OpsMedOpsMed

Legal

Privacy Policy

Last updated: April 22, 2026. This policy explains how OpsMed collects, uses, and protects information from website visitors and healthcare clients.

1. Who we are

OpsMed (“OpsMed,” “we,” “us,” or “our”) is a HIPAA-aware medical courier and logistics company operating in Southeastern Virginia. This Privacy Policy applies to opsmed.net and to the courier services we provide to healthcare clients.

2. Information we collect

From website visitors

  • Contact details you submit (name, business, phone, email).
  • Quote and delivery request details (pickup/dropoff address, package type, timing).
  • Account credentials if you create an account.
  • Standard technical data (IP address, browser, pages visited) used for security, analytics, and abuse prevention.

From healthcare clients

  • Business contact information and billing details.
  • Pickup/dropoff metadata required to perform a delivery.
  • Limited Protected Health Information (PHI) only when transporting sealed specimens, documents, or supplies on behalf of a covered entity, governed by a Business Associate Agreement (BAA).

3. How we use information

  • To fulfill delivery requests and operate scheduled routes.
  • To communicate confirmations, dispatch updates, and invoices.
  • To maintain chain-of-custody records required for healthcare logistics.
  • To improve service quality, security, and reliability.
  • To comply with legal, tax, and regulatory obligations.

4. HIPAA & Business Associate Agreements (BAA)

When OpsMed transports items on behalf of a HIPAA-covered entity, we act as a Business Associate. We do not open sealed specimens or documents and limit our access to the minimum metadata necessary to complete delivery. BAAs are available on request before service begins.

5. Payments

Payments are processed by Stripe. OpsMed never stores full payment card numbers on this website. Stripe handles card data under PCI-DSS standards.

6. How we share information

We share information only with:

  • Service providers needed to operate the business (hosting, email, payments, authentication).
  • The healthcare client who requested the delivery.
  • Authorities when required by law, subpoena, or to protect safety.

We do not sell personal information.

7. Data security

  • All website traffic is encrypted in transit using TLS (HTTPS).
  • Account passwords are hashed and managed by our authentication provider — never stored or viewable by OpsMed staff.
  • Access to client data is restricted to trained personnel.
  • Drivers complete OSHA Bloodborne Pathogens training where applicable.

8. Data retention

We retain delivery and billing records as long as needed to provide service, satisfy our BAA obligations, and comply with legal and tax requirements. Marketing inquiries are retained until you ask us to delete them.

9. Your choices

  • You may request access, correction, or deletion of your personal information by contacting us.
  • You may unsubscribe from marketing emails at any time.

10. Children

OpsMed services and this website are not directed to minors under 18. We do not knowingly collect personal information from anyone under 18.

11. Changes to this policy

We may update this policy from time to time. Material changes will be reflected by updating the “Last updated” date above.

12. Contact us

Questions about this policy or about a BAA?
OpsMed — Southeastern Virginia
Email: medicalcourier@opsmedofficial.com
Phone: (757) 999-9591

This Privacy Policy is provided for transparency and does not constitute legal advice. Healthcare clients with specific compliance requirements should consult their own counsel and request a BAA.