THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY. THE PRIVACY OF YOUR MEDICAL INFORMATION IS IMPORTANT TO US.
Our Legal Duty
We are required by applicable federal and state laws to maintain the privacy of your protected health information. We are also required to give you this notice about our privacy practices, our legal duties, and your rights concerning your protected health information. We must follow the privacy practices that are described in this notice while it is in effect. This notice takes effect April 14, 2003, and will remain in effect until replaced.
We reserve the right to change our privacy practices and the terms of this notice at any time, provided that such changes are permitted by applicable law. We reserve the right to make the changes in our privacy practices and the new terms of our notice effective for all protected health information that we maintain, including medical information we created or received before we made the changes.
You may request a copy of our notice (or any subsequent revised notice) at any time. For more information about our privacy practices, or for additional copies of this notice, please contact us using the information listed at the end of this notice.
Uses and Disclosures of Protected Health Information
We will use and disclose the protected health information about you for treatment, payment, and health care operations. Following are examples of the types of uses and disclosures of your protected health care information that may occur. These examples are not meant to be exhaustive, but merely are here to describe the types of uses and disclosures that may be made by our office.
Treatment: We will use and disclose your protected health information to provide, coordinate or manage your health care and any related services, which includes the coordination or management of your health care with a third party. For example, we could disclose your protected health information, as necessary, to a home health agency that provides care to you. We would also disclose protected health information to other physicians who may be treating you. For example, your protected health information may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to diagnose or treat you.
In addition, we may disclose your protected health information from time to time to another physician or health care provider (e.g., a specialist or laboratory) who, at the request of your physician, would become involved in your care by providing assistance with your health care diagnosis or treatment by your physician.
Payment: Your protected health information will be used, as needed, to obtain payment for your health care services. This may include certain activities that your health insurance plan may undertake before it approves or pays for the health care services we recommend for you, such as: making a determination of eligibility or coverage for insurance benefits, reviewing services provided to you for protected health necessity, and undertaking utilization review activities. For example, obtaining approval for a hospital stay may require that your relevant protected health information be disclosed to the health plan to obtain approval for this hospital admission.
Health Care Operations: We may use or disclose, as needed, your protected health information in order to conduct certain business and operational activities. These activities include, but are not limited to, quality assessment activities, employee review activities, training of students, licensing, and conducting or arranging for other business activities.
For example, we may use a sign-in sheet at the registration desk where you will be asked to sign your name. We may also call you by name in the waiting room when your doctor is ready to see you. In addition, we may use or disclose your protected health information, as necessary, to contact you by telephone or mail to remind you of your appointment.
We could share your protected health information with third party “business associates” that perform various activities (e.g., billing, transcription services) for the practice. Whenever an arrangement between our office and a business associate involves the use or disclosure of your protected health information, we will have a written contract that contains terms that will protect the privacy of your protected health information.
We may use or disclose your protected health information, as necessary, to provide you with information about treatment alternatives or other health-related benefits and services that may be of interest to you. We may also use and disclose your protected health information for other marketing activities. For example, your name and address may be used to send you a newsletter about our practice and the services we offer. We may also send you information about products or services that we believe may be beneficial to you. However, you may contact us to request that these materials not be sent to you.
Uses and Disclosures Based On Your Written Authorization: Other uses and disclosures of your protected health information will be made only with your authorization, unless otherwise permitted or required by law as described below.
You may give us written authorization to use your protected health information or to disclose it to anyone for any purpose. If you give us an authorization, you may revoke it in writing at any time. Your revocation will not affect any use or disclosures permitted by your authorization while it was in effect. Without your written authorization, we will not disclose your health care information except as described in this notice.
Others Involved in Your Health Care: Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, the protected health information that directly relates to that person’s involvement in your health care. If you are unable to agree or in ant way object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment. We may use or disclose protected health information to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location, general condition or death.
Marketing: We may use your protected health information to contact you with information about treatment alternatives that may be of interest to you, and we may disclose your protected health information to a business associate to assist us in these activities. Unless the information is provided to you by a general newsletter or in person or is for products or services of nominal value, you may opt out of receiving further such information by informing us using the contact information listed at the end of this notice.
