THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW CAREFULLY.
Notice of Privacy Practices
Notice of Privacy Practices
This Notice of Privacy Practices (“Notice”) describes how Integrative Health and the members of its Affiliated Covered Entity (collectively “we” or “our”) may use and disclose your Protected Health Information to carry out treatment, payment, or business operations and for other purposes that are permitted or required by law. An Affiliated Covered Entity is a group of healthcare providers under common ownership or control that designates itself as a single entity to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). We have elected to voluntarily and substantially comply with the standards outlined in HIPAA. The Integrative Health Affiliated Covered Entity member will share PHI for the treatment, payment, and healthcare operations of the Integrative Health Affiliated Covered Entity as permitted by HIPAA and this Notice of Privacy Practices.
Protected Health Information or “PHI” is information about you, including demographic information, that may identify you and relates to your past, present, or future physical health or condition, treatment, or payment for healthcare services. This Notice also describes your rights to access and control your PHI.
Uses & Disclosures of PHI
Your PHI may be used and disclosed by our healthcare providers, our staff, and others outside our office that are involved in your care and treatment to provide healthcare services to you, to support our business operations, to obtain payment for your care, and any other use authorized or required by law.
Treatment
We will use and disclose your PHI to provide, coordinate, or manage your healthcare and related services. These include the coordination or management of your healthcare with a third party. For example, we may provide your PHI to a healthcare provider in the case of a referral to ensure the information is accessible to diagnose or treat you.
Payment
Your PHI may be used to bill or obtain payment for your healthcare services. This may include certain activities that your health insurance plan may undertake before it approves or pays for your services, such as: deciding on eligibility or coverage for insurance benefits and reviewing services provided for medical necessity.
Healthcare Operations
We may use or disclose, as needed, your PHI to support the business activities of this office. These activities include but are not limited to improving the quality of care, providing information about treatment alternatives or other health-related benefits and services, developing, or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste, and abuse investigations.
Uses & Disclosures That Do Not Require Your Authorization
We may use or disclose your PHI in the following situations without your authorization. These situations include the following uses and disclosures: as required by law; for public health purposes; for healthcare oversight purposes; for abuse or neglect reporting; according to Food and Drug Administration requirements; in connection with legal proceedings; for law enforcement purposes; to coroners, funeral directors, and organ donation agencies; for specific research purposes; for certain criminal reporting; and other required uses and disclosures. Under the law, we must make certain disclosures to you upon your request and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the Health Insurance Portability and Accountability Act (HIPAA) requirements. State laws may further restrict these disclosures.
Uses & Disclosures That Require Your Authorization
We will make other permitted and required uses, and disclosures will be made only with your consent, authorization, or opportunity to object unless permitted or required by law. Without your authorization, we are prohibited from using or disclosing your PHI for marketing purposes. We may not sell your PHI without your authorization. Your PHI will not be used for fundraising. If you provide us with authorization for specific uses and disclosures of your information, you may revoke such authorization, at any time, in writing, except to the extent that we have taken action in reliance on the use or disclosure indicated in the authorization.
In addition, federal and state law require special privacy protections for certain highly confidential information about you (“Highly Confidential Information”), including the subset of your PHI that is about:
- information maintained in psychotherapy notes
- mental treatment
- alcohol or drug abuse or addiction
- HIV/AIDS testing, diagnosis, or treatment
- communicable disease(s)
- venereal disease(s)
- genetic testing
- child abuse and neglect
- domestic abuse of an adult
- sexual assault
For your Highly Confidential Information to be disclosed for a purpose other than those permitted by law, your written authorization is required.
Your Rights with Respect to Your PHI
- You have the right to inspect and copy your PHI.
- You may request access to or an amendment of your PHI.
- You have the right to request a restriction on the use or disclosure of your protected health/personal information. Your request must be in writing, and state the specific restriction requested and to whom you want the restriction to apply. We are not required to agree to a restriction that you may request, except if the requested restriction is on a disclosure to a health plan for a payment or healthcare operations purpose regarding a service that has been paid in full out-of-pocket.
- You have the right to request to receive confidential communications from us by alternative means or at an alternate location. We will comply with all reasonable requests submitted in writing, which specify how or where you wish to receive these communications.
- You have the right to request an amendment of your PHI. If we deny your request for amendment, you have the right to file a statement of disagreement with us. We may prepare a rebuttal to our statement, and we will provide you with a copy of any such rebuttal.
- You have the right to receive an accounting of certain disclosures of your PHI that we have made, paper or electronic, except for certain disclosures which were pursuant to an authorization, for purposes of treatment, payment, healthcare operations (unless the information is maintained in an electronic health record); or for specific other purposes.
- You have the right to obtain a paper copy of this Notice upon request, even if you have previously requested its receipt electronically by email.
Revision of Notice
We reserve the right to revise this Notice and make the revised Notice effective for the PHI we already have about you as well as any information we receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on our website at integrativehealtharizona.com. You then have the right to object or withdraw as provided in this Notice.
Breach of Health Information
We will notify you if a reportable breach of your unsecured PHI is discovered. Notification will be made to you within 60 days after the breach discovery and will include a brief description of how the breach occurred, the PHI involved, and contact information for you to ask questions.
Complaints
Complaints about his Notice or how we handle your PHI should be directed to our HIPAA Privacy Officer. If you are not satisfied with how a complaint is handled, you may submit a formal complaint to the Department of Health and Human Services, Office for Civil Rights by sending a letter to 200 Independence Avenue, S.S., Washington, D.C. 20201, calling 1.877.696.6775, or by visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.
We must follow the duties and privacy practices described in this Notice. We will maintain the privacy of your PHI and notify affected individuals following a breach of unsecured PHI. If you have any questions about this Notice, don’t hesitate to contact our Compliance, Ethics, Risk & Privacy Office at iescompliance@ies.healthcare or call 469.420.5544 (office) or 844.972.0590 (hotline) to connect with our HIPAA Privacy Officer.