HIPAA notice

Last updated: 2026-05-28

HIPAA scope clarifiedNo PHI collectionPartner boundary documented

Health-information privacy is a recurring question from readers, partners, and regulators. This page exists to be explicit: GLPZoom is not a HIPAA-covered entity, does not function as a business associate of any covered entity, and does not receive, store, or process Protected Health Information (PHI) as defined under HIPAA. Here is the full picture.

What HIPAA covers

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) applies to three categories of “covered entities”: (1) health plans (insurance carriers, HMOs, Medicare/Medicaid programs); (2) healthcare providers who transmit health information electronically in connection with covered transactions (clinicians, hospitals, pharmacies); and (3) healthcare clearinghouses. HIPAA also applies to “business associates” that perform functions involving PHI on behalf of covered entities.

Why GLPZoom is not covered

GLPZoom is an independent editorial and comparison platform. We are not:

A health plan, insurance carrier, or benefits administrator.
A healthcare provider. We do not conduct clinical evaluations, write prescriptions, or deliver care.
A pharmacy or pharmacy benefit manager.
A clearinghouse processing electronic transactions on behalf of covered entities.
A business associate of any covered entity. We have no contracts that involve receiving or processing PHI.

Because we do not fall within any HIPAA category and do not receive PHI from covered entities, HIPAA does not apply to GLPZoom's operations.

What we do not collect

To stay outside the PHI threshold, our intake design avoids collecting identifiers that, combined with health information, would constitute PHI under 45 CFR §160.103. Specifically, we do not collect:

Social Security numbers
Medical record numbers, health plan beneficiary numbers, or account numbers
Health insurance carrier names tied to your identity (we ask about coverage in general terms; we do not store carrier name + your identity together)
Prescription history, diagnosis codes (ICD-10), or procedure codes (CPT)
Lab results or biometric measurements taken by a provider
Clinician names tied to your record
Photographs or biometric identifiers

Our quiz asks general lifestyle and preference questions (height, weight estimate, goals, comfort with injection vs. pill). This is consumer health-interest information, not PHI received from a covered entity. We treat it with care anyway; see our privacy policy.

When PHI does come into play

When you click through to a partner telehealth service and create an account, complete an intake, or speak with a clinician on that partner's platform, you may be entering a HIPAA-regulated relationship. That happens on the partner's systems, under the partner's notice of privacy practices, not on GLPZoom.

The information you share with the partner clinician is PHI subject to HIPAA on their side. We never receive that information back. We receive only an anonymous click identifier confirming you completed the qualifying action, used for commission attribution.

Comparison shopping is not a covered transaction

Reading content about medications, comparing telehealth services, or using our pricing-comparison tools does not create a HIPAA-regulated relationship between you and GLPZoom. We are an editorial and affiliate-comparison platform, not a healthcare delivery service.

What this means for partners and B2B clients

Partners evaluating GLPZoom for editorial placement or affiliate partnership occasionally ask for a Business Associate Agreement (BAA). Because we do not receive PHI from any covered entity, a BAA is not applicable to our relationship: there is no PHI to govern. We can provide:

A written attestation that we are not a covered entity or business associate
Our data-processing addendum (DPA) covering GDPR / CCPA / other privacy laws that DO apply
Our sub-processor list and infrastructure security overview
SOC 2 alignment status (in progress; target Q4 2026)

Request these documents: [email protected].

If you need actual healthcare

GLPZoom is not a substitute for medical care. If you need a diagnosis, prescription, or treatment plan, contact a licensed healthcare provider directly. See our medical disclaimer for the full framing.