Health & Institute
A DBA of Health and Psychiatrists Consultants LLC
Effective Date: 5/12/2026
1. Introduction and Scope
1.1. This Privacy Policy (the “Policy”) describes how Health and Psychiatrists Consultants LLC, a Florida limited liability company doing business as Health & Institute (the “Company,” “Institute,” “we,” “us,” or “our”), collects, uses, stores, discloses, processes, retains, and protects personal information in connection with your access to and use of the website located at https://healthandinstitute.com (the “Platform”), as well as any educational, enrollment, admissions, student support, institutional inquiry, training, certification, assessment, payment, communication, and learning management services offered through or in connection with the Platform.
1.2. The Institute’s principal place of business and contact details for purposes of this Policy are:
Health & Institute
A DBA of Health and Psychiatrists Consultants LLC
3919 Tampa Road
Oldsmar, Florida 34677, USA
Phone: +1 (321) 233-1516
Email: [email protected]
1.3. This Policy applies to prospective students, enrolled students, applicants, users, graduates, institutional partners, employer partners, website visitors, and any other individuals whose information is collected or processed through the Platform or Institute systems.
1.4. This Policy is intended to comply with applicable U.S. privacy, consumer protection, data security, and breach notification laws, including the Federal Trade Commission Act and applicable state privacy laws. The Federal Trade Commission provides business guidance on privacy and security practices, and businesses are expected to make accurate disclosures regarding how information is collected, used, shared, and protected. (Federal Trade Commission)
2. Nature of the Platform and Educational Data Context
2.1. Health & Institute operates as a digital education, professional learning, training, and workforce-readiness platform. The website describes the Institute as offering 3-week intensive, 100% virtual, U.S.-integrated professional training pathways, including healthcare-adjacent and administrative programs delivered through technology-enabled systems. (Health and Institute)
2.2. The Institute may collect and process information relating to applications, admissions, enrollment, tuition, course participation, LMS activity, assessment performance, communications, certificates, institutional inquiries, and partner pathway eligibility.
2.3. Unless expressly stated in writing, the Institute is not a university receiving U.S. federal education funding, a government licensing authority, or a healthcare provider delivering clinical care through the Platform. Accordingly, certain laws applicable to universities, public schools, licensed healthcare providers, or HIPAA-covered clinical services may not apply to all Institute activities. Where a specific law applies to particular data or activity, the Institute will process such information in accordance with that law.
2.4. Where the Institute provides HIPAA-related training, healthcare compliance education, or healthcare-adjacent coursework, such training content does not itself mean that all student data processed by the Institute constitutes Protected Health Information (“PHI”) under HIPAA. Any healthcare privacy obligations arising from future employment, client placement, clinical practice, or covered-entity workflows are governed by the applicable employer, client, covered entity, business associate arrangement, or legal context.
3. Categories of Information Collected
3.1. The Institute may collect personal information directly from you, automatically through your use of the Platform, through learning management systems or education technology platforms, from institutional partners, from payment processors, and from service providers used to administer programs.
3.2. Information collected directly from users may include name, email address, telephone number, mailing address, country or region, age or date of birth where necessary for eligibility purposes, educational background, professional experience, resume or CV information, program interest, enrollment details, submitted documents, personal statements, application responses, institutional inquiry information, and communications with the Institute.
3.3. Student and learner information may include application status, enrollment status, program selection, course progress, module completion, attendance or participation records where applicable, LMS login activity, time spent in learning modules, assessment attempts, grades or scores, certificate eligibility, certificate issuance records, instructor or support communications, disciplinary records, support tickets, appeals, and academic integrity review information.
3.4. Payment and transaction information may include tuition status, invoice details, payment confirmation, refund requests, sponsored-seat status, scholarship or free-access eligibility, payment processor transaction identifiers, billing address, and related financial administration data. The Institute does not intend to store full payment card numbers where payment processing is handled by third-party payment processors.
3.5. Technical and usage information may include IP address, browser type, operating system, device identifiers, pages visited, referral source, time and date of access, interaction data, cookies, analytics events, approximate location derived from technical data, and security logs.
