Privacy Policy

This privacy notice discloses the privacy practices for this website. This privacy notice applies solely to information collected by this web site. It will notify you of the following:

What personally identifiable information is collected from you through the web site, how it is used and with whom it may be shared.
What choices are available to you regarding the use of your data.
The security procedures in place to protect the misuse of your information.
How you can correct any inaccuracies in the information.

Information Collection, Use, and Sharing

We are the sole owners of the information collected on this site. We only have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.

We will use your information to respond to you, regarding the reason you contacted us. We will not share your information with any third party outside of our organization, other than as necessary to fulfill your request, e.g. to ship an order.

Unless you ask us not to, we may contact you via email in the future to tell you about specials, new products or services, or changes to this privacy policy.

Your Access to and Control Over Information

You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the contact form on our website:

See what data we have about you, if any.
Change/correct any data we have about you.
Have us delete any data we have about you.
Express any concern you have about our use of your data.

Security

Please do not use our contact form to email us confidential information. While we will not disclose this information to anyone, it could possibly be intercepted by unauthorized entities.

Cookies

We use "cookies" on this site. A cookie is a piece of data stored on a site visitor's hard drive to help us improve your access to our site and identify repeat visitors to our site. For instance, when we use a cookie to identify you, you would not have to log in a password more than once, thereby saving time while on our site. Cookies can also enable us to track and target the interests of our users to enhance the experience on our site. Usage of a cookie is in no way linked to any personally identifiable information on our site.

Links

This web site contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.

If you feel that we are not abiding by this privacy policy, you should contact us immediately.

Notice of Privacy Policy
§ 164.520(b)(1), § 164.520(c)(2), § 164.520(e)
Practice Name:

Purpose

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), requires
that this practice provide each of its patient with a Notice of Privacy Practices (NPP).
The goal of the Notice of Privacy Practices is to inform patients of:
3⁄4 How the health care organization will use and disclosure patient PHI
3⁄4 Patient rights and responsibilities with respect to their PHI
3⁄4 The duties of the covered entity with respect to patient PHI
This policy describes how this practice’s Notice of Privacy Practices is provided to
patients, acknowledged, and provides the contact information for the workforce
member to whom patients should direct questions about the Notice of Privacy
Practices.

Policy

This practice offers every patient the Notice of Privacy Practices that describes how
their PHI may be used and disclosed, the rights and responsibilities of patients with
respect to their PHI, and the responsibilities of this practice with respect to the PHI
it creates, collects, and maintains. The Notice of Privacy Practices will also be posted
on the wall in the patient area and is linked to the practice website.

Notice of Privacy Policy
See Page 117 of the HIPAA Compliance Program

©Compliance Training Partners, 2024 1 of 6

Procedure

Each patient that receives healthcare services at this practice is offered a copy of
or will view our Notice of Privacy Practices and will acknowledge receipt of this
information in writing.

New Patients
When a new patient arrives at the office:
1. The individual responsible for the patient’s registration is responsible for
providing the patient with the Notice of Privacy Practices and obtain a signed
acknowledgement of receipt.
2. A copy of the acknowledgement form should be kept in the patient’s medical
record.
Existing Patients
When a patient's file contains a signed Patient Acknowledgment form, workforce
members are not required to provide the patient with an additional copy. If there
is no documentation of a previous receipt and acknowledgment of the Notice of
Privacy Practices for an existing patient, the healthcare provider's office will:
1. Provide the patient with the Notice of Privacy Practices
2. Request the patient to acknowledge receipt of the Notice of Privacy Practices by
signing the Patient Acknowledgment form
If the patient refuses or is unable to sign the acknowledge their receipt of the Notice
of Privacy Practices, the staff member will:
1. Document the patient's refusal or inability to sign on the Patient
Acknowledgment form along with any efforts that were made to obtain the
patient's acknowledgment
2. File the annotated Patient Acknowledgement form in the patient's record
Requests for a Notice of Privacy Practices
If any individual requests a copy of the Notice of Privacy Practices for the practice,
the person receiving the request should provide a copy to the requesting individual.
In addition, the Notice of Privacy Practices should be posted on the this practice’s
website.

Notice of Privacy Policy

Documentation
All documentation related to the receipt and acknowledgment of the Notice of
Privacy Practices is maintained for a minimum of six (6) years.

Questions
Questions the Notice of Privacy Practices or its contents should be directed to
the HIPAA Privacy Officer. Questions about the distribution and acknowledgment
process should be directed to the practice supervisor or the HIPAA Privacy Officer.

Definition – Protected Health Information
Protected Health Information is defined as information that may identify a patient
and includes:
3⁄4 Demographic information that may identify a patient
3⁄4 Information related to the patient's past, present, or future physical or mental
health and condition
3⁄4 Information related to health care services or payment for health care services

Revising the NPP
Whenever this practice’s privacy practices change or there is a change in the law or
HIPAA Rules that requires a change to the Notice of Privacy Practices, This practice
shall determine whether the practice must revise the Notice of Privacy Practices
and, if so, will revise the policy accordingly.
On or after the effective date of revisions to the Notice of Privacy Practices, then on
or after the effective date of the revision this practice will:
1. Provide the new Notice of Privacy Practices to patients on their first
appointment and ask them to sign the acknowledgement
2. Have a supply of paper copies of the new Notice of Privacy Practices available in
the practice and provide it to anyone who requests a copy
3. Post the new Notice of Privacy Practices in a clear and prominent location in the
practice
4. Post the new Notice of Privacy Practices on the practice’s website
5. Retain at least one copy of both the old and new Notice of Privacy Practices for
at least six (6) years from the latter of the date when the document was created
or the date when the document was last in effect

