What is HypoSpray technology?

HypoSpray is BridgeMeds' proprietary transdermal spray delivery system. It delivers pharmaceutical-grade compounds through the skin on your inner wrists for fast, efficient absorption — no needles required.

Do I need a prescription?

Yes. All BridgeMeds treatments are provider-prescribed. You'll complete a brief online health assessment, and a licensed provider will review your information and lab results to create a personalized treatment protocol.

How long does it take to get started?

The online assessment takes about 5 minutes. A provider reviews your submission within 24 hours. Once approved, your treatment ships directly to your door with free nationwide shipping.

Is BridgeMeds available in all 50 states?

BridgeMeds serves patients across all 50 states and Washington D.C. through our HIPAA-compliant telehealth platform and FDA-registered pharmacy partners.

What treatments does BridgeMeds offer?

BridgeMeds offers 180+ treatments including testosterone replacement therapy (TRT), GLP-1 weight loss medications (semaglutide, tirzepatide, liraglutide), women's hormone replacement therapy (HRT), sexual health treatments, peptide therapy, thyroid optimization, and comprehensive at-home lab testing.

Privacy Policy | BridgeMeds

This Privacy Policy ("Policy") describes how TrueEval Medical Group PLLC, operating as BridgeMeds ("we," "us," or "our"), collects, uses, discloses, and protects your personal and health information when you use our website at bridgemeds.com and our telehealth services (collectively, the "Services"). This Policy also serves as our Notice of Privacy Practices under the Health Insurance Portability and Accountability Act ("HIPAA").

1. Information We Collect

1.1 Personal Information

We collect the following categories of personal information when you use our Services:

Identity Information: Full name, date of birth, gender, and government-issued identification (when required for controlled substance prescriptions).
Contact Information: Email address, phone number, mailing address, and shipping address.
Account Information: Login credentials, account preferences, and communication preferences.
Payment Information: Credit/debit card details and billing address, processed securely through our PCI-compliant payment processor (Stripe). We do not store full card numbers on our servers.

1.2 Protected Health Information (PHI)

As a healthcare provider, we collect and maintain PHI as defined under HIPAA, including:

Medical History: Current and past medical conditions, surgical history, family medical history, and allergies.
Medication Information: Current medications, supplements, and previous treatment history.
Assessment Data: Responses to clinical assessments, symptom questionnaires, and health goals.
Laboratory Results: Biomarker data, blood panel results, and diagnostic test results from at-home lab kits or uploaded external results.
Treatment Records: Prescribed protocols, dosing information, provider notes, and treatment outcomes.
Communication Records: Secure messages between you and your provider.

1.3 Technical and Usage Information

Device Information: Browser type, operating system, device identifiers, and screen resolution.
Usage Data: Pages visited, features used, session duration, and interaction patterns.
Cookies and Tracking: We use essential cookies for authentication and session management, and analytics cookies to improve our Services. See Section 8 for details.

2. How We Use Your Information

2.1 Healthcare Operations

Providing clinical assessments, evaluations, and treatment recommendations
Processing and fulfilling prescriptions through our pharmacy partners
Coordinating laboratory testing and interpreting results
Monitoring treatment efficacy and adjusting protocols
Communicating with you about your care through secure messaging
Maintaining your medical records as required by law

2.2 Business Operations

Processing payments and managing subscriptions
Sending transactional communications (order confirmations, shipping updates, appointment reminders)
Improving our Services, website functionality, and user experience
Complying with legal and regulatory obligations
Detecting and preventing fraud, abuse, or security incidents

2.3 Marketing (with Your Consent)

With your explicit consent, we may send you educational health content, treatment updates, and promotional communications. You may opt out at any time by clicking "unsubscribe" in any marketing email or contacting us directly. We will never sell your personal information or PHI for marketing purposes.

