Security & Technology

Published: August 23, 2025

Updated: June 8, 2026

Electronic Health Records & Patient Portal (PHI): We use Practice Better for clinical records, secure messaging, forms, and scheduling. According to Practice Better’s published materials, they implement encryption in transit and at rest, minimum-necessary access controls, activity/audit logs, routine vulnerability scanning, and scheduled encrypted backups retained for a defined period. For current details, see Practice Better’s security overview.

E-Prescribing: We use DrFirst with electronic prescribing for controlled substances (EPCS), including multi-factor authentication and audit trails.

Payments: We use Stripe and/or QuickBooks Online (Intuit) for payment processing and invoicing. We do not store full card numbers; these processors maintain payment card industry data security standard (PCI-DSS) compliance.

Our safeguards: Business Associate Agreements (BAA) for PHI-handling vendors; least-privilege access; multi-factor authentication; device encryption and auto-lock; secure portal messaging (no unencrypted email/SMS for PHI); incident response and breach-notification procedures aligned with HIPAA.

For how we use and disclose PHI and your patient rights, see our HIPAA Notice of Privacy Practices. For cookies/analytics on this website, see our Privacy Policy.

© Copyrights by Med Fit Culture.

The information displayed on this webpage is not medical advice nor a substitute for medical advice, diagnosis, or treatment. No physician-patient relationship is established by viewing, using, or interacting with this website.

By viewing, using, or interacting with this webpage, you agree to our Terms of Use and Privacy Policy.