NOTICE OF PRIVACY PRACTICES
This HIPPA Privacy Notice details the Honest Dermatology Medical Group's (HDMG) practices and will govern its actions to guard you against unnecessary disclosure and use of your personal information.
Protection of your privacy has always been an extremely important aspect of the services we provide. The new policy and practices have been written to comply with the Health Insurance and Portability and Accountability Act of 1996 "HIPPA", the Health Information Technology for Economic and Clinical Health Act of 2009, the Genetic Information Nondiscrimination Act and regulations issued under these statutes.
This Very detailed policy clearly defines acceptable circumstances for disclosure of personal health information, while still allowing HDMG necessary access for business operations.
Effective Date: 4/01/2013
This Notice was revised on 5/15/2013, 8/30/2013, 11/18/2014, 3/10/15, 5/15/15, 1/27/16, 12/20/16, 5/25/18, 6/12/19
IF YOU HAVE ANY QUESTIONS ABOUT THIS NOTICE OR IF YOU NEED MORE INFORMATION, PLEASE CONTACT:
HIPPA Compliance Officer
Honest Dermatology Medical Group
15840 Ventura Blvd., Suite 101
Encino, California, 91436
by Telephone: 818-789-3811
or by Email: firstname.lastname@example.org
About This Notice
We are required by law to maintain the privacy of Protected Health Information and to give you this Notice explaining our privacy practices with regard to that information. You have certain rights, and we have certain legal obligations, regarding the privacy of your Protected Health Information, and this Notice also explains your rights and our obligations. We are required to abide by the terms of the current version of this Notice.
What is Protected Health Information?
“Protected Health Information” is information that individually identifies you and that we create or get from you or from another health care provider, health plan, your employer, or a health care clearinghouse and that relates to (1) your past, present, or future physical or mental health or conditions, (2) the provision of health care to you, or (3) the past, present, or future payment for your health care.
How We May Use and Disclose Your Protected Health Information
We may use and disclose your Protected Health Information in the following circumstances:
• For Treatment. We may use or disclose your Protected Health Information to give you medical treatment or services and to manage and coordinate your medical care. For example, your Protected Health Information may be provided to a physician or other health care provider (e.g., a specialist or laboratory) to whom you have been referred to ensure that the physician or other health care provider has the necessary information to diagnose or treat you or provide you with a service.
• For Payment. We may use and disclose your Protected Health Information so that we can bill for the treatment and services you receive from us and can collect payment from you, a health plan, or a third party. This use and disclosure may include certain activities that your health insurance plan may undertake before it approves or pays for the health care services we recommend for you, such as making a determination of eligibility or coverage for insurance benefits, reviewing services provided to you for medical necessity, and undertaking utilization review activities. For example, we may need to give your health plan information about your treatment in order for your health plan to agree to pay for that treatment.
• For Health Care Operations. We may use and disclose Protected Health Information for our health care operations. For example, we may use your Protected Health Information to internally review the quality of the treatment and services you receive and to evaluate the performance of our team members in caring for you. We also may disclose information to physicians, nurses, medical technicians, medical students, and other authorized personnel for educational and learning purposes.
• Appointment Reminders/Treatment Alternatives/Health-Related Benefits and Services. We may use and disclose Protected Health Information to contact you to remind you that you have an appointment for medical care, or to contact you to tell you about possible treatment options or alternatives or health related benefits and services that may be of interest to you.
• Minors. We may disclose the Protected Health Information of minor children to their parents or guardians unless such disclosure is otherwise prohibited by law.
• Research. We may use and disclose your Protected Health Information for research purposes, but we will only do that if the research has been specially approved by an authorized institutional review board or a privacy board that has reviewed the research proposal and has set up protocols to ensure the privacy of your Protected Health Information. Even without that special approval, we may permit researchers to look at Protected Health Information to help them prepare for research, for example, to allow them to identify patients who may be included in their research project, as long as they do not remove, or take a copy of, any Protected Health Information. We may use and disclose a limited data set that does not contain specific readily identifiable information about you for research. However, we will only disclose the limited data set if we enter into a data use agreement with the recipient who must agree to (1) use the data set only for the purposes for which it was provided, (2) ensure the confidentiality and security of the data, and (3) not identify the information or use it to contact any individual.
• As Required by Law. We will disclose Protected Health Information about you when required to do so by international, federal, state, or local law.
• To Avert a Serious Threat to Health or Safety. We may use and disclose Protected Health Information when necessary to prevent a serious threat to your health or safety or to the health or safety of others. But we will only disclose the information to someone who may be able to help prevent the threat.