Notice of Privacy Policy

NOTICE OF PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED
AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY.
Under the Health Insurance Portability & Accountability Act of 1996 (HIPAA), all medical records
and other individually identifiable Protected Health Information (PHI) of which we have knowledge
must be kept confidential. All PHI used by us or disclosed by us is covered by this Act regardless
of whether this PHI is in electronic, oral, or paper form. Several new rights are granted to patients
under this Act, allowing control over how your PHI is used, how you can access it, and in some cases
amend it.
We are required by law to maintain the privacy of your PHI and to provide you with notice of our
legal duties and privacy practices with respect to your PHI.
We may be assessed a penalty for any misuse or unauthorized disclosures of your personal health
information as regulated by HIPAA.
This Notice of Privacy Practices is effective on ________________________________________.
We are bound to abide by the terms of this notice and reserve the right to make revisions to this
policy. Should revisions be made, you will be notified in writing and a copy of the revised policy will
be made available at your request.
Should any breach of unsecured PHI ever occur, we will notify the patient(s) involved within 10
business days of discovery of this breach.
You will be asked to sign a consent form authorizing us to use and disclose your personal health
information only for the following purposes, as defined under the Act:
3⁄4 Treatment means the provision, coordination, or management of health care and related
services by one or more healthcare providers, including the coordination of management
of health care by a healthcare provider with a third party; consultation between healthcare
providers relating to a patient; or the referral of a patient for health care from one healthcare
provider to another. An example of this would be a dentist referral to an orthodontist.
3⁄4 Payment means obtaining reimbursement for the provision of health care, determinations of
eligibility of coverage, billing, claims management, collection activities, justification of charges,
and disclosure to consumer reporting agencies of Protected Health Information relating to the
collection of reimbursements (only certain information may be disclosed). An example of this
would be submitting your bill for healthcare services to your insurance company.

Notice of Privacy Policy

3⁄4 Healthcare Operations are any activity related to covered functions in which we participate
in the function of our offices, such as conducting quality assessment activities, protocol
development, case management and care coordination, auditing functions, business
management and general administrative activities (including implementation of this regulation),
customer service evaluations, resolution of grievances, fundraising, and marketing for which an
authorization is not required. An example of this would be evaluation customer service given to
patients.
We may, without prior consent, use or disclose your PHI to carry out treatment, payment, or healthcare
operations:
3⁄4 Directly to you at your request
3⁄4 In an emergency treatment situation if:
A. We attempt to obtain such consent as soon as reasonably practicable after the delivery of
such treatment
B. If we are required by law to treat you and attempts to obtain consent are unsuccessful
C. We attempt to obtain consent but are unable, due to barriers of communication, but
we determine in our professional opinion that treatment is clearly inferred from the
circumstance
3⁄4 Pursuant to and in compliance with an authorization signed by you
3⁄4 Provided that you are informed in advance of the use and disclosure and have the opportunity to
agree to or prohibit or restrict the use or disclosure. This may be an oral agreement between us
and may include a directory maintained at our facility containing specific information allowed by
the Act.
We may de-identify your Personal Health Information by using codes or removing all individually
identifiable health information.
All other uses and disclosures will be made only upon securing a written authorization form signed
by you. You have the right to revoke this authorization, at any time, upon written notice and we will
abide by that request.
However, an exception would be any actions already taken, relying on your authorization, and prior
to revocation notice.
If you have paid for services out of pocket, in full, and request that we not disclose PHI related solely
to these services to a health plan, we will abide by this request except where required by law to
make a disclosure.
We may contact you to provide appointment reminders or to inform you about treatment
alternatives or other health related benefits or services that may be of interest to you.

Notice of Privacy Policy

A written authorization from you will be required to release the following information:
3⁄4 Use and disclosure of psychotherapy notes
3⁄4 Use and disclosure of PHI for marketing purposes
3⁄4 Disclosures that constitute the sale of PHI
3⁄4 Other uses and disclosures of PHI not described in this Notice of Privacy Practices
Under HIPAA, you have the following rights with respect to your Protected Health Information:
3⁄4 No use or disclosure of genetic information will be released for underwriting purposes
3⁄4 You have the right to request restrictions on certain uses and disclosures of Protected Health
Information, including restrictions placed upon disclosure to family members, close personal
friends, or any other person you may identify. We are, however, not required to agree with a
requested restriction
3⁄4 You have the right to receive confidential communications of your Protected Health Information,
either directly from us or from us by alternative means or from alternative locations
3⁄4 You have the right to inspect and copy your Protected Health Information. You may also request
your PHI in an electronic format if we use an electronic (paperless) recordkeeping system
3⁄4 You have the right to amend PHI. However, this request may be denied under certain
circumstances
3⁄4 You have the right to receive an accounting of disclosures of your Protected Health Information
made by us in the six (6) years prior to the date of the account request
3⁄4 You have the right to obtain a paper copy of this notice from us, even if you have already agreed
to receive the notice electronically
If you feel your privacy rights or the provisions if this Notice Of Privacy Practices have been violated,
you have the right to file a formal written complaint.