LiverCured
← Back to site Open the app
← LiverCured Legal

Privacy Policy & HIPAA Notice

Last updated June 17, 2026 · A specialty clinic of InstaCured

This notice explains how LiverCured, a specialty clinic of InstaCured, collects, uses, and protects your information, including your health information. It covers our general Privacy Policy, our HIPAA Notice of Privacy Practices, your California privacy rights, telehealth informed consent, and how we use HIPAA-compliant artificial intelligence to help with your chart, uploaded documents, and visits. The LiverCured platform and website are hosted and managed by InstaCured Corp. Clinical care is provided by InstaCured Medical Group Inc., a California professional corporation.

1. Scope & who's responsible

Before you create an account, information you provide (for example, while browsing or using the LiverMD AI assistant) is governed by this Privacy Policy. Once you create an account and become a patient, your health information is "protected health information" (PHI) handled by InstaCured Medical Group Inc. as a HIPAA covered entity, and by InstaCured Corp acting as its business associate under a Business Associate Agreement. References to "we," "us," and "our" mean InstaCured Corp and the Medical Group as applicable.

2. Information we collect

  • Account & identity: name, date of birth, sex or gender, email, phone, mailing or location information, and, where required to verify identity or eligibility, government-issued ID.
  • Health information: the labs, imaging reports, clinical documents, notes, medications, history, symptoms, goals, and other records you upload or enter, plus information generated during your visits (including video and in-person visits) and messages with your care team.
  • Payment information: billing details processed by third-party payment processors (we do not store full card numbers).
  • Device & usage: IP address, device or browser type, app interactions, and similar technical data, collected through cookies and similar technologies.

3. How we collect it

We collect information directly from you (what you enter or upload), automatically (through your use of the Services and cookies), from your Providers and care team in the course of treatment, and from service providers acting on our behalf.

4. How we use information

  • To provide the Services: organize your records into a timeline, show trends and explanations, and enable scheduling and visits;
  • To provide and coordinate your medical care through the Medical Group's Providers (treatment);
  • To operate, secure, support, and improve the Services;
  • To process payments and for billing and healthcare operations;
  • To communicate with you about appointments, your care, and the Services; and
  • To comply with legal obligations.

5. AI processing of health data

We use HIPAA-compliant artificial intelligence and automated tools to help you and your care team work with your health information. By using the Services, you consent to this use (see also Section 8 of our Terms of Service). Specifically, AI may be used to:

  • Read and organize your chart: extract, categorize, date, and summarize your labs, imaging, documents, and notes into your timeline;
  • Process documents you upload: interpret photos, PDFs, and files and convert them into structured, searchable records;
  • Explain your results: generate plain-language explanations and trends with reference-range context;
  • Support your visits: assist with scheduling, intake, transcription or summarization, and surfacing relevant information to your Provider for both video and in-person visits; and
  • Power the LiverMD AI assistant for general liver-health questions.

Our AI vendors that process PHI do so under HIPAA Business Associate Agreements and appropriate safeguards. AI is a support tool and does not replace your Provider's professional judgment. Your Providers remain responsible for clinical decisions. Where we use information to develop or improve our tools, we use aggregated or de-identified data and take reasonable steps not to re-identify you except as permitted by law. We do not sell your health information.

6. When we share information

We share information only as needed to provide the Services and as permitted by law, including with: your Providers and care team (for treatment); service providers and business associates (such as hosting, AI and cloud, analytics, and payment processors) under contractual safeguards; and government or other parties when required by law or to protect rights and safety. We do not sell your personal or health information.

7. Your choices

You can access and update your account information, manage communication preferences (including opting out of non-essential messages), and control cookies through your browser. You may also exercise the rights described in the HIPAA and California sections below.

8. Security

We maintain reasonable administrative, technical, and physical safeguards designed to protect your information, including encryption in transit, access controls, and contractual protections with vendors. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

9. Retention

We retain information for as long as needed to provide the Services, to maintain medical records as required by law (medical-record retention periods are set by applicable state and federal law), to comply with legal obligations, resolve disputes, and enforce our agreements. De-identified data may be retained without time limit.

10. HIPAA Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

InstaCured Medical Group Inc. is required by law to maintain the privacy of your PHI, to provide you this Notice of our legal duties and privacy practices, and to follow the terms of the Notice currently in effect.

How we may use and disclose your PHI

  • Treatment: to provide, coordinate, and manage your care among your Providers and care team.
  • Payment: to bill and obtain payment for services.
  • Health care operations: for quality, administration, and improvement of our services, including with business associates under written agreements.
  • As required or permitted by law: for example, public health activities, to avert a serious threat to health or safety, or in response to lawful requests.

Other uses and disclosures not described in this Notice will be made only with your written authorization, which you may revoke at any time (except to the extent we have already relied on it).

Your rights regarding your PHI

  • Access & copies: request to inspect and obtain a copy of your medical record, typically within 30 days.
  • Amendment: request a correction to information you believe is inaccurate or incomplete.
  • Confidential communications: request that we contact you a certain way or at a certain location.
  • Restrictions: request limits on certain uses and disclosures.
  • Accounting of disclosures: request a list of certain disclosures we have made.
  • Paper copy: request a paper copy of this Notice at any time.
  • Choose someone to act for you: a personal representative may exercise your rights.
  • Complaints: file a complaint with us or with the U.S. Department of Health & Human Services, Office for Civil Rights. You will not be retaliated against for filing a complaint.

To exercise any of these rights, contact our Privacy Officer using the details in Section 15.

11. Telehealth informed consent

By using telehealth features, you consent to receive health care via electronic communications (video and audio). You understand that: telehealth offers benefits and limitations; your Provider may determine that an in-person visit, testing, or referral is needed; care is governed by the laws of the state where you are located during a visit; reasonable measures are used to protect your information but no electronic communication is perfectly secure; and you may withhold or withdraw consent at any time without affecting your right to future care. Visit details, notes, and summaries (which may be AI-assisted) become part of your record.

12. California privacy rights

If you are a California resident, you have rights under the California Consumer Privacy Act (as amended), including the right to know or access, delete, and correct personal information, and to opt out of "sale" or "sharing" of personal information. We do not sell or share your personal information as those terms are defined. Medical information governed by HIPAA and the California Confidentiality of Medical Information Act is handled under those laws. We do not discriminate against you for exercising your rights. To make a request, contact us using Section 15, and we will verify your identity before responding.

13. Children

The Services are intended for adults (18+) and are not directed to children. We do not knowingly collect information from children without appropriate authorization from a parent or guardian.

14. Changes to this Notice

We may update this Privacy Policy & HIPAA Notice from time to time. We will post the updated version with a new "Last updated" date, and where required by law, provide additional notice. The current Notice applies to all information we hold.

15. Contact & Privacy Officer

For privacy questions, to exercise your rights, or to file a complaint:

  • Privacy Officer: Deanna Oliver, MD
  • Email: info@instacured.com
  • Mail: InstaCured Corp / InstaCured Medical Group Inc., 402 West Broadway #400, San Diego, CA 92101
  • Phone: 1-866-CURE-101
  • You may also complain to the U.S. Department of Health & Human Services, Office for Civil Rights, at hhs.gov/ocr.