• Business Associates. We may disclose Protected Health Information to our business associates who perform functions on our behalf or provide us with services if the Protected Health Information is necessary for those functions or services. For example, we may use another company to do our billing, or to provide transcription or consulting services for us. All of our business associates are obligated, under contract with us, to protect the privacy and ensure the security of your Protected Health Information.
• Organ and Tissue Donation. If you are an organ or tissue donor, we may use or disclose your Protected Health Information to organizations that handle organ procurement or transplantation – such as an organ donation bank – as necessary to facilitate organ or tissue donation and transplantation.
• Military and Veterans. If you are a member of the armed forces, we may disclose Protected Health Information as required by military command authorities. We also may disclose Protected Health Information to the appropriate foreign military authority if you are a member of a foreign military.
• Workers’ Compensation. HDMG may release your health information to the extent necessary to comply with laws related to Worker's Compensation or similar programs.
• Public Health Risks. We may disclose Protected Health Information for public health activities. This includes disclosures to: (1) a person subject to the jurisdiction of the Food and Drug Administration (“FDA”) for purposes related to the quality, safety or effectiveness of an FDA-regulated product or activity; (2) prevent or control disease, injury or disability; (3) report births and deaths; (4) report child abuse or neglect; (5) report reactions to medications or problems with products; (6) notify people of recalls of products they may be using; and (7) a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.
• Abuse, Neglect, or Domestic Violence. We may disclose Protected Health Information to the appropriate government authority if we believe a patient has been the victim of abuse, neglect, or domestic violence and the patient agrees or we are required or authorized by law to make that disclosure.
• Health Oversight Activities. We may disclose Protected Health Information to a health oversight agency for activities authorized by law. These oversight activities include, for example, audits, investigations, inspections, licensure, and similar activities that are necessary for the government to monitor the health care system, government programs, and compliance with civil rights laws.
• Data Breach Notification Purposes. We may use or disclose your Protected Health Information to provide legally required notices of unauthorized access to or disclosure of your health information.
• Lawsuits and Disputes. If you are involved in a lawsuit or a dispute, we may disclose Protected Health Information in response to a court or administrative order. We also may disclose Protected Health Information in response to a subpoena, discovery request, or other legal process from someone else involved in the dispute, but only if efforts have been made to tell you about the request or to get an order protecting the information requested. We may also use or disclose your Protected Health Information to defend ourselves in the event of a lawsuit.
• Law Enforcement. We may disclose Protected Health Information, so long as applicable legal requirements are met, for law enforcement purposes.
• Military Activity and National Security. If you are involved with military, national security or intelligence activities or if you are in law enforcement custody, we may disclose your Protected Health Information to authorized officials so they may carry out their legal duties under the law.
• Coroners, Medical Examiners, and Funeral Directors. We may disclose Protected Health Information to a coroner, medical examiner, or funeral director so that they can carry out their duties.
• Inmates. If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may disclose Protected Health Information to the correctional institution or law enforcement official if the disclosure is necessary (1) for the institution to provide you with health care; (2) to protect your health and safety or the health and safety of others; or (3) the safety and security of the correctional institution.
Uses and Disclosures That Require Us to Give You an Opportunity to Object and Opt Out
• Individuals Involved in Your Care or Payment for Your Care. Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your Protected Health Information that directly relates to that person’s involvement in your health care. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment.
• Disaster Relief. We may disclose your Protected Health Information to disaster relief organizations that seek your Protected Health Information to coordinate your care, or notify family and friends of your location or condition in a disaster. We will provide you with an opportunity to agree or object to such a disclosure whenever we practicably can do so.
Your Written Authorization is Required for Other Uses and Disclosures
The following uses and disclosures of your Protected Health Information will be made only with your written authorization:
Uses and disclosures of Protected Health Information for marketing purposes
Your Rights Regarding Your Protected Health Information
You have the following rights, subject to certain limitations, regarding your Protected Health Information:
• Right to Inspect and Copy. You have the right to inspect and copy Protected Health Information that may be used to make decisions about your care or payment for your care. We have up to 30 days to make your Protected Health Information available to you and we may charge you a reasonable fee for the costs of copying, mailing or other supplies associated with your request. We may not charge you a fee if you need the information for a claim for benefits under the Social Security Act or any other state or federal needs-based benefit program. We may deny your request in certain limited circumstances. If we do deny your request, you have the right to have the denial reviewed by a licensed healthcare professional who was not directly involved in the denial of your request, and we will comply with the outcome of the review.
• Right to a Summary or Explanation. We can also provide you with a summary of your Protected Health Information, rather than the entire record, or we can provide you with an explanation of the Protected Health Information which has been provided to you, so long as you agrees to this alternative form and pay the associated fees.
