GREATER ATLANTA INTEGRATIVE PEDIATRICS

Website Privacy Policy

Effective Date: April 23, 2026

Last Updated: April 23, 2026

Greater Atlanta Integrative Pediatrics (“GAIP,” “we,” “us,” or “our”) is committed to protecting the privacy and security of all individuals who visit our website, particularly the parents, guardians, and minor patients we serve. This Privacy Policy explains how we collect, use, disclose, and safeguard information obtained through our website located at www.gaipeds.com (the “Site”).

Because we serve a pediatric population, we take our obligations under applicable federal and state privacy laws — including the Health Insurance Portability and Accountability Act (HIPAA), the Children’s Online Privacy Protection Act (COPPA), and applicable state medical privacy statutes — seriously. Please read this policy carefully.

1. Who We Are

Greater Atlanta Integrative Pediatrics is a licensed pediatric healthcare provider. Our website is operated for informational and patient-support purposes and is not intended to collect protected health information (PHI) directly through the Site.

Website Address: www.gaipinc.com

Contact: Operations Manager, Greater Atlanta Integrative Pediatrics | intakes@gaipeds.com | (404) 751-3693 #1

2. Information We Collect and Why

2.1 Information You Provide Voluntarily

We may collect personal information you voluntarily submit through our website, such as:

  • Your name, address, phone number, and email address when completing a contact or appointment request form
  • The name and date of birth of the child patient when scheduling or requesting records
  • Insurance information submitted through our online intake forms
  • Questions or messages submitted through our secure patient portal or contact forms

We collect this information to respond to your inquiries, schedule appointments, and facilitate care coordination. We do not use website forms to collect or transmit detailed clinical records or treatment information.

2.2 Information Collected Automatically

When you visit our Site, we may automatically collect certain technical data, including:

  • IP address and general geographic location
  • Browser type and version
  • Pages viewed, time on site, and referring URLs
  • Device type and operating system

This data is used solely to maintain Site security, detect fraud or abuse, and improve the user experience. It is not linked to individual patient health records.

2.3 Cookies and Tracking Technologies

Our Site uses cookies and similar technologies. Specifically:

  • Session cookies: temporary cookies used to maintain your browsing session; they expire when you close your browser
  • Preference cookies: if you use our patient portal, cookies may save your display settings for up to one year
  • Analytics cookies: we use privacy-respecting analytics tools to understand aggregate site usage (see Section 5)

We do not use advertising cookies or sell your data to third-party advertisers. You may adjust cookie preferences through your browser settings. Disabling cookies may affect certain Site features.

2.4 Children’s Privacy (COPPA Compliance)

Our Site is directed to parents and legal guardians, not to children under 13 directly. We do not knowingly collect personal information directly from children under the age of 13 without verified parental or guardian consent. If you believe a child has submitted personal information to our Site without appropriate consent, please contact our Privacy Office immediately so we can delete that information.

2.5 Media and Uploaded Files

If you upload images or documents to our Site (for example, through a patient portal), please avoid uploading files containing embedded location data (EXIF/GPS metadata). We recommend stripping location metadata before uploading. We will not intentionally share any uploaded personal or clinical materials publicly.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to appointment requests, general inquiries, and patient portal messages
  • To verify the identity of parents or guardians communicating on behalf of a minor patient
  • To improve the functionality, security, and accessibility of our website
  • To comply with applicable federal and state healthcare laws, including HIPAA
  • To detect and prevent unauthorized access, fraud, or security incidents

We do not use your information for targeted advertising, nor do we sell or rent your personal information to any third party.

4. Legal Basis and HIPAA Notice

Any protected health information (PHI) submitted through our Site is governed by our Notice of Privacy Practices (NPP), which complies with HIPAA. The NPP is available at the front desk of our office and upon request. This Website Privacy Policy covers information collected through the Site itself; it does not replace or supersede our NPP.

Where state law affords greater privacy protections than HIPAA, including for mental health records, substance use treatment, and reproductive health, we apply those more protective standards.

5. Analytics

We use a HIPAA-compliant web analytics tool to collect aggregated, anonymized data about how visitors use our Site. This data helps us understand which pages are most useful, identify technical errors, and improve the patient-family experience online.

Analytics data is not linked to any individual’s identity or health information. We do not share analytics data with third-party advertising networks.

