Privacy Policy

Effective Date: March 24, 2026

This Privacy Policy describes how we collect, use, and share your personal information when you use our website. For information about how we handle your protected health information under HIPAA, please see our Notice of Privacy Practices.

1. Who We Are

Lean Medical PC ("Lean Medical," "we," "us," or "our") is a professional medical corporation organized under the laws of the State of California. We operate a platform that connects licensed mental health clinicians with patients seeking in-network outpatient behavioral health care. Our website is located at leanmedical.ai.

2. Information We Collect

2.1 Information You Provide Directly

  • Contact information: name, email address, phone number, mailing address
  • Professional credentials: license number, NPI, specialty, practice information (for clinicians)
  • Insurance and billing information: insurance carrier, member ID, date of birth
  • Health information: intake forms, clinical questionnaires, treatment-related communications
  • Account information: login credentials and profile data
  • Communications: messages, emails, and inquiries you send to us

2.2 Information Collected Automatically

  • Device and browser information: IP address, browser type, operating system
  • Usage data: pages visited, time on site, referring URL
  • Cookies and similar technologies: session cookies used for site functionality

2.3 Information from Third Parties

  • Insurance payers: eligibility and benefits verification data
  • Professional directories: publicly available clinician profile information
  • Credentialing databases: CAQH, NPPES, and state licensing board data

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing and managing mental health services, including matching patients with clinicians
  • Processing insurance claims, billing, and payments
  • Clinician credentialing, onboarding, and network management
  • Verifying insurance eligibility and obtaining prior authorizations
  • Communicating with you about appointments, services, and account activity
  • Complying with legal and regulatory obligations, including HIPAA
  • Improving our platform, services, and user experience
  • Preventing fraud and ensuring security of our systems

4. How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

  • With clinicians in our network, as necessary for treatment and care coordination
  • With insurance payers, for claims processing, eligibility verification, and prior authorizations
  • With credentialing organizations (e.g., CAQH) as required for provider enrollment
  • With our business associates who perform services on our behalf, subject to HIPAA-compliant Business Associate Agreements
  • With government agencies, as required by law or in response to valid legal process
  • To protect rights, safety, or property of Lean Medical, our patients, or the public

5. Cookies and Tracking Technologies

Our website uses essential cookies required for site functionality (e.g., session management). We do not currently use third-party advertising cookies or cross-site tracking technologies. If this changes, we will update this policy and provide appropriate notice and choice.

6. Data Security

We implement administrative, physical, and technical safeguards designed to protect your information in accordance with HIPAA Security Rule requirements. These include encryption of data in transit and at rest, access controls, workforce training, and regular security assessments. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

7. Data Retention

We retain personal information and health records for the minimum periods required by applicable federal and state law. For medical records in California, this is generally a minimum of seven years from the date of last treatment (or longer for minors). Non-health personal data is retained for as long as necessary to fulfill the purposes described in this policy or as required by law.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your information, subject to legal retention requirements
  • Opt-Out of Sale: We do not sell personal information, but you have the right to direct us not to
  • Non-Discrimination: We will not discriminate against you for exercising your privacy rights

California residents may have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). For health information rights, see our Notice of Privacy Practices.

9. Children's Privacy

Our website is not directed to children under 13. We do not knowingly collect personal information from children under 13 through our website. However, we do provide clinical services to minors (pediatric patients) with the consent of a parent or legal guardian, and related health information is handled in accordance with HIPAA and applicable state law.

10. Changes to This Policy

We may update this privacy policy from time to time. We will post any changes on this page and update the effective date. Material changes will be communicated through our website or by direct notice.

11. Contact Us

If you have questions about this privacy policy, contact us at:

Lean Medical PC

Email: privacy@leanmedical.ai

Website: leanmedical.ai