3.6. Institutional partner and employer inquiry data may include organization name, contact person, job title, email, telephone number, region, partnership interest, learner cohort requirements, workforce development goals, and information submitted through institutional prospectus or partnership request forms.
3.7. The Institute may also collect feedback, testimonials, survey responses, support communications, uploaded files, assessment responses, and any other information voluntarily submitted by users. Users should avoid submitting unnecessary sensitive information unless specifically requested through secure channels.
4. Sensitive Information
4.1. The Institute may collect certain information that may be considered sensitive under applicable state privacy laws, including educational background, professional history, financial or tuition-related information, account credentials, assessment performance, identity verification information, or information relating to eligibility for specific training pathways.
4.2. The Platform is not intended for the submission of highly sensitive personal information unless expressly requested through secure channels. Users should not submit Social Security numbers, government identification numbers, bank account credentials, medical records, patient information, protected health information belonging to third parties, passwords, or confidential employer/client data through general website forms, email, or unsecured communication channels.
4.3. The Institute disclaims responsibility for sensitive information voluntarily submitted outside designated secure systems, except to the extent required by applicable law.
5. Purposes of Collection and Use
5.1. The Institute may collect and use personal information for lawful educational, administrative, operational, and business purposes, including admissions review, enrollment administration, course delivery, student support, identity verification, tuition processing, program access, assessment administration, certificate issuance, recordkeeping, compliance, communications, institutional partnership review, and Platform operation.
5.2. The Institute may use student data to administer learning experiences, monitor course progress, assess completion, evaluate academic performance, investigate misconduct, issue certificates, maintain records, provide technical support, and improve curriculum design.
5.3. The Institute may use information to communicate with users regarding admissions, enrollment, course access, tuition, deadlines, assessments, certificates, support requests, policy updates, institutional opportunities, partner pathways, and promotional information, subject to applicable consent and opt-out rights.
5.4. The Institute may use aggregated, anonymized, or de-identified information for analytics, curriculum improvement, quality assurance, institutional reporting, market research, program design, and operational planning.
5.5. The Institute may use information to detect, prevent, investigate, or respond to fraud, abuse, security incidents, unauthorized access, academic misconduct, intellectual property violations, payment disputes, legal claims, or violations of Institute policies.
6. Legal Bases and Compliance Positioning
6.1. The Institute processes information where necessary to provide requested services, administer enrollment, perform contractual obligations, comply with legal duties, pursue legitimate business interests, protect security, obtain consent where required, and maintain accurate institutional records.
6.2. In jurisdictions that require specific legal bases for processing, such bases may include performance of a contract, legitimate interests, consent, legal compliance, fraud prevention, and protection of legal rights.
6.3. The Institute does not represent that all student information is regulated by a single privacy law. Different categories of information may be governed by different legal standards depending on the user’s location, the nature of the information, the applicable service, and the relationship between the Institute and the user.
7. Learning Management Systems, Education Technology, and Analytics
7.1. The Institute may use third-party learning management systems, educational technology platforms, video tools, communication systems, analytics tools, assessment platforms, and hosting providers to deliver coursework and manage student participation. The website references iSpring Learn as part of the Institute’s learning management and analytics structure. (Health and Institute)
7.2. Such systems may collect and process LMS activity data, including login information, course progress, module completion, quiz and assessment activity, time spent in learning materials, device information, and technical logs.
7.3. LMS and assessment data may be used to determine completion status, certificate eligibility, academic performance, support needs, quality assurance, and program improvement.
7.4. Third-party technology providers may process information on the Institute’s behalf subject to applicable contractual obligations, platform terms, and privacy practices.
8. HIPAA Training, Healthcare Content, and Health-Related Education Data
8.1. The Institute may provide HIPAA compliance training, healthcare documentation training, data privacy education, medical terminology, clinical operations education, and related healthcare-adjacent coursework. The website references HIPAA compliance training and healthcare data integrity training as part of the Institute’s educational model. (Health and Institute)
8.2. The Institute does not knowingly request or require students to submit actual patient PHI as part of general coursework, admissions, assessments, or website forms. Students must not upload or disclose real patient records, client records, employer records, or protected health information unless expressly authorized through a controlled and legally compliant process.
