PRIVACY POLICY
Wunderlich Chiropractic
Last Updated: 3-10-2026
This Privacy Policy explains how Wunderlich Chiropractic collects, uses, stores, and protects the personal information of our patients and website visitors. We are committed to handling your information with the highest standards of privacy, confidentiality, and security, in full compliance with applicable federal and Wisconsin state law, including the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and its implementing regulations.
This policy applies to all patients who receive chiropractic care at our clinic, individuals who contact us via phone, email, or our website, and anyone who uses our online booking system. Please read this policy carefully. By receiving care from us or using our website, you acknowledge that we may handle your information as described here. If you have any questions, please contact us using the details in Section 15.
Wunderlich Chiropractic is a limited liability company (LLC) providing chiropractic services to patients in the Fitchburg, Wisconsin area. Under HIPAA, we are a Covered Entity because we provide healthcare services and transmit health information in connection with insurance billing. This means we are legally required to protect your Protected Health Information (PHI) and to provide you with this Notice of Privacy Practices.
Clinic Name: Wunderlich Chiropractic
Business Structure: Limited Liability Company (LLC)
Address: 2940 Chapel Valley Rd., Fitchburg, WI 53711
Phone: 608-274-7660
Email: matt@wunderlichchiro.com
Website: www.WunderlichChiro.com
We collect a range of personal information to provide you with safe and effective chiropractic care, manage your appointments, process payments, and meet our legal obligations. The categories of information we may collect include the following.
• Full name, date of birth, and gender
• Home address, email address, and telephone number
• Emergency contact name and relationship
Because we provide chiropractic care, we collect detailed health information, which is considered Protected Health Information (PHI) under HIPAA. This includes:
• Chief complaints, symptoms, and reason for visit
• Medical history, including past injuries, surgeries, and illnesses
• Medications and supplements you are currently taking
• Chiropractic examination findings, including postural and range-of-motion assessments
• Spinal and musculoskeletal assessment records
• Diagnosis and treatment plans
• Progress notes, SOAP notes, and clinical records from every appointment
• Referrals to or correspondence from other healthcare providers
• X-ray or diagnostic imaging records, if applicable
• Health insurance provider, policy number, and group number
• Insurance billing records and explanation of benefits (EOB) documents
• Payment method details (card, cash, check)
• Billing address and payment history
• IP address and browser type when you visit our website
• Pages visited, time and duration of visits
• Device information
• Cookies and similar tracking technologies (see Section 12)
• Records of emails, phone calls, or messages you send us
• Appointment booking requests and confirmations
• Marketing email engagement data, if you have opted in to our communications
We collect your information through a number of different channels, depending on how you interact with our clinic.
Directly from you: When you complete intake forms, health history questionnaires, or consent documents — either in our clinic or through our online booking system. Also when you contact us by phone, email, or in person.
Through our online booking system: We use an online appointment booking platform to manage scheduling. When you book an appointment online, we collect the personal and contact information you provide during that process. Please see Section 6 for details about this platform.
Through insurance billing: When we submit claims to your insurance provider on your behalf, we exchange certain Protected Health Information with your insurer as required to process your claim and obtain payment.
Through payment processing: When you pay for services by card, we use secure payment processing systems to handle your payment. We do not store full card numbers ourselves.
Through our website: Certain technical data is collected automatically when you visit www.WunderlichChiro.com, including cookies and browser information.
As a HIPAA Covered Entity, we are permitted to use and disclose your Protected Health Information for the following purposes without requiring your separate written authorization, unless we state otherwise. For any uses or disclosures outside these permitted categories, we will obtain your written authorization before proceeding.
We use your health information to provide, coordinate, and manage your chiropractic care. This includes using your health history to develop treatment plans, reviewing past clinical notes during your appointments, and coordinating with other healthcare providers involved in your care, such as your primary care physician or a specialist, if applicable.
We use and disclose your Protected Health Information to obtain payment for the services we provide. This includes submitting insurance claims to your health insurer, verifying your coverage and benefits, and pursuing payment for any outstanding balances.