3. How We Share Your Information

We may share your information in the following circumstances:

Healthcare Providers: With licensed providers within TrueEval Medical Group PLLC who are involved in your care.
Pharmacy Partners: With our FDA-registered compounding pharmacy partners to fulfill your prescriptions.
Laboratory Partners: With certified laboratory partners to process your at-home lab tests.
Payment Processors: With Stripe to process your payments securely.
Shipping Partners: With shipping carriers to deliver your medications and lab kits.
Legal Requirements: When required by law, subpoena, court order, or government investigation.
Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate confidentiality protections.

We do not sell, rent, or trade your personal information or PHI to third parties for their marketing purposes.

4. HIPAA Notice of Privacy Practices

Your Rights Under HIPAA

As a patient, you have the following rights regarding your PHI:

Right to Access: You may request a copy of your medical records and PHI that we maintain.
Right to Amend: You may request corrections to your PHI if you believe it is inaccurate or incomplete.
Right to an Accounting of Disclosures: You may request a list of certain disclosures we have made of your PHI.
Right to Request Restrictions: You may request restrictions on how we use or disclose your PHI, though we are not required to agree to all requests.
Right to Confidential Communications: You may request that we communicate with you through specific channels or at specific locations.
Right to a Paper Copy: You may request a paper copy of this Notice of Privacy Practices at any time.
Right to File a Complaint: You may file a complaint with us or with the U.S. Department of Health and Human Services if you believe your privacy rights have been violated.

To exercise any of these rights, contact us at [email protected].

Our Obligations

We are required by law to maintain the privacy and security of your PHI.
We will notify you promptly if a breach occurs that may have compromised the privacy or security of your PHI.
We will not use or share your PHI other than as described in this Policy without your written authorization.
We will follow the terms of this Notice currently in effect.

5. Data Security

We implement comprehensive security measures to protect your information:

Encryption: All data transmitted between your device and our servers is encrypted using 256-bit TLS encryption.
Access Controls: Access to PHI is restricted to authorized personnel on a need-to-know basis.
Infrastructure: Our systems are hosted on SOC 2-compliant cloud infrastructure with regular security audits.
Authentication: We use secure authentication mechanisms including session tokens and encrypted credentials.
Monitoring: We continuously monitor our systems for unauthorized access or suspicious activity.
Training: All personnel with access to PHI receive regular HIPAA compliance training.

6. Data Retention

We retain your medical records and PHI for the period required by applicable federal and state laws, which is typically a minimum of 6 to 10 years from the date of last treatment, depending on your state of residence. Non-medical personal information is retained for as long as your account is active or as needed to provide Services, comply with legal obligations, resolve disputes, and enforce agreements.

7. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If we become aware that we have collected information from a person under 18, we will take steps to delete such information promptly.

8. Cookies and Tracking Technologies

We use the following types of cookies:

Essential Cookies: Required for authentication, session management, and security. These cannot be disabled.
Analytics Cookies: Help us understand how visitors interact with our website to improve functionality and user experience. These are anonymized and do not contain PHI.
Preference Cookies: Remember your language preference and display settings.

We do not use advertising cookies or share cookie data with third-party advertisers. You can manage cookie preferences through your browser settings.

9. State-Specific Privacy Rights

California (CCPA/CPRA): California residents have additional rights including the right to know what personal information is collected, the right to delete personal information, and the right to opt out of the sale of personal information. As a healthcare provider, certain HIPAA-regulated information is exempt from CCPA. For non-exempt information, contact us to exercise your rights.
Virginia, Colorado, Connecticut, Utah: Residents of these states have similar rights to access, correct, delete, and port their personal data. Contact us to exercise these rights.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated Policy on our website with a revised "Last updated" date. For significant changes affecting your PHI, we will provide direct notification via email.

11. Contact Us

For questions, concerns, or to exercise your privacy rights:

Privacy Officer: TrueEval Medical Group PLLC
Email: [email protected]
Website: bridgemeds.com

To file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights, visit hhs.gov/hipaa/filing-a-complaint.

This Privacy Policy and Notice of Privacy Practices is effective as of March 10, 2026. By using BridgeMeds services, you acknowledge that you have read and understand this Policy.