+1 956-504-7121
info@jaimesgomezmd.com

Follow Us:

Schedule an Appointment

Privacy Policy

Effective Date: January 2019
Last Updated: August 2025

This Privacy Policy (“Policy”) governs the collection, use, processing, and disclosure of personal information by Gomez Cardiovascular, its subsidiaries, affiliates, related entities, successors, assigns, and all associated websites, mobile applications, digital platforms, and services (collectively “Company,” “we,” “us,” or “our”). This Policy applies to all individuals who access or use our services, websites, or digital properties, including patients, visitors, and other users (“you,” “your”). By accessing, using, or interacting with any of our platforms or services, you acknowledge that you have read, understood, and agree to be bound by this Policy and our Terms of Service.

1. SCOPE AND APPLICATION

This Policy covers all Gomez Cardiovascular digital properties, including but not limited to:

  • Official website content (including archived content at jaimesgomezmd.com)

  • Patient portals and mobile applications

  • Third-party integrations, analytics, and marketing partners

2. INFORMATION WE COLLECT

We collect personal information necessary for clinical, administrative, financial, and operational purposes, including:

Personal Identifiers & Contact Details:
Full name, date of birth, email addresses, phone numbers, postal addresses, emergency contacts.

Health Information (Protected Health Information – PHI):
Medical history, diagnoses, treatment plans, medications, imaging results, laboratory information, genetic data, biometric data, and other clinical details necessary for care.

Financial and Insurance Information:
Insurance policy numbers, claim data, payment information, billing history, and authorization details.

Technical and Usage Data:
IP address, device identifiers, browser type, cookies, log data, geolocation, and analytics collected via automated means.

Sensitive Information:
Race/ethnicity, health status, genetic and biometric identifiers, sexual orientation, gender identity, and other categories where required for healthcare delivery or permitted by law.

3. HOW WE COLLECT INFORMATION

3.1 Direct Collection

Information is collected during:

  • Patient intake and registration

  • Appointment scheduling and clinical visits

  • Patient communications (email, call center, secure messaging)

  • Financial interactions (billing, insurance coordination)

3.2 Automatic and Passive Collection

We use website analytics, cookies, and tracking technologies to measure:

  • Website and portal usage

  • Functionality and interaction patterns

  • Device and browser performance metrics

3.3 Third-Party Sources

We may receive information from:

  • Referral sources and healthcare providers

  • Insurance carriers and clearinghouses

  • Public records and institutional data services

  • Marketing and analytics partners

4. THIRD-PARTY SERVICE PROVIDERS

We may use services such as analytics platforms, marketing tools, scheduling systems, payment processors, communication services, and other business tools. This includes common digital services not explicitly listed here but used for operational excellence.

5. LEGAL BASIS FOR PROCESSING

We process personal information based on:

  • Consent provided by you

  • Performance of healthcare and treatment services

  • Compliance with legal, regulatory, and public health obligations

  • Legitimate business interests (e.g., service improvement, quality assurance)

  • Vital interests in emergencies

6. USES OF INFORMATION

Your information is used for:

  • Direct patient care and clinical support

  • Appointment management and care coordination

  • Billing, insurance claims, and financial operations

  • Medical record maintenance and interoperable systems

  • Patient engagement and communication

  • Quality improvement and operational analytics

  • Research (where authorized and compliant with applicable laws)

  • Marketing and informational outreach with consent

7. INFORMATION SHARING AND DISCLOSURE

We may share information with:

  • Healthcare providers and treatment teams

  • Insurance entities and clearinghouses

  • Business associates under confidentiality agreements

  • Legal and regulatory bodies when required

  • Third-party service providers supporting our operations

8. DATA RETENTION

We retain information according to applicable laws and business needs:

  • Medical and clinical records: minimum 7 years from last date of service

  • Financial records: 7 years from transaction

  • Marketing data: until consent withdrawal or long-term inactivity

  • Technical log data: for infrastructure maintenance

9. SECURITY MEASURES

We implement reasonable safeguards including:

  • Encryption in transit and at rest

  • Multi-factor authentication

  • Access controls and monitoring

  • Regular security assessments and audits

10. YOUR PRIVACY RIGHTS

Depending on jurisdiction, you may have rights including:

  • Access to your personal data

  • Correction or amendment of inaccurate information

  • Restriction of certain processing

  • Data portability

  • Opt-out of marketing

  • Complaints to regulatory authorities

11. COOKIES & TRACKING

11.1 Types of Cookies We Use

Essential Cookies: Required for website functionality
Analytics Cookies: Track website usage and performance
Marketing Cookies: Enable targeted advertising
Preference Cookies: Remember your settings and choices

11.2 Cookie Management

You can control cookies through:

  • Browser settings and preferences
  • Third-party opt-out tools
  • Our cookie consent management platform
  • Individual service opt-out mechanisms

11.3 Do Not Track Signals

We currently do not respond to Do Not Track signals, but we provide other privacy controls as described in this Policy.

