Consent for Sensitive Data Processing

Consent for Sensitive Data Processing.

Effective Date: July 29, 2025

PURPOSE AND SCOPE

This document explains how Hedfirst processes your sensitive personal information and obtains your explicit consent as required by applicable privacy laws.

SENSITIVE DATA WE PROCESS

Sensitive personal information includes:

  • Health Information: Medical history, symptoms, diagnoses, treatments, prescriptions, test results
  • Mental Health Data: Psychological assessments, mental health conditions, therapy notes
  • Biometric Information: Health measurements, vital signs, biometric identifiers (when applicable)
  • Genetic Information: Genetic test results, family medical history (when relevant)
  • Other Protected Categories: Any information requiring special protection under privacy laws

PURPOSES FOR PROCESSING

We process sensitive data to:

Healthcare Service Delivery
  • Provide telehealth consultations and medical evaluations
  • Coordinate prescription services and medication management
  • Facilitate laboratory testing and diagnostic services
  • Generate AI-powered health assessments and insights
  • Enable secure provider-patient communications
Care Quality and Safety
  • Monitor treatment outcomes and medication effectiveness
  • Identify potential health risks and drug interactions
  • Coordinate care among healthcare providers
  • Maintain accurate medical records for continuity of care
Legal and Regulatory Compliance
  • Meet healthcare documentation and reporting requirements
  • Comply with public health mandates and safety reporting
  • Respond to legal requests and regulatory inquiries
  • Maintain records as required by healthcare regulations
Service Improvement
  • Conduct de-identified research to improve healthcare delivery
  • Analyze treatment patterns to enhance service quality
  • Develop better health assessment tools and technologies
  • Train AI systems using anonymized data

LEGAL BASIS FOR PROCESSING

We process sensitive data based on:

  • Your Explicit Consent: As provided through this document
  • Healthcare Service Necessity: Required to deliver requested medical services
  • Legal Compliance: When mandated by healthcare laws and regulations
  • Vital Interests Protection: For emergency medical situations
  • Public Health: To support public health and safety initiatives

DATA SECURITY AND PROTECTION
Security Measures

We protect sensitive data through:

  • Encryption: End-to-end encryption for data transmission and storage
  • Access Controls: Strict authorization protocols limiting access to authorized personnel
  • Audit Systems: Continuous monitoring and logging of data access
  • Regular Security Reviews: Periodic assessments of security measures and protocols
Access Limitations

Sensitive data is accessed only by:

  • Healthcare providers delivering your care
  • Authorized healthcare support staff
  • Technical personnel for system maintenance (with appropriate safeguards)
  • Legal and compliance staff, when required by law
Third-Party Sharing

We share sensitive data only when:

  • Healthcare Coordination: With providers, pharmacies, and labs involved in your care
  • Legal Requirements: As mandated by law or court order
  • Emergency Situations: To protect your health and safety
  • With Your Authorization: When you provide specific consent for sharing

DATA RETENTION

Retention periods:

  • Active Medical Records: Maintained while you receive services and as required by healthcare regulations
  • Inactive Records: Retained according to applicable medical record retention laws
  • Anonymized Data: May be retained indefinitely for research and service improvement
  • Deleted Data: Securely destroyed when retention periods expire

YOUR RIGHTS
Access and Control Rights
  • Access: Request copies of your sensitive data
  • Correction: Update inaccurate or incomplete information
  • Restriction: Limit certain types of data processing
  • Portability: Obtain your data in a transferable format
  • Objection: Object to certain types of data processing
Consent Management
  • Withdrawal: Revoke consent at any time, though this may affect service delivery
  • Review: Request information about how your sensitive data is being processed
  • Updates: Receive notice of material changes to data processing practices
Complaint Rights
  • Internal Complaints: Contact our privacy officer for data protection concerns
  • Regulatory Complaints: File complaints with applicable data protection authorities
  • Legal Remedies: Pursue legal action for privacy violations

CONSENT TO SENSITIVE DATA PROCESSING

By using Hedfirst services, you provide explicit consent for the processing of sensitive personal information as described in this document.