Research; Death; Organ Donation: We may use or disclose your protected health information for research purposes under limited circumstances. We may disclose the protected health information of a deceased person to a coroner, protected health examiner, funeral director or organ procurement organization for certain purposes.
Public Health and Safety: We may disclose your protected health information to the extent necessary to avert a serious and imminent threat to your health or safety, or the health or safety of others. We may disclose your protected health information to a government agency authorized to oversee the health care system or government programs or its contractors, and to public health authorities for public health purposes.
Health Oversight: We may disclose protected health information to a health oversight agency for activities authorized by law, such as audits, investigations and inspections. Oversight agencies seeking this information include government agencies that oversee the health care system, government benefit programs, and other government regulatory programs and civil rights laws.
Abuse or Neglect: We may disclose your protected health information to a public health authority that is authorized by law to receive reports of child abuse or neglect. In addition, we may disclose your protected health information if we believe that you have been a victim of abuse, neglect or domestic violence to the governmental entity or agency authorized to receive such information. In this case, the disclosure will be made consistent with the requirements of applicable federal and state laws.
Food and Drug Administration: We may disclose your protected health information to a person or company as required by the Food and Drug Administration to report adverse events, product defects or problems, biologic product deviations; to track products; to enable product recalls; to make repairs or replacements; or to conduct post marketing surveillance.
Criminal Activity: Consistent with applicable federal and state laws, we may disclose your protected health information, if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or to the public. We may also disclose protected health information if it is necessary for law enforcement authorities to identify or apprehend an individual.
Required by Law: We may use or disclose your protected health information when we are required to do so by law. For example, upon request, we must disclose your protected health information to the U.S. Department of Health and Human Services for purposes of determining whether or not we are in compliance with federal privacy laws. We may disclose your protected health information when authorized by workers’ compensation or similar laws.
Process and Proceedings: Under certain circumstances, we may disclose your protected health information in response to a court or administrative order, subpoena, discovery request or any other lawful process, under certain circumstances. Under limited circumstances, such as a court order, warrant or grand jury subpoena, we may disclose your protected health information to law enforcement officials.
Law Enforcement: We may disclose limited information to a law enforcement official if it concerns the protected health information of a suspect, fugitive, material witness, crime victim or missing person. We may disclose the protected health information of an inmate or other person in lawful custody to a law enforcement official or correctional institution under certain circumstances. And we may disclose protected health information where necessary to assist law enforcement officials to capture an individual who has admitted to participation in a crime or has escaped from lawful custody.
Access: You have, with limited exceptions, the right to look at or get copies of your protected health information. You must make a request in writing to the contact person listed herein to obtain access to your protected health information. You may also request access by sending us a letter to the address at the end of this notice. There will be charge, if you request copies. If you prefer, we will prepare a summary or an explanation of your protected health information for a fee. Please contact us using the information listed at the end of this notice for a full explanation of our fee structure.
Accounting of Disclosures: After April 14, 2003, you will have the right to receive a list of instances in which we or our business associates have disclosed your protected health information for purposes other than treatment, payment, health care operations and certain other activities. After April 14, 2009, the accounting will be provided for the past six (6) years. We will be able to provide you with the date on which we made the disclosure, the name of the person or entity to whom we disclosed your protected health information, a description of the protected health information we disclosed, the reason for the disclosure, and certain other information. If you request this list more than once in a 12-month period, we may charge you a reasonable, cost-based fee for responding to these additional requests. Contact us using the information listed at the end of this notice for a full explanation of our fee structure.
Restriction Requests: You have the right to request that we place additional restrictions on our use or disclosure of your protected health information. We are not required to agree to these additional restrictions, but if we do, we will abide by our agreement (except in an emergency). Any agreement we may make to a request for additional restrictions must be in writing, and signed by a person authorized to make such an agreement on our behalf. We will not be bound by any restrictions unless our agreement is so memorialized in writing.
Confidential Communication: You have the right to request that we communicate with you about your protected health information by alternative means or to an alternative location in confidence. You must make your request in writing. We must accommodate your request if it is reasonable, specifies the alternative means or location, and continues to permit us to bill and collect payment from you.
