This Privacy Policy describes how your medical information may be used or disclosed and how you can gain access to it. Please read this notice carefully.
The Health Insurance Portability and Accountability Act (HIPAA) of 1996 is a federal program that requires strict confidentiality for all your personal health information. That includes all your medical and dental information used or disclosed by us in any form, whether electronic, written or verbal. The Act gives you significant rights to understand and control how your health information is used. The Act also provides penalties for the misuse of Protected Health Information (PHI).
PHI is any information about you, including demographic data that identifies you and your past, present or future physical or mental health condition, as well as related healthcare services. This Privacy Policy describes how we may use or disclose your PHI to provide treatment, payment or healthcare operations or other purposes that are permitted or required by law. This policy also describes your rights to access and control your PHI.
Uses and Disclosures of Protected Health Information
Your PHI may be used or disclosed by our physician, office staff or others involved in your care and treatment, whether providing healthcare services to you, paying your healthcare bills, supporting the operation of our practice or any other lawful use.
Treatment: We will use and disclose your PHI to provide, coordinate or manage your healthcare and related services. This includes the coordination or management of your healthcare by a third party. For example, your PHI may be given to a physician you have been referred to in order to ensure that he or she has the necessary information to diagnose or treat you.
Healthcare Operations: We may use or disclose your PHI to support our business activities. These activities may include quality assessment, employee review and conducting or arranging other business activities. We may also use a sign-in sheet at the registration desk where you will be asked to sign your name and indicate your physician. We may call you by name in our reception area when your physician is ready to see you. We may use or disclose your PHI, as necessary, to contact you to remind you of your appointment. We may phone your home and leave a message (on an answering machine or with the person answering the phone) to remind you of an upcoming appointment, the need to schedule a new appointment or to call our office. We may also mail a postcard reminder or letter to your home address. Please tell us if you prefer that we call or contact you at another phone number or location.
We may use or disclose your PHI under the following circumstances without your authorization. These include, as required by law:
– public health issues– communicable diseases– health oversight– abuse or neglect– Food and Drug Administration requirements– legal proceedings– law enforcement– coroners, funeral directors, and organ donation– medical research– criminal activity; prison inmates– military activity and national security– Workers’ Compensation
Required Uses and Disclosures: The law requires us to disclose to you when we are investigated by the Secretary of the Department of Health and Human Services to determine our compliance with HIPAA. Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless required by law. You may revoke this authorization in writing at any time except to the extent that your physician or the physician’s practice has taken action in reliance on the use or disclosure indicated in your authorization.
Payment: Your PHI will be used, as needed, to obtain payment for healthcare services. For example, obtaining approval for a hospital stay may require that your relevant PHI be disclosed to your health insurance plan to obtain approval for a hospital admission or a health-related procedure.
YOUR RIGHTS
You have the right to inspect and copy your PHI. Under federal law, however, you may not inspect or copy the following records:
– psychotherapy notes– information compiled in reasonable anticipation of, or use in civil, criminal or administrative actions or proceedings– PHI that is subject to law prohibiting access to said PHI
You have the right to request a restriction of your health information. This means you may ask us not to use or disclose any part of your PHI for the purposes of treatment, payment or healthcare operations. You may also request nondisclosure of any part of your PHI to family members or friends who may be involved in your care or for notification purposes described in these Privacy Practices. Your request must state the specific restriction and to whom you want the restriction to apply.
Your physician is not required to agree to your requested restriction. If your physician believes it is in your best interests to permit use and disclosure of your PHI, your PHI will not be restricted. You then have the right to use another healthcare professional.
You have the right to request to receive confidential communications from us by alternative means or at an alternative location. You have the right to obtain a paper copy of this Privacy Policy from us, upon request, even if you have agreed to accept this Privacy Policy alternatively (e.g., electronically).
You have the right to have your physician amend your PHI. If we deny your request for amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and provide you with a copy of any such rebuttal. You have the right to receive an accounting of certain disclosures we have made, if any, of your PHI.
We reserve the right to change the terms of this Privacy Policy and will inform you of any changes. You then have the right to object or withdraw as provided herein.
WEB BROWSER COOKIES
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users visit our site, fill out a form, and in connection with other activities, services, features or resources we make available on our Site. Users may be asked for, as appropriate, name, email address, phone number. Users may, however, visit our Site anonymously. We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
HOW WE PROTECT YOUR INFORMATION
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site.
SHARING YOUR PERSONAL INFORMATION
We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates, and advertisers for the purposes outlined above. We may use third-party service providers to help us operate our business and the Site or administer activities on our behalfs, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
CHANGES TO THIS PRIVACY POLICY
Zambito Heart Center has the discretion to update this privacy policy at any time. We encourage Users to frequently check this page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.
YOUR ACCEPTANCE OF THESE TERMS
By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed your acceptance of those changes.
COMPLAINTS
You may complain to us or to the Secretary of Health and Human Services if you believe your privacy rights have been violated by us. You may file a complaint by notifying the privacy officer at our office and main telephone number. We will not retaliate against you for exercising your right to file a complaint.
All correspondence related to this Privacy Policy should be directed to:
Privacy Officer
Zambito Heart Center
101-19 39th Avenue, Suite 101
Corona, NY 11368