This consent covers all data processing necessary to provide Hedfirst healthcare services, including:

  • Medical consultations and health assessments
  • Prescription evaluation and coordination
  • Laboratory testing and diagnostic services
  • AI-enhanced health analysis and insights
  • Care coordination with healthcare providers, pharmacies, and laboratories
  • Service quality improvement and safety monitoring
  • Legal and regulatory compliance requirements

Your consent is voluntary, and you may withdraw it at any time, though withdrawal may limit our ability to provide certain healthcare services.

WITHDRAWAL OF CONSENT

To withdraw consent:

  • Online: Update preferences in your account settings
  • Email: Send written request to support@hedfirst.com
  • Phone: Call +1 888-427-1796
  • Mail: Written notice to our privacy officer

Important: Withdrawing consent may limit our ability to provide certain healthcare services.

INTERNATIONAL DATA TRANSFERS

If you access services from outside the United States, your sensitive data may be transferred to and processed in the United States, where our healthcare systems are located. We ensure appropriate safeguards for international transfers.

UPDATES TO THIS CONSENT

We may update this consent document to reflect changes in:

  • Privacy laws and regulations
  • Healthcare service offerings
  • Data processing technologies
  • Security measures and protocols

Material changes will be communicated via email with an opportunity to review and re-consent.

ACKNOWLEDGMENT

By providing consent, you confirm:

✓ You have read and understand this sensitive data processing information

✓ You understand the purposes for which your sensitive data will be used

✓ You are aware of your rights regarding sensitive data processing

✓ You voluntarily provide explicit consent for processing sensitive data as described

✓ You understand you may withdraw consent at any time

✓ You acknowledge that healthcare services require sensitive data processing for delivery

CONTACT INFORMATION

For questions about sensitive data processing:

Privacy Officer
Hedfirst, LLC
3527 S. Federal Way, Suite 103 #459
Boise, ID 83705

Email: support@hedfirst.com
Phone: +1 888-427-1796

This consent is effective from the date you accept it and remains valid until withdrawn or updated.

Real care, AI Medical Assessment & prescription medications.
100% online.

Learn more
Comprehensive Care. AI Assessment. Medication.
A new online healthcare standard.
Have questions?

Want know more about AI Medical Assessments and our comprehensive care membership?  

Talk to patient care
Verify Approval for www.hedfirst.com
Popular care areas
Skin CareHair & ScalpMigrainesWomen's HealthMen's HealthDigestive & Gut HealthAcute Care & InfectionsAdvanced & RegenerativeChronic InflammationPrimary Care Conditions
AI CARE MEMBERSHIP
Get CareWhat We TreatShop All MedicationsFAQs
Company
Who We AreContact UsPartnerships
LEGAL
Terms of ServicePrivacy PolicySMS Terms & ConditionsConsent to TreatmentConsent for Sensitive Data ProcessingNotice of Privacy PracticesPharmacy DisclaimerCA, MA, RH, VT Licensure
Have questions?

Want know more about AI Medical Assessments and our comprehensive care membership?  

Talk to patient care
Verify Approval for www.hedfirst.com
Popular Care & Medication areas
Skin CareHair & ScalpMigrainesWomen's Health
Men's HealthDigestive & Gut HealthAcute Care & Infections
Advanced & RegenerativeChronic InflammationPrimary Care Conditions
Care & AI Medical Assessment
Get Care
What We Treat
FAQs
COMPANY
Who we are
Contact Us
Partnerships
LEGAL
Terms of ServicePrivacy PolicySMS Terms & Conditions
Consent to TreatmentConsent for Sensitive Data ProcessingNotice of Privacy Practices
Pharmacy DisclaimerCA, MA, RH, VT Licensure
Hedfirst is a Curious Office company.

Hedfirst LLC is a registered Delaware Limited Liability Company, operating in the United States. Our mission is to innovate in patient-focused healthcare solutions, with an emphasis on addressing migraine and related health challenges. We are committed to adhering to all applicable state and federal regulations while maintaining the highest standards of ethical business practices and patient care. Service not currently available in Mississippi, Alaska and New Jersey. © Hedfirst™ 2025, All Rights Reserved