Amendment: You have the right to request that we amend your protected health information. This request must be in writing, and it must explain why the information should be amended. We may deny your request if we did not create the information you want amended or for certain other reasons. If we deny your request, we will provide you a written explanation. You may respond with a statement of disagreement to be appended to the information you wanted amended. If we accept your request to amend the information, we will make reasonable efforts to inform others, including people or entities you name, of the amendment and to include the changes in any future disclosures of that information.
Electronic Notice: If you receive this notice via our website or by electronic mail (e-mail), you are also entitled to receive this notice in written form. Please contact us using the information listed at the end of this notice to obtain this notice in written form.
Questions and Complaints
If you want more information about our privacy practices or have any questions or concerns, please contact us using the information below. If you believe that we may have violated your privacy rights, or if you disagree with a decision we made about access to your protected health information or in response to a request you made, you may complain to us using the contact information below. You also may submit a written complaint to the U.S. Department of Health and Human Services. We will provide you with the address to file your complaint with the U.S. Department of Health and Human Services upon request.
We support your right to protect the privacy of your protected health information. We will not retaliate in any way if you choose to file a complaint with us or with the U.S. Department of Health and Human Services.
We are committed to protecting your privacy, and that includes protecting the privacy of any data you share with us. This policy sets out what data we collect, what we do with your data, when and how we store your data, and what you can do if you have questions or wish to exercise rights you have with respect to your data.
What data do we collect, and why?
Through the use of pages on this website and interaction with our products and services, we may collect data from you. Sometimes the data we collect relates to you or identifies you. In this policy, data that relates to or identifies a natural person is defined as “personal data.” “Data” always includes personal data. Our goal is always to maintain the highest levels of privacy and security with your personal data, in keeping with the principles of the Federal Trade Commission Act and related regulations, the General Data Protection Regulation, and applicable local privacy laws. We will always try to give you appropriate notice of what data we collect and how we will use it, and we will only process your data when we consider it fair and lawful to do so.
We may collect the following data from you:
- Records of your visits to the site, through cookies and otherwise (which records may include: traffic data; location information; logs; information about your computer or mobile device such as if applicable your IP address, operating system, mobile carrier, or device identifying
- Records of correspondence between us and you (for example, records of your and our communication for purposes of support services)
- Comments, posts, or other data you upload to our site (for example, in the comments section of our blog posts)
- Information you provide by completing forms on our website or in our products and services (for example, purchase information and information you provide when subscribing to newsletters or contacting us)
Sometimes the reason for collection will be obvious (such as when you give us your email address to allow us to contact you). When it is not, we will describe to you at the time of collection the purpose for collecting the data and if possible ask for your consent. To the extent possible, we anonymize or pseudonymize data we collect from you.
In general, we do not intentionally collect sensitive personal data. Sensitive personal data is data of the kind regulated by Article 9 or Article 10 of the GDPR, such as personal identity numbers; financial account information; information concerning racial or ethnic origin; political opinions; religious, philosophical, or other beliefs; membership in trade unions or professional or trade associations; physical or mental health information; biometric data; genetic data; data concerning sexual activity or orientation; or data concerning criminal records or suspected criminal activity. However, if you provide us with sensitive personal data, whether through the website or through any of our products or services, you explicitly consent to our use and processing of that data.
Additionally, we do not intentionally collect personal data from anyone under the age of eighteen (18), and to the extent reasonably possible we take steps to verify that you are a legal adult when we collect data from you. By using our website, products, or services, and by submitting any data to us, you warrant that you are eighteen (18) years of age or older.
How do we use data we collect from you?
We use the data we collect from you to provide information, services, or products you have requested or purchased, and to allow you to interact with us and the website.
This may include sending you emails from time to time; these emails always contain either information you have requested or that you have consented to receive, or information we have a legitimate interest in delivering (such as notices of product changes). You can always unsubscribe from any email list by clicking the indicated link in the email.
