Patient PortalEmployer Portal

Notice of Privacy Practices

Last Updated: December 17, 2025

This Notice explains how we may use and disclose your Protected Health Information (PHI) and describes your rights and our obligations under the Health Insurance Portability and Accountability Act (HIPAA).

1. Who We Are

This Notice applies to Patricia H. Janki M.D., P.A., doing business as "ECare Medical Group," our group of companies, our healthcare staff, employees, and business associates who support our services.

2. Your Health Information

We create and receive records that identify you and relate to your past, present, or future health and payment for care. This information may include your name, date of birth, contact information, medical history, insurance details, and information about the care you receive. Collectively, this is Protected Health Information ("PHI").

3. Uses and Disclosures We May Make Without Your Written Authorization

  • Treatment: To provide, coordinate, or manage your care and share information with other vendors, providers, and pharmacies involved in your treatment.
  • Payment: To verify benefits and obtain payment from you, your insurer, or a third-party payer. While HIPAA permits us to use and disclose PHI for payment activities, our public website (www.drjanki.com) does not collect or process credit cards, debit cards, or bank-account information. Payments, when applicable, are handled either through our secure third-party patient portal (PrognoCIS) or, in the case of future services, through a separate system that includes its own dedicated payment and privacy notices.
  • Healthcare Operations: For quality improvement, staff training, auditing, compliance, credentialing, and general operations.
  • Communications: We may use your information to contact you via email, phone, or text regarding appointment reminders, test results, or health-related services that may be of interest to you.

4. Scheduling, AI Chatbot ("Thaliya"), and Identity Verification

When you use our website scheduling tools or our AI virtual assistant "Thaliya", we may use and disclose PHI to confirm your identity, schedule/reschedule/cancel appointments, open patient tickets, update records, and communicate with you about your care.

  • Data Handled: Chatbot requests may include, but not be limited to, your name, date of birth, phone number, email address, home address, and insurance information.
  • Protection: Our AI services are HIPAA compliant and operate under a strict Business Associate Agreement (BAA). No PHI processed by Thaliya is used by third-party vendors for their own purposes.

5. Other Disclosures Permitted or Required by Law

  • Public health activities and disease reporting.
  • Health oversight activities (audits, inspections, investigations).
  • Responding to court orders, subpoenas, or law enforcement requests.
  • To reduce or prevent a serious threat to health or safety.
  • Specialized government functions as permitted by law.

6. Disclosures That Require Your Written Authorization

We will obtain your written authorization before using or disclosing your PHI for purposes not described in this Notice, including most marketing communications and any sale of PHI. If you authorize us to use or disclose PHI, you may revoke that authorization at any time in writing, except to the extent we have already acted in reliance on it.

7. Your Rights

  • Right to Access: Request to inspect and obtain copies of your medical records.
  • Right to Amend: Request corrections to information you believe is inaccurate or incomplete.
  • Right to Request Restrictions: Ask us to limit certain uses or disclosures (we may not always be able to agree).
  • Right to Confidential Communications: You have the right to request that we communicate with you about your health matters by alternative means or at alternative locations (e.g., only calling you at work or sending mail to a different address). You must make this request in writing.
  • Right to an Accounting of Disclosures: Request a list of certain disclosures we have made of your PHI.
  • Right to a Paper Copy: Request a paper copy of this Notice at any time.

To exercise your rights, contact us at info@drjanki.com.

8. Patient Portal

You can securely access your medical records, lab results, prescriptions, and communicate with our care team through our Patient Portal (powered by PrognoCIS).

9. Our Duties

  • We are required by law to maintain the privacy and security of your PHI.
  • We will notify you as required by law if a breach compromises the privacy or security of your PHI.
  • We must follow the duties and privacy practices described in this Notice.

10. Safeguards

We implement administrative, technical, and physical safeguards to protect PHI against unauthorized access, use, or disclosure.

11. Complaints

If you believe your privacy rights have been violated, you may file a complaint with us at info@drjanki.com or with the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint.

12. Changes to This Notice

We may revise this Notice at any time. The updated Notice will be posted on our website with a new effective date.

13. Contact Us

Patricia H. Janki M.D., P.A., DBA ECare Medical Group
13601 Woodforest Blvd
Houston, TX 77015
Phone: (713) 330-4325
Website: www.drjanki.com