Right to an Electronic Copy of Electronic Medical Records. If your Protected Health Information is maintained in an electronic format (known as an electronic medical record or an electronic health record), you have the right to request that an electronic copy of your record be given to you or transmitted to another individual or entity. We will make every effort to provide access to your Protected Health Information in the form or format you request, if it is readily producible in such form or format. If the Protected Health Information is not readily producible in the form or format you request your record will be provided in either our standard electronic format or if you do not want this form or format, a readable hard copy form. We may charge you a reasonable, cost-based fee for the labor associated with transmitting the electronic medical record.
• Right to Get Notice of a Breach. You have the right to be notified upon a breach of any of your unsecured Protected Health Information.
• Right to Request Amendments. If you feel that the Protected Health Information we have is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept by or for us. A request for amendment must be made in writing to the Privacy Officer at the address provided at the beginning of this Notice and it must tell us the reason for your request. In certain cases, we may deny your request for an amendment. If we deny your request for an amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal.
• Right to an Accounting of Disclosures. You have the right to ask for an “accounting of disclosures,” which is a list of the disclosures we made of your Protected Health Information. This right applies to disclosures for purposes other than treatment, payment or healthcare operations as described in this Notice. It excludes disclosures we may have made to you, for a resident directory, to family members or friends involved in your care, or for notification purposes. The right to receive this information is subject to certain exceptions, restrictions and limitations. Additionally, limitations are different for electronic health records. The first accounting of disclosures you request within any 12-month period will be free. For additional requests within the same period, we may charge you for the reasonable costs of providing the accounting. We will tell what the costs are, and you may choose to withdraw or modify your request before the costs are incurred.
• Right to Request Restrictions. You have the right to request a restriction or limitation on the Protected Health Information we use or disclose for treatment, payment, or health care operations. You also have the right to request a limit on the Protected Health Information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. To request a restriction on who may have access to your Protected Health Information, you must submit a written request to the Privacy Officer. Your request must state the specific restriction requested and to whom you want the restriction to apply. We are not required to agree to your request, unless you are asking us to restrict the use and disclosure of your Protected Health Information to a health plan for payment or health care operation purposes and such information you wish to restrict pertains solely to a health care item or service for which you have paid us “out-of-pocket” in full. If we do agree to the requested restriction, we may not use or disclose your Protected Health Information in violation of that restriction unless it is needed to provide emergency treatment.
• Out-of-Pocket-Payments. If you paid out-of-pocket (or in other words, you have requested that we not bill your health plan) in full for a specific item or service, you have the right to ask that your Protected Health Information with respect to that item or service not be disclosed to a health plan for purposes of payment or health care operations, and we will honor that request.
• Right to Request Confidential Communications. You have the right to request that we communicate with you only in certain ways to preserve your privacy. For example, you may request that we contact you by mail at a specific address or call you only at your work number. You must make any such request in writing and you must specify how or where we are to contact you. We will accommodate all reasonable requests. We will not ask you the reason for your request.
• Right to a Paper Copy of This Notice. You have the right to a paper copy of this Notice, even if you have agreed to receive this Notice electronically. You may request a copy of this Notice at any time by calling Honest Dermatology Medical Group at (818) 789-3811.
How to Exercise Your Rights
To exercise your rights described in this Notice, send your request, in writing, to our Privacy Officer at the address listed at the beginning of this Notice. We may ask you to fill out a form that we will supply. To exercise your right to inspect and copy your Protected Health Information, you may also contact your health care provider directly. To get a paper copy of this Notice, contact our Privacy Officer by phone or mail.
Changes To This Notice
We reserve the right to change this Notice. We reserve the right to make the changed Notice effective for Protected Health Information we already have as well as for any Protected Health Information we create or receive in the future. A copy of our current Notice is posted in our office and on our websites.
You may file a complaint with us or with the Secretary of the United States Department of Health and Human Services if you believe your privacy rights have been violated.
To file a complaint with us, contact our Privacy Officer at the address listed at the beginning of this Notice. All complaints must be made in writing and should be submitted within 180 days of when you knew or should have known of the suspected violation. There will be no retaliation against you for filing a complaint.
To file a complaint with the Secretary, mail it to: Secretary of the U.S. Department of Health and Human Services, 200 Independence Ave, S.W., Washington, D.C. 20201. Call (202) 619-0257 (or toll free (877) 696-6775) or go to the website of the Office for Civil Rights, http://www.hhs.gov/ocr/privacy/, for more information. There will be no retaliation against you for filing a complaint.