will abide by the terms of this Notice. 



How we may use and disclose Health Information about you: The following categories describe examples of the way we use and disclose health information: 


Treatment: We may use health information about you to provide you treatment and services. We may disclose health information about you to doctors, nurses, technicians, medical students, or other staff members who are involved in taking care of you at the health center. For example, a doctor treating you for a broken leg may need to know if you have diabetes because diabetes may slow the healing process. The doctor may need to tell the dietician about the diabetes so appropriate meals can be arranged. Different departments of the health center also may share health information about you in order to coordinate the different things you may need, such as prescriptions, lab work, and x-rays. We may also provide a subsequent health care provider with copies of various reports that should assist in treating you. 


Payment: We may use and disclose health information about your treatment and services to your insurance company or a third party. For example, we may need to give your insurance company information about treatment for reimbursement to you. 


Health Care Operations: Members of the medical staff and/or quality improvement team may use information in your health record to assess the care and outcomes in your case and others like it. The results will then be used to continually improve the quality of care for all patients we serve. For example, we may combine health information about many patients to evaluate the need for new services or treatment. We may disclose information to doctors, nurses, and students for educational purposes. And we may combine health information we have with that of other affiliated facilities to see where we can make improvements. We may remove information that identifies you from this set of health information to protect your privacy. 

Business Associates: There are some services provided in our organization through business associates we have contracted with to perform the agreed upon services and billing where in the course of their work will directly or indirectly use, transmit, copy, view, transport, interpret or process PHI. They are prohibited from re-disclosing PHI and are bound by a Business Associate Agreement requiring them by federal law to appropriately safeguard your information. 


As Required By Law: Your medical information will be disclosed when we are required to do so by federal, state or local authorities, laws, rules and/or regulations. 


Lawsuits and Disputes: If you are involved in a lawsuit or dispute, your medical information may be disclosed in response to a court or administration order, subpoena, discovery request, or other lawful process by someone else involved in the dispute. 


Law Enforcement: Your health information may be disclosed to law enforcement agencies to support government audits and inspections, to facilitate law-enforcement investigations, and to comply with government mandated reporting. 


Public Health Purposes: We may release your medical information for public health activities, such as: 

  1. To prevent or control disease , injury or disability

  2. To report births or deaths

  3. To report child abuse or neglect

  4. To report reactions to medications or problems with products

  5. To notify people of recalls of products they may be using

  6. To notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition

  7. To notify the proper government authority if we believe a patient has been the victim of abuse, neglect or domestic violence. We will only make this disclosure if you agree or when required or authorized by law.


Oversight Agencies: Federal law allows us to release your protected health information to appropriate health oversight agencies or for health oversight activities to include audits, civil, administrative or criminal investigations: inspections; licensure or disciplinary actions; and for similar reasons related to the administration of healthcare. 


Coroners, Medical Examiners and Funeral Directors: We may disclose your protected health information to funeral directors or coroners consistent with applicable law to allow them to carry out their duties. 


Specialized Government Functions: We may disclose your protected health information for specialized government functions as authorized by law such as for military and veterans’ activities and for national security purposes. 


Correctional Institutions: If you are an inmate of a correctional institution, we may disclose to the institution or its agents the protected health information necessary for your health and the health and safety of other individuals. 


Workers Compensation: If you seek treatment for a work-related illness or injury we must provide full information in accordance with state specific laws regarding workers’ compensation claims. Once state specific requirements are met and an appropriate written request is received only the records pertaining to the work-related illness or injury may be disclosed. 


Appointment Reminders: Your health information may be used by our staff to send you appointment reminders. When disclosing information, primarily appointment reminders, we may leave messages on answering machines or voicemail of a telephone number that you have provided. 


Information and Treatments: Your health information may be used to send you information that you may find interesting on the treatment and management of your medical condition, health related products and services, health related benefits, possible treatment alternatives, population based activities relating to improving health or reducing health care costs, conduct in training programs or reviewing competence and satisfaction of health care professionals. 


Individuals Involved in Your Care: We may release health information about you to a family member or guardian who is involved in your medical care. In an emergency or in situations where you are incapacitated or not otherwise present, we may disclose your PHI to family members, friends, caregivers or others, when the circumstances indicate that such disclose is authorized by you and is in your best interest. In these situations we will only disclose your PHI that is relevant to such other person’s involvement in your care. In addition, we may disclose health information about you to an entity assisting in a disaster relief effort so that your family can be notified about your condition, status and location. If you have any objection to sharing your medical information in this way, please contact the HIPAA Compliance Officer listed at the end of this notice. 