When applicable we analyze this information to improve our website, improve the products and services we provide, and to protect us and you from malicious web activity. We may share this information with third parties. Those third parties and their respective privacy policies are as follows:
- Google Analytics (https://policies.google.com/privacy)
How long do we keep your data?
In general, we keep your data only as long as necessary to provide the service or product you requested. If you are a customer who has an account with us, we will keep the data connected to your account until you ask us to destroy it. This is in order to help us remember information about previous interactions with you (for example, records of support service) or in order to comply with our legal and contractual obligations. Ordinarily, if your account is inactive, your data will only be stored so that the account can be reactivated in the future, and your data will not be processed for any other purpose. You can ask us to destroy your data at any time by following the procedures outlined in this policy, but if we do not have certain information about you, it may be impossible for us to provide any products or services to you.
Where is your data stored?
We are a business located in the United States. When we store your data, it is stored in the United States. However, data we collect may be routed or transferred internationally by us or by our business partners during the course of providing products and services to you and others.
How do we ensure your data is secure?
We take a number of steps to ensure that data we collect is protected from unauthorized access, alteration, disclosure, or destruction, including the following:
- Many of our services are encrypted using SSL.
- We regularly review our data collection, storage, and processing practices, including physical and electronic security measures.
- We restrict access to your personal data to only those employees, agents, and business partners who need access to it in order to deliver requested products and services.
- All of our employees, agents, and business partners are subject to strict confidentiality and nondisclosure obligations, the violation of which may result in termination and/or liability.
- All of our employees and agents receive regular appropriate training, including training in information privacy suitable to their respective fields and disciplines.
Do we share your data?
We may transfer your data to our business partners, some of whom may be located in other countries. We strive to do business only with partners who uphold high standards of data privacy and security, and whenever we transfer data to a third party, we take steps to make sure that the data will remain secure and private as required by applicable law and our internal guidelines.
Sometimes we may be required to share your data for specific purposes. These purposes may include:
- In order for us to comply with a legal obligation or to detect, prevent, or otherwise address fraud or crime
- In order to detect or correct technical or security issues
- In order to apply or enforce our Terms and Conditions, or to protect the rights, property, or safety of us, you, our customers, our business partners, others, or the public
- In order to maintain continuity of service in the event that we sell or liquidate some or all of our business or assets
Additionally, our website may contain links to our business partners or other third parties. Please understand that those websites have their own policies, and we do not accept any responsibility or liability for your use of those websites or any products or services available there.
What about data we obtain from third parties?
Sometimes we may obtain your personal data from a third party, either through the use of our website or through some of our products or services. Due to the nature of our products, it is possible that we may even obtain your data unsolicited from a third party. We may also obtain your personal data from our business partners through contractual relationships or through software they develop. We apply the same standards of security and privacy to all personal data in our possession, and you have rights with respect to your data regardless of its source. When and to the extent possible, we will notify you of the source if we obtain your data from a third party without your consent within at least thirty (30) days
Are you required to supply us with your personal data?
Sometimes we have to have your personal data in order to interact with you. Supplying some personal information is a prerequisite to purchasing products or services from us, obtaining support services, or using the website. If you do not provide the requested data in those instances, you will not be able to purchase any products or services from us, you will not have access to support services, and you may lose some functionality when interacting with the website, respectively.
What rights do you have with respect to your personal data?
You have a right to know if we have any of your personal data and to have access to that data, and you have the right to have any incorrect personal data corrected. If you have given us consent to have or use your data, you have the right to withdraw that consent at any time. You also have the right to have your personal data erased or to transport your data. Ordinarily we do not use automated decision-making with respect to any personal data, but if we do, you have the right to object.
You have the right to lodge a complaint with a supervisory authority. Which authority is appropriate varies depending on your jurisdiction. If you wish to lodge a complaint, we can assist you in determining where the complaint should be lodged.
You may contact us at any time at http://www.soarmedical.com/contact-us/ to exercise any of these rights. Understand that sometimes we have to have your data in order to interact with you, and so exercising some or all of these rights might impact your ability to use our website or our products and services.
What if you have further questions?
If you have any additional questions about our privacy practices, please contact us at http://www.soarmedical.com/contact-us/