We may use your information for our internal clinic operations, including quality assurance, reviewing the effectiveness of treatment approaches, staff training, compliance activities, and business management. This information is used internally and is not shared with third parties for operational purposes unless specifically permitted by HIPAA.
We use your contact information to schedule your appointments, send appointment confirmations, and provide reminders. These communications are part of your care and are not marketing communications.
We may use or disclose your information where required to do so by law, such as in response to a valid court order, subpoena, or public health reporting requirement. We will only disclose the minimum information necessary to comply.
If you have opted in to receive marketing emails from us through our email marketing platform (GoHighLevel), we will use your email address to send you health tips, clinic news, promotional offers, and other communications you have consented to receive. This is entirely separate from your clinical care communications. You may unsubscribe at any time. See Section 11 for details.
Any use or disclosure of your PHI that is not described above will require your written authorization. You have the right to revoke any authorization you have given us at any time, in writing. A revocation will not affect actions we have already taken in reliance on your prior authorization.
We do not sell your personal information. We only share your information with third parties where it is necessary for your care, required by law, or where you have given your authorization. The following parties may have access to your information.
Your clinical records and personal information are accessed only by the treating chiropractor. We do not have additional administrative staff who access patient records. All handling of your information within the clinic is the sole responsibility of the clinic owner.
Where you have provided your insurance information and authorized us to bill on your behalf, we will share the minimum necessary Protected Health Information with your health insurance provider or their authorized representatives to process claims, obtain authorization for treatment, and receive payment. Your insurer has its own privacy practices governing how they handle your information, and we encourage you to review their privacy notice.
We use an online booking platform to manage appointment scheduling. When you book an appointment, your name, contact information, and appointment details are processed through this platform. We have confirmed with our booking provider that patient data is handled in compliance with applicable privacy standards. You should confirm the platform's data processing location by contacting the clinic, as we will update this section once confirmed.
If you have opted in to receive marketing communications from us, your name and email address are stored and processed through GoHighLevel, a customer relationship management and marketing platform. GoHighLevel processes data in the United States. We use this platform solely for marketing communications you have consented to receive, and we do not use it to store your clinical health records. For more information about GoHighLevel's data practices, please visit their website.
Payments made by credit or debit card are processed through secure, industry-standard payment processing systems. We accept card payments in-clinic. We do not store your full card details. Our payment processing arrangements comply with Payment Card Industry Data Security Standards (PCI DSS).
We may disclose information to law enforcement, courts, regulatory bodies, or public health authorities where we are legally required to do so. This may include mandatory reporting obligations under Wisconsin state law or federal regulations.
Any third-party service provider that handles your PHI on our behalf is required under HIPAA to enter into a Business Associate Agreement (BAA) with us. This agreement legally obligates them to protect your information in accordance with HIPAA standards. We ensure that appropriate BAAs are in place with any vendor that qualifies as a Business Associate.
We retain patient records for a minimum of 8 years from the date of the last clinical service, in accordance with HIPAA requirements and Wisconsin state law. This retention period allows us to comply with our legal obligations, support continuity of care, and defend ourselves in the event of a legal or regulatory dispute.
For patients who were under the age of 18 at the time of treatment, records will be retained until the patient's 19th birthday or for 8 years from the last date of service, whichever period is longer. This ensures compliance with Wisconsin statutes governing the retention of minor patient records.
Once the applicable retention period has expired, records will be securely destroyed or de-identified in a manner that prevents unauthorized access or reconstruction. Electronic records will be permanently deleted from our system. Paper records, if any, will be shredded. We will not retain your information longer than is necessary for its stated purpose or required by law.
If you have opted in to marketing communications, your email and contact details will be held on our GoHighLevel platform until you unsubscribe or request removal. Upon unsubscribing, your information will be removed from active marketing lists promptly.
We take the security of your information seriously and have implemented a range of technical and organizational safeguards to protect your personal and health information from unauthorized access, loss, alteration, or disclosure. The following measures are in place.
