top of page

Privacy Policy

Last updated: 10/04/2025

​

At Nadora Urgent Care, your privacy is our priority. We are committed to protecting your personal and health information in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the Colorado Privacy Act (CPA).

​

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (https://www.nadoraurgentcare.com) or receive medical services at our clinic.

​

1. Information We May Collect

We may collect both Protected Health Information (PHI) and personal information as defined under HIPAA and Colorado law.

​

A. Protected Health Information (PHI)

PHI refers to identifiable health-related information that we collect in connection with your care or payment for services. Examples include:

  • Name, address, phone number, or email

  • Date of birth, age, or demographic data

  • Medical history, diagnosis, treatment details, and provider notes

  • Insurance, billing, and payment information

  • Appointment history and prescriptions

​

B. Personal Information (Non-PHI)

When you visit our website, we may collect:

  • IP address, browser type, and operating system

  • Device information and referring URLs

  • Pages visited and duration of visit

  • Information provided through forms or contact requests

​

This helps us improve website performance and patient experience.

​

2. How We Use Your Information

We use your information for legitimate medical, administrative, and operational purposes, including:

  • Providing urgent care and medical treatment

  • Scheduling and managing appointments

  • Communicating test results or follow-up instructions

  • Verifying insurance eligibility and processing payments

  • Conducting quality improvement and compliance reviews

  • Complying with federal, state, or local laws and regulations
     

We will never sell or rent your personal or health information.

​

3. How We Share Your Information

We may share your PHI only when necessary and permitted by law, including:

  • Treatment: Sharing your information with other healthcare professionals involved in your care.

  • Payment: Coordinating with your insurance carrier or billing service providers.

  • Healthcare Operations: Quality assessments, licensing, audits, and training activities.

  • Business Associates: Vendors assisting in clinic operations (e.g., billing, cloud storage, or electronic health records). Each partner is bound by a Business Associate Agreement (BAA) to protect your PHI.

  • Legal and Public Health Requirements: When required to prevent disease, report abuse, comply with subpoenas, or cooperate with regulatory agencies.
     

All disclosures are limited to the minimum necessary to fulfill their intended purpose.

​

4. Your Rights Under HIPAA and Colorado Law

You have several important rights regarding your health and personal information:

  • Access: Request copies of your medical or billing records.

  • Amendment: Request corrections to incomplete or inaccurate information.

  • Restrictions: Request limits on certain uses or disclosures of your PHI.

  • Confidential Communications: Request alternative means or locations for contact (e.g., work phone instead of home).

  • Accounting of Disclosures: Request a list of certain disclosures we’ve made of your PHI.

  • Data Portability (Colorado CPA): Request a copy of your personal information in a portable and readily usable format.

  • Deletion (Colorado CPA): Request deletion of certain personal information, subject to healthcare record retention requirements.

  • Non-Discrimination: You will never be denied care or treated differently for exercising your privacy rights.

​

To exercise these rights, contact our Privacy Officer (see Section 11 below).

​

5. How We Protect Your Information

We maintain comprehensive administrative, technical, and physical safeguards to protect your data, including:

  • Encryption of electronic records and secure data transmission

  • Role-based access controls for staff and vendors

  • Regular compliance training and audits

  • Secure data storage and disposal procedures

​

While we follow strict security standards, no system can be entirely immune from risk. Please avoid sharing sensitive medical details through unencrypted channels.

​

6. Cookies, Analytics & TWIPLA

Our website may use cookies and analytics tools (such as Google Analytics & TWIPLA) to collect non-identifiable information about website use. This helps us improve user experience and website performance. You can control cookies through your browser settings, though some features may not function properly if cookies are disabled.

​

TWIPLA is a website analytics service that measures traffic on our website and collects general information from our website visitors. We create statistics to improve the experience of our website visitors. We never use cookies for this purpose. As a website operator using TWIPLA to conduct reach measurement, depending on the level of data protection we have activated, we may process information about the device you are using and its characteristics, information about technical characteristics of the website visit, the number of page visits and statistically relevant behavior of our website visitors. The technology does not use the collected data to identify individual visitors or to match the data with additional information about an individual user. Depending on the location from which you access our website, TWIPLA may not collect any information about the device you are using due to our technical settings.

​

7. Email, SMS, and Online Communication

If you contact Nadora Urgent Care through email, web form, or text message, please note that standard communications are not always encrypted. By using these channels, you consent to receive responses in the same format unless you request otherwise. We encourage patients to use our secure patient portal for sensitive health communications.

​

8. Third-Party Websites

Our website may link to third-party resources for your convenience. Nadora Urgent Care is not responsible for the privacy practices, policies, or content of external websites. Please review their privacy policies before submitting personal information.

​

9. Data Retention and Record-Keeping

We retain medical records in accordance with federal HIPAA regulations and Colorado state law, which generally require healthcare providers to keep adult medical records for at least seven (7) years from the last date of treatment (and longer for minors). After this period, records are securely destroyed or anonymized.

​

10. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in legal requirements or our practices. The updated version will be posted on our website with a revised “Last Updated” date. Your continued use of our website or services indicates acceptance of any updates.

​

11. Contact Information

If you have questions about this Privacy Policy, your rights, or our privacy practices, please contact:

Privacy Officer — Nadora Urgent Care
Email: nic.morse@nadorahealthcare.com
Phone: (970) 212-5150
Mailing Address: Nadora Healthcare, 6200 West 9th Street, Greeley, CO 80634

​

You may also contact the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR):
https://www.hhs.gov/ocr/privacy/hipaa/complaints

​

12. Your Consent

By using Nadora Urgent Care services or visiting GreeleyClinic.com, you consent to the collection and use of information in accordance with this Privacy Policy.

bottom of page