Legal

Privacy Policy

How Integrix Health, LLC collects, uses, and protects your personal information — including Protected Health Information under HIPAA.

Effective Date: June 13, 2026 Last Updated: June 13, 2026 Entity: Integrix Health, LLC Website: www.integrix.health Contact: [email protected]  |  701-347-1968

Table of Contents

  1. Introduction & Scope
  2. Information We Collect
  3. How We Use Your Information
  4. Genetic Data — Special Handling
  5. How We Share Your Information
  6. HIPAA Rights — Clinical Patients
  7. Cookies & Tracking Technologies
  8. Data Security
  9. Your Rights & Choices
  10. Data Retention
  11. Children's Privacy
  12. Third-Party Links
  13. Changes to This Policy
  14. Contact Us

1. Introduction & Scope

Integrix Health, LLC ("Integrix Health," "we," "us," or "our") is a virtual-first functional medicine practice operated by Dr. Paul Bekkum, DC, CCEP, in Moorhead, Minnesota. This Privacy Policy governs how we collect, use, disclose, and protect information across all touchpoints, including:

  • The integrix.health website and all associated subpages
  • Clinical services delivered via Practice Better (our telehealth and functional medicine delivery platform)
  • Email communications and newsletter/Substack subscription lists
  • Genetic wellness consulting services delivered under the ProActiveDNA.com / 3x4 Genetics framework

This Policy applies to all visitors, subscribers, prospective patients, active patients, and consulting clients. By accessing our website or engaging our services, you acknowledge the data practices described herein.

Note: This Policy does not apply to the independent contractor chiropractic services rendered at Downtown Health and Wellness in Moorhead, MN — those services operate under that clinic's separate HIPAA Notice of Privacy Practices.

2. Information We Collect

2.1 Website Visitors (integrix.health)

Automatically Collected:

  • IP address, browser type, device type, operating system
  • Pages visited, time on site, referral source
  • Cookie and session data (see Section 7)

Voluntarily Submitted:

  • Name, email address, phone number submitted via contact or intake forms
  • Free-text content submitted in inquiry forms or chat widgets

2.2 Clinical Patients (Practice Better Platform)

As a healthcare provider, we collect Protected Health Information (PHI) as defined under the Health Insurance Portability and Accountability Act (HIPAA), including:

  • Full legal name, date of birth, biological sex, contact information
  • Comprehensive health history, chief complaints, symptom timelines
  • Medical Symptom Questionnaire (MSQ) responses and IFM Matrix intake data
  • Laboratory results, diagnostic data, and clinical progress notes
  • Supplement protocols, functional medicine care plans, and session recordings (where consented)
  • Payment and billing information
Platform Note: Clinical data is stored and processed within Practice Better, which operates under a Business Associate Agreement (BAA) with Integrix Health, LLC, consistent with HIPAA requirements. We do not store PHI on the integrix.health website or in general cloud environments without a BAA in place.

2.3 Email List & Substack Subscribers

  • Name and email address at time of subscription
  • Email engagement data (open rates, click behavior) via email service provider analytics
  • Substack subscription tier (free vs. paid) and subscription history
  • Content interaction preferences inferred from engagement patterns

2.4 3x4 Genetics / ProActiveDNA Consulting Clients

  • All information collected under Section 2.2 applies
  • Genetic panel data processed through 3x4 Genetics, including variants across metabolic, detoxification, methylation, neurotransmitter, cardiovascular, inflammation, vitamin, hormone, athletic, oxidative stress, and circadian pathways

Genetic data is among the most sensitive categories of personal information we handle. See Section 4 for how this data is used and protected.

3. How We Use Your Information

Data Category Primary Uses
Website visitor data Site analytics, UX improvement, security monitoring
Contact form submissions Responding to inquiries, scheduling consultations
Clinical PHI Delivering healthcare services, clinical documentation, care coordination
MSQ / IFM intake data Functional medicine matrix analysis, protocol development
Genetic data (3x4) Darwin Algorithm™ personalization, nutrigenomic protocol design
Email / Substack Sending newsletters, clinical education content, offers, and program announcements
Payment data Processing fees for services, subscriptions, and programs
We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Ever.

4. Genetic Data — Special Handling

Genetic information processed through 3x4 Genetics panels is subject to the following additional protections:

  • Genetic data is used exclusively for clinical interpretation within your care plan
  • Raw genetic data files are not stored on integrix.health servers
  • De-identified aggregate trend data may inform clinical education content and program design; no individual is identifiable in such use
  • We do not share genetic data with insurers, employers, pharmaceutical companies, or data brokers
  • You have the right to request deletion of genetic data associated with your consulting engagement at any time (see Section 9)

5. How We Share Your Information

We share personal information only in the following circumstances:

5.1 Service Providers (Business Associates & Vendors)

We engage third-party vendors who support our operations. Where required by HIPAA, these vendors operate under a signed BAA:

Vendor Function BAA Required
Practice Better Telehealth delivery, clinical records Yes
Fullscript Supplement dispensing (Designs for Health, Pure Encapsulations) Yes
3x4 Genetics Genetic panel processing and reporting Yes
Substack Newsletter and content distribution No (non-PHI only)
Email service provider Marketing communications No (non-PHI only)
Stripe / payment processor Payment processing No (financial data, PCI-DSS compliant)
Cloudflare Website hosting and security (integrix.health) No

5.2 Legal Requirements

We may disclose information when required by law, subpoena, court order, or to protect the safety of any person, including mandatory reporting obligations applicable to licensed healthcare providers in Minnesota.