Research: Under certain circumstances, your medical information may be used and disclosed for research purposes. All research projects involving patients’ medical information must be approved through a special review process to protect patient confidentiality. You will only become a part of a research project if you agree to do so and sign a consent form. 


Future Communications: We may communicate to you via newsletters, mail outs or other means regarding treatment options, health related information, disease-management programs, wellness programs, or other community based initiatives or activities our health center is participating in. 


Organized Health Care Arrangement: This health center and its medical staff members have organized and are presenting you this document as a joint Notice. Information will be shared as necessary to carry out treatment, payment and health care options. Physicians and ancillary staff may have access to protected health information in their offices to assist in reviewing past treatment as it may affect treatment at the time. 


Affiliated Covered Entity: Protected health information will be made available to health center personnel at local affiliated health centers as necessary to carry out treatment, payment and health care operations. Caregivers at other health centers may have access to protected health information at their locations to assist in reviewing past treatment information as it may affect treatment at this time. Please contact the HIPAA Compliance Officer for further information on the specific sites included in this affiliated covered entity. 

Other uses and disclosures of health information not covered by this Notice (including psychotherapy notes) or the laws that apply to us will be made only with your written permission. If you provide us permission to use or disclose health information about you, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose health information about you for the reasons covered by your written authorization. You understand that we are unable to take back any disclosures we have already made with your permission, and that we are required to retain our records of the care that we have provided to you. 


Although your health record is the physical property of the healthcare practitioner or health center that compiled it, you have the right to: 


Inspect and Copy: You have the right to inspect and obtain a copy of the health information that may be used to make decisions about your care. Usually, this includes medical records, but does include psychotherapy notes. To see or get a copy of your medical information, you must submit a written request. 


Amend: If you feel that health information we have about you is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept by or for the health center. Any request for an amendment must be sent in writing to the HIPAA Compliance Officer. We may deny your request for an amendment and if this occurs, you will be notified of the reason for the denial. 


An Accounting of Disclosures: You have the right to request an accounting of disclosures. This is a list of certain disclosures we make of your health information for purposes other than treatment, payment or health care operations where an authorization was not required. 


Request Restrictions: You have the right to request a restriction or limitation on the health information we use or disclose about you for treatment, payment or health care operations. You also have the right to request a limit on the health information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. For example, you could ask that we not use or disclose information about a surgery you had. Any request for a restriction must be sent in writing to the HIPAA Compliance Officer. 


We are required to agree to your request only if 1) except as otherwise required by law, the disclosure is to your health plan and the purpose is related to payment or health care operations (and not treatment purposes), and 2) the information pertains solely to health care services for which you have paid out of pocket in full. For other requests, we are not required to agree. If we do agree, we will comply with your request unless the information is needed to provide you emergency treatment. 


Request Confidential Communications: You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you may ask that we contact you at work instead of your home. The health center will grant reasonable requests for confidential communications at alternative locations and/or via alternative means only if the request is submitted in writing. We reserve the right to contact you by other means and at other locations if you fail to respond 

to any communication from us that requires a response. We will notify you in accordance with your original request prior to attempting to contact you by other means or at another location.


A Paper Copy of This Notice: You have the right to a paper copy of this Notice. You may ask us to give you a copy of this notice at any time. Even if you have agreed to receive this notice electronically, you are still entitled to a paper copy of this Notice.


Notified of A Breach – We will notify you if we discover a breach of your unsecured protected health information.


To exercise any of your rights, please obtain the required forms from the HIPAA Compliance Officer and submit your request in writing.



We reserve the right to change this Notice and the revised or changed Notice will be effective for information we already have about you as well as any information we receive in the future. The current Notice will be posted in the health center and on our website and will include the effective date.



If you believe your privacy rights have been violated, you may submit a comment or complaint about our privacy practices to the address listed at the end of this Notice. You may also submit a written complaint to the U.S. Department of Health and Human Services. You will not be penalized for filing a complaint



HIPAA Compliance Officer 

Medical Risk Solutions dba My Health Onsite 

2710 Rew Circle, Suite 200 

Ocoee, FL 34761 




If you have any questions about this Notice, you may contact the HIPAA Compliance Officer by telephone at 407-654-5414. 


2710 Rew Circle

Ocoee, FL 34761


Patient Assistance: 888-644-1448

Sales Inquiries: 888-373-0013

Copyright © 2021 My Health Onsite All Rights Reserved.