• Patient clinical records are stored digitally using a secure electronic health record (EHR) system protected by password authentication and, where applicable, encryption.
• Our website uses HTTPS encryption to protect data transmitted between your browser and our website.
• Payment card data is processed through PCI DSS-compliant systems. We do not store full card numbers.
• Access to digital records is protected by unique login credentials and is limited to authorized individuals.
• Patient records are accessed only by the treating chiropractor. Access is strictly limited on a need-to-know basis.
• We maintain a HIPAA compliance program, including policies and procedures governing the handling of Protected Health Information.
• Any third-party service provider handling PHI is required to sign a Business Associate Agreement and maintain appropriate security standards.
In the event of a data breach involving your Protected Health Information, we will comply with HIPAA's Breach Notification Rule. This means we will notify affected individuals, the U.S. Department of Health and Human Services, and, where required by the scale of the breach, prominent media outlets — within the timeframes specified by law.
Under HIPAA and applicable Wisconsin state law, you have specific rights regarding your Protected Health Information. We are committed to honoring these rights. To exercise any of the rights described below, please contact us in writing using the contact details in Section 15. We will respond to your request within 30 days, or as otherwise required by law.
You have the right to request access to and copies of your medical records and other information we hold about you. This includes your clinical notes, treatment records, and billing records. We may charge a reasonable, cost-based fee for providing copies. In certain limited circumstances, we may deny access, but we will explain the reason and advise you of your options.
If you believe that information in your record is inaccurate or incomplete, you may ask us to amend it. We are not required to make the change, but we must document your request and our response. If we deny your amendment request, we will explain why in writing.
You have the right to request a list of certain disclosures we have made of your PHI. This applies to disclosures made for purposes other than treatment, payment, and healthcare operations, and does not include disclosures you have specifically authorized. You may request one free accounting per year; we may charge for additional requests.
You may ask us to restrict how we use or disclose your PHI. For example, you may ask us not to share certain information with your insurance company. We are not required to agree to all restriction requests, but if we do agree, we will honor the restriction unless it is needed to provide you with emergency treatment. Note: If you ask us to restrict disclosures to your health insurer and you pay for the service yourself in full, we must honor that restriction.
You may request that we communicate with you about your health information in a specific way or at a specific location. For example, you may ask us to contact you only at a particular phone number or to send written communications to a different address. We will honor reasonable requests.
You have the right to receive a paper copy of this Privacy Policy / Notice of Privacy Practices at any time, even if you have previously agreed to receive it electronically. Please contact us and we will provide one promptly.
If you believe your privacy rights have been violated, you have the right to file a complaint with us directly or with the U.S. Department of Health and Human Services. See Section 14 for details. We will not retaliate against you for filing a complaint.
We provide chiropractic care to patients of all ages, including patients under the age of 18. We take additional care to protect the privacy and wellbeing of our minor patients, in compliance with HIPAA and applicable Wisconsin state law.
For patients under the age of 18, a parent or legal guardian must provide consent to treatment and authorize the collection and use of the minor's Protected Health Information. All intake forms, consent documents, and health questionnaires for minor patients must be completed and signed by a parent or legal guardian. The parent or guardian also has the right to access and request amendments to their child's clinical records, subject to applicable law.
In certain circumstances, Wisconsin law permits minors to consent to certain types of healthcare services without parental involvement. Where applicable, we will respect a minor patient's right to privacy regarding such services and will not disclose related PHI to a parent or guardian without the minor's consent, unless required by law or in the event of a safety concern.
As noted in Section 7, records for patients who were minors at the time of treatment are retained until the patient's 19th birthday or for 8 years from the last date of service, whichever is the longer period.
We occasionally send informational and promotional emails to patients who have opted in to receive them. These communications may include health and wellness tips, information about new services, seasonal promotions, and clinic news. Participation in our email marketing list is entirely voluntary and separate from your clinical care.