5.3 Treatment, Payment, and Healthcare Operations

As permitted under HIPAA, we may share PHI with other treating providers, referring clinicians, or for billing and quality improvement purposes, consistent with your care.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. You will be notified of any such change in ownership via the contact information on file.

6. HIPAA Rights — Clinical Patients

If you are a patient of Integrix Health, LLC, you have the following rights under HIPAA with respect to your PHI:

Your HIPAA Rights

  • Right to Access: Request a copy of your health records
  • Right to Amend: Request corrections to inaccurate or incomplete records
  • Right to an Accounting of Disclosures: Request a list of instances where your PHI was disclosed
  • Right to Restrict: Request restrictions on certain uses or disclosures of your PHI
  • Right to Confidential Communications: Request we contact you through alternative means or locations
  • Right to File a Complaint: File a complaint with Integrix Health, LLC or directly with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights at hhs.gov/ocr without retaliation

To exercise any of these rights, contact: [email protected] or 701-347-1968.

7. Cookies & Tracking Technologies

The integrix.health website uses the following tracking technologies:

  • Essential Cookies: Required for basic site functionality (session management, security). Cannot be disabled.
  • Analytics Cookies: Used to understand visitor behavior and improve site performance (e.g., Cloudflare Web Analytics). These are privacy-first analytics tools that do not fingerprint individual users or share data with ad networks.
  • No Third-Party Advertising Cookies: We do not run retargeting pixels, Facebook Pixel, Google Ads conversion tracking, or any behavioral advertising infrastructure on integrix.health.

You may control cookie preferences through your browser settings. Disabling essential cookies may impair site functionality.

8. Data Security

We implement technical, administrative, and physical safeguards to protect your information:

  • Clinical data: Encrypted at rest and in transit within HIPAA-compliant platforms (Practice Better)
  • Website: Hosted on Cloudflare Pages with SSL/TLS encryption; no PHI stored at the website layer
  • AI Workflow Controls: We use a strict two-lane AI policy — de-identified content only in general AI tools (e.g., Claude.ai with bracketed PHI placeholders); PHI processed only within HIPAA-covered platforms with active BAAs (e.g., AWS Bedrock, Google Vertex AI)
  • Access Controls: PHI access is limited to Dr. Bekkum and authorized clinical collaborators only

No data transmission over the internet is 100% secure. While we employ industry-standard protections, we cannot guarantee absolute security.

9. Your Rights & Choices

Regardless of whether you are a clinical patient, website visitor, or subscriber, you may:

  • Unsubscribe from email or Substack communications at any time via the unsubscribe link in any message
  • Request access to the personal data we hold about you
  • Request correction of inaccurate personal data
  • Request deletion of your personal data, subject to legal retention requirements (clinical records must be retained per Minnesota state law — generally 7 years for adults)
  • Withdraw consent for non-essential communications at any time

Submit requests to: [email protected]. We will respond within 30 days.

Minnesota Residents: Minnesota law provides additional privacy rights. Contact us for specific inquiries related to state-law protections.

10. Data Retention

Data Type Retention Period
Clinical records (PHI) 7 years from last date of service (MN law); longer if required by clinical necessity
Genetic panel data Duration of active clinical relationship + 7 years
Website analytics 12 months rolling
Email / marketing data Until unsubscribe + 12 months
Contact form submissions 24 months
Payment records 7 years (tax/accounting compliance)

11. Children's Privacy

Our services are intended exclusively for adults aged 18 and older. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected such information, we will delete it promptly.

12. Third-Party Links

The integrix.health website may contain links to third-party websites, including 3x4 Genetics, Fullscript, Practice Better, and Substack. This Privacy Policy does not apply to those platforms. We encourage you to review their respective privacy policies.

13. Changes to This Policy

We reserve the right to update this Privacy Policy at any time. Material changes will be communicated via:

  • A prominent notice on integrix.health
  • Email notification to active patients and subscribers (where applicable)

The "Last Updated" date at the top of this document reflects the most recent revision. Continued use of our services after changes constitutes acceptance of the revised Policy.

14. Contact Us

Integrix Health, LLC

Dr. Paul Bekkum, DC, CCEP

[email protected]

701-347-1968

www.integrix.health

This Privacy Policy has been prepared for general informational and operational purposes. It is not a substitute for legal counsel. Integrix Health, LLC recommends periodic review by a licensed healthcare attorney familiar with HIPAA, Minnesota state law, and applicable federal regulations.