8.3. Any simulated patient scenarios, sample documentation, educational cases, or training exercises are intended for instructional use and should not include real patient identifiers unless specifically authorized and governed by appropriate legal safeguards.
8.4. Completion of HIPAA training does not itself make a learner, employer, healthcare practice, remote worker, contractor, organization, system, workflow, or client “HIPAA compliant.” HIPAA compliance depends on operational safeguards, legal agreements, role-based access controls, policies, supervision, and implementation by the applicable covered entity, business associate, employer, client, or organization.
8.5. The FTC Health Breach Notification Rule applies to certain vendors of personal health records and related entities in the event of a breach involving unsecured information; while the Institute is primarily an educational platform, any health-related consumer data handled outside HIPAA may be evaluated under applicable FTC or state privacy rules where relevant. (Federal Trade Commission)
9. Disclosure of Information
9.1. The Institute may disclose personal information to service providers that support website hosting, learning management systems, payment processing, email delivery, SMS or communication tools, analytics, cloud storage, security monitoring, customer relationship management, technical support, and administrative operations.
9.2. The Institute may disclose student information internally to authorized personnel, instructors, administrators, support staff, compliance personnel, finance personnel, IT personnel, and management where necessary to administer programs, provide services, resolve issues, or protect institutional interests.
9.3. The Institute may disclose information to institutional partners, employer partners, Health & Group-affiliated entities, Health & Virtuals, or other partner pathways where the user has requested or consented to such referral, application, sponsored access, placement review, eligibility evaluation, or institutional coordination.
9.4. The Institute may disclose information where required by law, subpoena, court order, regulatory request, law enforcement request, government inquiry, or legal process, or where necessary to protect the rights, safety, property, security, or legal interests of the Institute, users, partners, or others.
9.5. The Institute may disclose aggregated, anonymized, or de-identified information for institutional reporting, program improvement, quality assurance, marketing, research, or business purposes, provided such information does not reasonably identify an individual.
9.6. The Institute does not sell personal information for monetary consideration. However, certain disclosures to partners or affiliates for program administration, admissions processing, sponsored access, or pathway facilitation may be considered “sharing” under some state privacy laws, depending on context. Where required by law, users may request to opt out of such sharing.
10. Health & Group Affiliates and Partner Pathways
10.1. The Institute may coordinate with affiliated entities within the Health & Group ecosystem, including where a student applies through, is sponsored by, or seeks consideration for a workforce pathway associated with another Health & Group entity.
10.2. The website references a partnership with Health & Virtuals through which certain international applicants may access training at no cost and follow a training-to-placement pathway. (Health and Institute)
10.3. Where a user voluntarily registers through a partner pathway, requests placement consideration, applies for sponsored access, or authorizes referral, the Institute may share relevant information with the applicable partner for eligibility review, training access, assessment, communication, operational administration, and pathway evaluation.
10.4. Partner pathways are subject to separate policies, eligibility standards, assessments, agreements, and privacy practices. Completion of an Institute program does not guarantee employment, placement, interview selection, client assignment, or acceptance by any partner.
11. Payment Processors and Financial Information
11.1. Where users pay tuition, fees, registration charges, or other amounts, payment information may be processed by third-party payment processors.
11.2. The Institute may receive transaction confirmations, payment status, billing details, invoice information, refund status, and related payment administration data.
11.3. The Institute does not intend to store full payment card details where such data is handled by third-party processors. Payment processors are responsible for their own systems, security, and privacy practices.
12. Cookies, Tracking Technologies, and Website Analytics
12.1. The Platform may use cookies, pixels, scripts, tags, local storage, analytics tools, and similar technologies to enable functionality, measure website performance, understand user interactions, improve user experience, support admissions and inquiry workflows, attribute marketing sources, and maintain security.
12.2. Cookie and tracking technologies may collect technical and usage information such as IP address, device identifiers, browser type, pages visited, referral source, time spent on pages, and interaction events.