12. INTERNATIONAL DATA TRANSFERS

When we transfer data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions by relevant authorities
  • Binding Corporate Rules (where applicable)
  • Certification schemes and codes of conduct
  • Additional safeguards as required by law

13. CHILDREN’S PRIVACY

13.1 Pediatric Services

We provide specialized pediatric cardiology services and collect information from minors with appropriate parental consent.

13.2 COPPA Compliance

For children under 13, we:

  • Obtain verifiable parental consent
  • Limit collection to necessary information
  • Provide parents with access and control rights
  • Implement enhanced security measures

13.3 Teen Privacy

For adolescents 13-17, we balance parental rights with patient confidentiality as required by applicable laws.

14. BREACH NOTIFICATION

In the event of a data breach, we will:

  • Conduct immediate risk assessment
  • Notify affected individuals within 60 days (or as required by law)
  • Report to regulatory authorities within 2 weeks
  • Implement additional safeguards to prevent future incidents

15. DISCLAIMERS AND LIMITATIONS

Complete Disclaimer of Third-Party Liability:
Gomez Cardiovascular, including its officers, directors, employees, agents, contractors, successors, assigns, and all affiliated entities (collectively, “Company”), expressly disclaims all responsibility, liability, and warranties for any and all third-party services, platforms, applications, websites, plugins, widgets, APIs, software, hardware, devices, systems, networks, or any other external services or products that may be accessed, integrated with, linked to, embedded in, or otherwise connected to our digital properties or services, whether specifically identified in this Policy or not. This disclaimer applies to all third-party entities including but not limited to: Google (including Analytics, Ads, Maps, YouTube, Gmail, Drive, etc.), Facebook/Meta (including Facebook, Instagram, WhatsApp, Messenger), Microsoft (including Office 365, Azure, Outlook), Apple (including iCloud, App Store), Amazon (including AWS), healthcare technology vendors, electronic health record providers, practice management systems, billing and payment processors, insurance companies and clearinghouses, telecommunications providers, internet service providers, cloud storage vendors, cybersecurity vendors, marketing platforms, analytics services, social media platforms, review and directory services, mapping services, translation and accessibility tools, appointment scheduling systems, telemedicine platforms, medical device manufacturers, laboratory and imaging services, referral networks, professional associations, accreditation bodies, regulatory agencies, government websites, educational institutions, research organizations, and any other external entities or services that interact with or support our operations.

No Control or Endorsement:
Company has no control over and does not endorse, recommend, warrant, or guarantee the accuracy, completeness, reliability, availability, functionality, security, privacy practices, content, products, or services of any third-party platforms. Gomez Cardiovascular is not responsible for the acts, omissions, policies, practices, terms of service, privacy policies, data handling, security measures, technical failures, service interruptions, data breaches, unauthorized access, malware, viruses, or any other issues related to third-party services. Users access and use third-party services entirely at their own risk and discretion.

Independent Contractor Relationship:
All third-party service providers are independent contractors and are not agents, employees, partners, or representatives of Gomez Cardiovascular. Company does not control the daily operations, policies, procedures, or practices of any third-party service provider.

Limitation of Liability for Third-Party Actions:
To the fullest extent permitted by law, Gomez Cardiovascular shall not be liable for any direct, indirect, incidental, special, consequential, punitive, or exemplary damages arising from or related to third-party services, including without limitation: data breaches, privacy violations, unauthorized access, identity theft, financial fraud, service interruptions, technical failures, lost or corrupted data, system crashes, malware infections, phishing, social engineering, account compromise, payment processing failures, insurance claim or authorization issues, scheduling conflicts, communication failures, accessibility errors, content inaccuracies, regulatory violations, legal actions, business interruptions, lost profits, lost opportunities, reputational harm, emotional distress, physical injury, property damage, or any other losses of any kind, whether arising out of contract, tort (including negligence), strict liability, or any other legal theory, even if Gomez Cardiovascular has been advised of the possibility of such damages.

16. POLICY UPDATES

16.1 Notification of Changes

We will notify you of material changes through:

  • Email notifications to registered users
  • Prominent website notices
  • Direct mail for significant changes
  • Updated effective dates on this Policy

16.2 Continued Use

Your continued use of our services after policy updates constitutes acceptance of the revised terms.

17. CONTACT INFORMATION & RIGHTS REQUESTS

Gomez Cardiovascular Clinic — Main Contact
Address: 5700 N Expressway 77/83, Suite 102, Brownsville, TX 78526, USA Healthgrades
Phone: (956) 504-7121 NPI Registry
Alternate Locations:

Email: (Use official clinic contact channels as provided on patient communications or •office email as listed on website if available.)

Response time for privacy rights requests: up to 90 days.

18. LEGAL COMPLIANCE STATEMENT

This Policy is designed to align with applicable privacy laws including, where relevant:

  • HIPAA (Health Insurance Portability and Accountability Act)

  • State privacy regulations (e.g., CCPA/CPRA)

  • International standards where applicable

Skip to content