Privacy Policy

Who we are

Optimal State Health
Effective Date: 3/12/2026
Last Updated: 4/24/2026

Optimal State Health (“we,” “us,” or “our”) respects your privacy and is committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, and safeguard information when you visit our website at optimalstatehealth.com (the “Website”).

For information about how we protect your health information as a patient, please see our Notice of Privacy Practices

Important Distinction: Website Privacy vs. HIPAA

This Privacy Policy governs information collected through our Website — such as browsing data, contact form submissions, and analytics.

If you become a patient of Optimal State Health, your Protected Health Information (PHI) — including medical records, lab results, prescriptions, and clinical communications — is collected and managed through our HIPAA-compliant electronic health record system (Charm Health) and is governed by our Notice of Privacy Practices, which is provided to you during patient intake. That notice, not this policy, describes how your health information is used and your rights under HIPAA.

Optimal State Health maintains full compliance with the Health Insurance Portability and Accountability Act (HIPAA), including the Privacy Rule, Security Rule, and Breach Notification Rule. We have executed Business Associate Agreements (BAAs) with all third-party service providers that handle Protected Health Information on our behalf, including our EHR provider (CharmHealth) and payment processor (Stripe via CharmHealth).

Information We Collect

Information You Provide Directly

Contact form submissions: Your name, email address, phone number, and any message you include when you reach out through our Website.

Email correspondence: Information you share when you email us at support@optimalstatehealth.com or dr@optimalstatehealth.com.

Information Collected Automatically

When you visit our Website, we may automatically collect:

Device and browser information: Browser type, operating system, screen resolution, and device type.

Usage data: Pages visited, time spent on pages, referring website, and clickstream data.

IP address: Your approximate geographic location based on your IP address.

Cookies and similar technologies: Small data files stored on your device that help us understand how you use our Website. See the Cookies section below for details.

How We Use Your Information

We use the information we collect to:

  • Respond to your inquiries and contact form submissions
  • Improve our Website’s content, functionality, and user experience
  • Analyze Website traffic and usage patterns
  • Communicate with you about our services (only if you’ve contacted us first)
  • Comply with legal obligations

We do not use Website data to make clinical decisions. Clinical care is handled entirely through our HIPAA-compliant patient portal.

Cookies and Analytics

Google Analytics

We may use Google Analytics to understand how visitors interact with our Website. Google Analytics collects anonymized data such as pages visited, session duration, and traffic sources. This data is aggregated and does not personally identify you.

You can opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-on.

Cookies

Our Website may use cookies to:

  • Remember your preferences
  • Analyze site traffic and performance
  • Ensure the Website functions properly

You can control or disable cookies through your browser settings. Disabling cookies may affect your experience on our Website.

Third-Party Services

We use the following third-party services in connection with our Website and practice:

ServicePurposeTheir Privacy Policy
Charm HealthPatient portal, EHR, telehealth, schedulingcharmhealth.com/privacy
StripePayment processing (through Charm Health)stripe.com/privacy
Google AnalyticsWebsite analyticspolicies.google.com/privacy
Namecheap / EasyWPWebsite hostingnamecheap.com/legal/privacy

Payments are processed through Stripe via our patient portal (Charm Health), not directly on this Website. We do not store your credit card information on our servers.

Data Security

We implement reasonable administrative, technical, and physical safeguards to protect the personal information we collect through our Website. However, no method of electronic transmission or storage is 100% secure, and we cannot guarantee absolute security.

All data transmitted through our Website is encrypted using Secure Socket Layer (SSL) technology. Our Website operates exclusively over HTTPS to ensure that any information you submit is securely transmitted.

Patient health information is stored in Charm Health’s HIPAA-compliant, encrypted environment — not on our Website.

Data Retention

Website data (contact form submissions, analytics data) is retained only as long as necessary to fulfill the purposes described in this policy. Contact form submissions are retained for up to 24 months unless you request earlier deletion.

Patient medical records are retained in accordance with California medical record retention requirements (minimum 7 years from last date of service, or longer as required by law). Medical record retention is managed through our HIPAA-compliant EHR system (CharmHealth).

Data Breach Notification

In the event of a breach of unsecured Protected Health Information, Optimal State Health will notify affected individuals in accordance with HIPAA’s Breach Notification Rule and applicable state laws, including the California Information Practices Act (Cal. Civ. Code § 1798.82). Notification will be made without unreasonable delay and no later than 60 days from discovery of the breach, as required by law.

Your Rights

All Visitors

You have the right to:

  • Access the personal information we hold about you
  • Request correction of inaccurate information
  • Request deletion of your personal information
  • Opt out of analytics tracking (see Cookies section above)

To exercise any of these rights, contact us at support@optimalstatehealth.com.

California Residents (CCPA Rights)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You may request details about the categories and specific pieces of personal information we have collected about you.
  • Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
  • Right to Opt Out of Sale: We do not sell your personal information to third parties.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a CCPA request, email us at support@optimalstatehealth.com. We will verify your identity before processing your request and respond within 45 days.

Patients (HIPAA Rights)

If you are a patient, your rights regarding Protected Health Information (medical records, lab results, clinical data) are governed by HIPAA and described in detail in our Notice of Privacy Practices, available on our website and provided during intake. Those rights include:

  • Right to access your medical records
  • Right to request amendment of your records
  • Right to an accounting of disclosures
  • Right to request restrictions on how your information is used or disclosed
  • Right to receive confidential communications
  • Right to receive notification of a breach of your unsecured PHI

Contact support@optimalstatehealth.com for HIPAA-related requests.

Children’s Privacy

Our Website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a minor, please contact us immediately at support@optimalstatehealth.com and we will promptly delete it.

Links to Other Websites

Our Website may contain links to third-party websites (such as our patient portal, lab partners, or pharmacy partners). We are not responsible for the privacy practices of those websites. We encourage you to review their privacy policies before providing any personal information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated effective date. Your continued use of our Website after changes are posted constitutes your acceptance of the revised policy.

Contact Us

If you have questions about this Privacy Policy or how we handle your information:

Optimal State Health
Ahmad Ibrahim, DO
Registered office: 4140 Wildflower Way, La Verne, CA 91750
Email: support@optimalstatehealth.com
Phone: 352-280-8222
Website: optimalstatehealth.com

Scroll to Top