12.3. The Institute does not knowingly use cookies or tracking tools to collect real patient records, third-party PHI, or clinical care information.
12.4. Users may manage cookie preferences through browser settings or any cookie management interface made available by the Institute. Some functionality may not operate properly if cookies are disabled.
12.5. Additional information may be provided in the Institute’s Cookie Policy.
13. Communications, Email, SMS, and Marketing
13.1. By submitting contact information, applying for a program, requesting information, creating an account, enrolling in a course, or communicating with the Institute, you consent to receive communications by email, telephone, SMS, messaging application, LMS notification, or other electronic means.
13.2. Communications may include admissions messages, program updates, tuition notices, deadlines, assessment reminders, certificate information, account alerts, support responses, legal notices, security notices, institutional opportunities, partner pathway information, and promotional content.
13.3. You may opt out of non-essential marketing communications in accordance with applicable law. The Institute may continue to send transactional, academic, enrollment, legal, payment, security, support, and service-related communications.
13.4. Message and data rates may apply for SMS or mobile communications.
14. Data Retention
14.1. The Institute retains personal information for as long as necessary to fulfill the purposes described in this Policy, including educational administration, student recordkeeping, certificate verification, legal compliance, payment administration, dispute resolution, fraud prevention, quality assurance, and enforcement of agreements.
14.2. Student records, assessment records, certificate issuance records, payment records, communications, and academic integrity records may be retained for multiple years after enrollment or completion where reasonably necessary for verification, compliance, legal defense, institutional reporting, or administrative purposes.
14.3. The Institute may retain certain information even after a deletion request where retention is necessary to comply with legal obligations, complete transactions, resolve disputes, prevent fraud, maintain academic records, enforce agreements, protect rights, or maintain security.
15. Data Security
15.1. The Institute implements commercially reasonable administrative, technical, and organizational safeguards designed to protect personal information from unauthorized access, disclosure, alteration, loss, misuse, or destruction.
15.2. Such safeguards may include role-based access controls, secure hosting, encryption where appropriate, account authentication, access logging, workforce confidentiality obligations, vendor management, security monitoring, and incident response processes.
15.3. The FTC emphasizes that effective data security begins with understanding what information a business has, how it moves through the organization, and who has access to it. (Federal Trade Commission)
15.4. No method of electronic transmission or storage is completely secure. The Institute does not guarantee absolute security and disclaims liability for unauthorized access arising from circumstances beyond its reasonable control.
16. Children and Minors
16.1. The Platform is intended for individuals who are at least eighteen (18) years old, unless a minor participates with appropriate parent or guardian involvement and the Institute expressly permits such participation.
16.2. The Institute does not knowingly collect personal information from children under the age of thirteen (13). If the Institute becomes aware that it has collected such information without legally required consent, it will take reasonable steps to delete the information.
16.3. Where minors are permitted to participate in any program, the Institute may require parental or guardian consent and may process information in accordance with applicable law.
17. State Privacy Rights
17.1. Subject to applicable law and eligibility thresholds, users may have rights regarding their personal information, including the right to know what personal information is collected, used, disclosed, or shared; the right to request deletion; the right to request correction; the right to access or obtain a copy of information; the right to opt out of certain sale or sharing activities; and the right not to be discriminated against for exercising privacy rights.
17.2. The California Attorney General states that the CCPA provides California consumers rights including the right to know what personal information businesses collect and how it is used and shared, the right to delete personal information, the right to opt out of sale or sharing, and the right to non-discrimination for exercising those rights. (California Attorney General)
17.3. To exercise applicable privacy rights, users may contact the Institute using the contact information provided below. The Institute may verify the identity and authority of the requester before fulfilling a request.
17.4. The Institute may deny or limit requests where permitted by law, including where information must be retained for educational records, certificate verification, legal compliance, security, fraud prevention, transaction completion, dispute resolution, or legitimate institutional purposes.
18. Do Not Track and Global Privacy Control
18.1. Some browsers transmit “Do Not Track” signals. Due to the absence of a uniform industry standard, the Platform may not respond uniformly to such signals.
