Chris Meyer FNP PLLC · Effective April 27, 2026
Chris Meyer FNP PLLC | www.chrisfnp.com | Effective: April 27, 2026
This Privacy Policy describes how Chris Meyer FNP PLLC, operating as ChrisFNP ("we," "our," or "the Practice"), collects, uses, stores, and protects your personal and health information when you visit www.chrisfnp.com or use our telehealth services. By using our services you agree to the practices described in this Policy.
This Practice is a covered entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and is committed to maintaining the privacy and security of your Protected Health Information (PHI).
Personal Identification Information
Full legal name, date of birth, and gender
Residential address (street, city, state, ZIP code)
Email address and phone number
Payment information (processed by our payment processor — we do not store card numbers)
Protected Health Information (PHI)
Medical history, current conditions, and past surgeries
Current medications, supplements, and known drug allergies
Responses to clinical intake questionnaires
Prescription history and clinical notes
Secure messages exchanged through our clinical platform
Website Usage Information
Browser type, IP address, and device type
Pages visited and time spent on the site
To provide clinical telehealth services and prescribe appropriate medications
To communicate with you through our HIPAA-compliant messaging platform (Spruce Health)
To send administrative communications such as prescription confirmations and renewal reminders
We do not use your information for marketing purposes, sell your information to third parties, or share your information with advertisers.
With your designated pharmacy for the purpose of filling your prescription
With our business associates who provide services necessary to operate the Practice, each of whom has signed a Business Associate Agreement (BAA) requiring HIPAA-compliant handling of your PHI
In situations involving imminent threat to your safety or the safety of others
Our current business associates who may have access to your PHI include:
Spruce Health — HIPAA-compliant clinical communication and payment platform (BAA in place)
Our designated e-fax service provider used to transmit prescriptions to pharmacies
Use your PHI for any purpose beyond your direct care and practice operations
As a patient of this Practice you have the following rights under HIPAA:
Right to amend — You may request corrections to your health information
Right to accounting of disclosures — You may request a list of disclosures of your PHI
Right to restrict — You may request restrictions on how we use or disclose your PHI
Right to confidential communications — You may request we communicate with you in a specific way
Right to complain — You may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights
To exercise any of these rights please contact us at the email or address listed at the end of this Policy.
All clinical communications occur through Spruce Health, a HIPAA-compliant platform with SOC 2 auditing and HITRUST certification
We maintain a signed Business Associate Agreement with all vendors who handle your PHI
Passwords and two-factor authentication are required to access any platform containing PHI
In the event of a data breach involving your PHI we will notify you as required by the HIPAA Breach Notification Rule within 60 days of discovery.
We retain patient records for a minimum of 6 years from the date of creation or the date they were last in effect, whichever is later, in compliance with Arizona state law and HIPAA requirements. Payment records are retained as required for tax and accounting purposes.
When you terminate your subscription your clinical records are retained for the legally required period. You may request a copy of your records at any time by contacting us.
Our website (www.chrisfnp.com) may use basic analytics to understand how visitors use the site. We do not use advertising cookies, behavioral tracking, or sell website visitor data. Any analytics data is anonymized and used solely to improve the patient experience.
Our services are intended for adults 18 years of age and older. We do not knowingly collect personal information from individuals under 18. If we become aware that a minor has submitted information we will delete it promptly.
We may update this Privacy Policy from time to time. When we do we will update the effective date at the top of this document. Continued use of our services after any update constitutes acceptance of the revised Policy. We encourage you to review this Policy periodically.
For questions about this Privacy Policy, to exercise your HIPAA rights, or to file a complaint:
Email: support@chrisfnp.com
Website: www.chrisfnp.com
www.hhs.gov/ocr/privacy/hipaa/complaints