6. Who We Share Your Information With

We do not sell, rent, or trade your personal information. We may share information only in the following limited circumstances:

  • Service providers: Vendors who host our website or operate our patient portal on our behalf, under signed data processing or Business Associate Agreements (BAAs) as required by HIPAA
  • Legal compliance: When required by law, court order, or government authority, or to protect the safety of a child or other individual
  • Care coordination: With other treating providers when you or your authorized representative has given consent, consistent with HIPAA and applicable law

All third parties with whom we share data are contractually required to maintain appropriate security and privacy safeguards.

7. How Long We Retain Your Data

We retain personal information for as long as necessary to fulfill the purposes described in this policy, or as required by applicable law. Specifically:

  • Appointment request and contact form data are retained for a minimum of six years from the date of submission, consistent with healthcare record retention requirements
  • Website analytics data is retained in an aggregated, anonymized form and does not have an automatic deletion schedule
  • Patient portal account data is retained in accordance with our medical records retention policy and HIPAA requirements

When information is no longer required, we dispose of it securely using methods appropriate to the sensitivity of the data.

8. Your Rights and Choices

Depending on your state of residence, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request that inaccurate or incomplete information be updated
  • Deletion: Request deletion of your personal data, subject to our legal retention obligations
  • Restriction: Request that we limit processing of your data in certain circumstances
  • Portability: Request a machine-readable export of your data where applicable

To exercise any of these rights, please contact our Privacy Office at intakes@gaipeds.com. We will respond within 30 days. Note that certain data may be exempt from these requests where retention is required by law or for patient safety purposes.

For rights related to your child’s medical records under HIPAA, please refer to our Notice of Privacy Practices.

9. Embedded Content

Pages on this Site may include embedded content such as maps, educational videos, or patient education resources from third-party providers (for example, health information libraries or telemedicine platforms). Embedded content from other websites may collect data about your visit, set cookies, or use tracking technologies governed by the third party’s own privacy policy.

We only embed content from vendors that have demonstrated compliance with applicable privacy standards. We recommend reviewing the privacy policies of any third-party sites you access through our embedded links.

10. How We Protect Your Data

We implement administrative, technical, and physical safeguards to protect information collected through our Site, including:

  • TLS/HTTPS encryption for all data transmitted between your browser and our servers
  • Access controls limiting who can view form submissions and patient portal messages
  • Regular security assessments and vulnerability scanning
  • Staff training on privacy and data security practices

Despite these measures, no method of electronic transmission or storage is completely secure. We encourage you to avoid submitting sensitive clinical information through general contact forms; please use your secure patient portal for clinical communications.

11. Data Breach Procedures

In the event of a data breach that affects personal information collected through this Site, we will:

  • Investigate and contain the breach promptly
  • Notify affected individuals and, where required, regulatory authorities, within the timeframes required by applicable law (including HIPAA’s Breach Notification Rule)
  • Provide guidance on protective steps individuals may take

To report a suspected privacy or security incident, please contact intakes@gaipeds.com immediately.

12. Automated Decision-Making

We do not use automated decision-making or profiling based on data collected through this Site in a manner that produces legal or similarly significant effects on individuals.

13. Industry and Regulatory Disclosures

Greater Atlanta Integrative Pediatrics (GAIP) is subject to the following regulatory frameworks with respect to health information privacy:

  • HIPAA / HITECH Act (45 CFR Parts 160 and 164)
  • Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.
  • Applicable state medical privacy and consumer privacy laws

Our Notice of Privacy Practices, which provides a full description of how we handle PHI in the clinical context, is available upon request and posted at our facility.

14. Third-Party Data Sources

We do not routinely receive personal data about you from third-party data brokers or advertising networks. We may receive information from referring providers or health information exchanges when coordinating your child’s care, which is governed by HIPAA and our NPP rather than this policy.

15. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the “Last Updated” date at the top of this page. For material changes, we will provide a prominent notice on our Site. Your continued use of the Site after changes take effect constitutes acceptance of the revised policy.

16. Contact Us

For questions, concerns, or requests related to this Privacy Policy, please contact:

Privacy Office

Greater Atlanta Integrative Pediatrics

1240 Upper Hembree Road, Roswell, GA 30076

Email: intakes@gaipeds.com

Phone: (404) 751-3693

© 2026 Greater Atlanta Integrative Pediatrics. All rights reserved.