18.2. Where required by applicable state law, the Institute will honor legally recognized privacy preference signals, including Global Privacy Control, to the extent such signals apply to the Institute and the relevant processing activity.
19. International Users and Cross-Border Transfers
19.1. The Platform is operated from the United States. Users who access the Platform from outside the United States acknowledge that their information may be transferred to, stored in, and processed in the United States or other jurisdictions where the Institute or its service providers operate.
19.2. Data protection laws in the United States may differ from those in your country of residence.
19.3. By using the Platform or submitting information, you acknowledge such transfer and processing, subject to applicable law.
20. Third-Party Websites and External Links
20.1. The Platform may include links to third-party websites, LMS providers, payment processors, institutional partners, social media platforms, professional associations, recognition bodies, or affiliated services.
20.2. The Institute does not control and is not responsible for the privacy practices, security standards, content, availability, or policies of third parties.
20.3. Users are encouraged to review the privacy policies and terms of third-party services before submitting information or creating accounts with them.
21. Automated Systems and AI-Supported Processing
21.1. The Institute may use automated systems, analytics, workflow tools, or AI-supported tools to assist with administrative operations, admissions triage, communication routing, support workflows, fraud detection, learning analytics, or service improvement.
21.2. Such systems do not replace final academic judgment, clinical judgment, legal judgment, or employment decision-making where human review is required or appropriate.
21.3. The Institute does not use automated tools to independently grant licenses, issue government-recognized credentials, guarantee employment, or make legally binding employment decisions.
22. Academic Integrity, Security, and Misconduct Investigations
22.1. The Institute may process student data, LMS activity, assessment logs, IP addresses, timestamps, submissions, communication records, and account activity where necessary to investigate suspected cheating, plagiarism, impersonation, credential sharing, unauthorized access, abuse, harassment, or misuse of Institute systems.
22.2. Information collected during such investigations may be used to suspend access, invalidate assessments, withhold or revoke certificates, enforce policies, respond to disputes, and protect the integrity of Institute programs.
23. Testimonials, Feedback, and Public Use of Information
23.1. The Institute will not knowingly publish identifiable student testimonials, photographs, videos, names, likenesses, or success stories for marketing purposes without appropriate consent.
23.2. If a user voluntarily provides a testimonial, endorsement, image, video, or public feedback, the Institute may request consent to use such material in promotional, institutional, or educational communications.
23.3. Users may withdraw consent for future use where applicable, but withdrawal may not require removal of materials already lawfully published or distributed before the withdrawal, except where required by law.
24. Breach Notification
24.1. In the event of a data breach involving personal information, the Institute will provide notification where required by applicable federal or state law.
24.2. Notification may include information regarding the nature of the incident, types of information involved, steps taken by the Institute, and recommended protective measures.
24.3. The Institute may also notify service providers, institutional partners, regulators, law enforcement, or affected individuals as required or permitted by law.
25. Limitations of Privacy Protection
25.1. You acknowledge that internet-based systems, email, SMS, learning platforms, cloud services, and digital communications may involve inherent security risks.
25.2. The Institute is not responsible for unauthorized access, disclosure, or loss caused by user-side device compromise, weak passwords, shared credentials, unsecured networks, third-party platform failure, or circumstances beyond its reasonable control.
26. Changes to This Policy
26.1. The Institute may update or modify this Policy at any time. Updated versions will be posted on the Platform and shall become effective upon posting unless otherwise stated.
26.2. The Institute will not materially expand the use of previously collected personal information in a manner inconsistent with prior disclosures without appropriate notice or consent where required by law.
26.3. Continued use of the Platform, continued enrollment, continued course access, or continued communication with the Institute after updates constitutes acceptance of the revised Policy.
27. Contact Information
For privacy-related inquiries, requests, notices, or complaints:
Health & Institute
A DBA of Health and Psychiatrists Consultants LLC
3919 Tampa Road
Oldsmar, Florida 34677, USA
Phone: +1 (321) 233-1516
Email: [email protected]