Marketing emails are sent through GoHighLevel, a digital marketing and CRM platform based in the United States. If you have provided your email address and opted in to receive marketing communications, your email address and name will be stored within this platform for the sole purpose of sending you these communications. Your clinical health records are never shared with this platform.
You may unsubscribe from our marketing emails at any time by clicking the unsubscribe link at the bottom of any marketing email we send you, or by contacting us directly at matt@wunderlichchiro.com or by calling 608-274-7660. Once you unsubscribe, we will remove you from our active marketing lists promptly. Unsubscribing from marketing communications will not affect your receipt of clinical communications such as appointment reminders, which are part of your care and not marketing.
It is important to understand the distinction between the two types of communications we may send you. Appointment reminders, recall notices, post-treatment check-ins, and any messages directly related to your care are clinical communications. These are sent as part of your treatment relationship with us and are not marketing. Marketing emails are separate, optional, and based on your consent.
Our website at www.WunderlichChiro.com may use cookies and similar technologies to improve your browsing experience. Cookies are small text files placed on your device when you visit a website. They help websites function correctly and allow website owners to understand how visitors use the site.
Strictly Necessary Cookies: These are essential for the website to work and cannot be disabled. They include cookies that allow the site to load correctly, maintain session security, and enable the booking system to function.
Functional Cookies: These remember your preferences, such as language or region, to improve your experience on return visits.
Analytical Cookies: If our website uses analytics tools (such as Google Analytics), these cookies collect anonymized data about how visitors use the site, including which pages are most visited and how long visitors spend on the site. This helps us improve our website.
You can control and manage cookies through your browser settings. Most browsers allow you to refuse cookies, delete existing cookies, or be notified when cookies are being set. Please note that disabling certain cookies may affect the functionality of our website, including the ability to book appointments online. For more information about managing cookies, visit www.allaboutcookies.org.
We do not currently use our website cookies to collect health information or to identify individual patients for clinical purposes.
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. When we make material changes — such as changes that affect how we use your health information, who we share it with, or your rights — we will take appropriate steps to notify you.
Notification of material changes may be made by posting an updated policy on our website at www.WunderlichChiro.com, providing written notice at the clinic, or by email if you have provided us with a current email address. We will always display the Last Updated date at the top of this document so you can tell when the most recent revision was made.
For changes that are required by HIPAA or other applicable law, the revised policy will apply to all PHI we hold, including information collected prior to the change. For changes that require your consent, we will ask for it before applying those changes to your information.
We encourage you to review this policy periodically. Your continued use of our services after a policy update constitutes acknowledgment that you have had the opportunity to review the updated policy.
We are committed to handling your personal and health information responsibly. If you have a concern about how we have handled your information, we encourage you to contact us first so we can address the issue directly and promptly.
Please reach out to us by email at matt@wunderlichchiro.com or by calling 608-274-7660. You may also write to us at: Wunderlich Chiropractic, 2940 Chapel Valley Rd., Fitchburg, WI 53711. We take all privacy complaints seriously and will investigate promptly, typically responding within 30 days.
If you believe your rights under HIPAA have been violated and you are not satisfied with our response, you have the right to file a complaint with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR). You will not be penalized or retaliated against for filing a complaint.
You may file a complaint online, by mail, or by phone:
• Online: www.hhs.gov/ocr/complaints
• Phone: 1-800-368-1019 (toll-free) / TDD: 1-800-537-7697
• Mail: Office for Civil Rights, U.S. Department of Health and Human Services, 200 Independence Avenue, SW, Room 509F, HHH Building, Washington, D.C. 20201
Complaints must generally be filed within 180 days of when you knew or should have known about the act or omission you are complaining about. The OCR may extend this deadline in some circumstances.
If you have any questions about this Privacy Policy, wish to exercise your rights, or need to request a copy of your records, please contact us using any of the following details.
Clinic Name: Wunderlich Chiropractic
Address: 2940 Chapel Valley Rd., Fitchburg, WI 53711
Phone: 608-274-7660
Email: matt@wunderlichchiro.com
Website: www.WunderlichChiro.com
3-10-2026
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.