Search Icon

HIPAA Notice

smiling female medical professionals

In Search of Care? Request a Consultation Today

care_img2

HIPAA NOTICE OF PRIVACY PRACTICES FOR Heart and Vascular Care

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Heart and Vascular Care is committed to protecting your privacy and understands the importance of safeguarding your medical information. We are required by federal law to maintain the privacy of health information that identifies you or that could be used to identify you (known as "Protected Health Information" or "PHI") and to notify you following a breach of your unsecured PHI. We also are required to provide you with this Notice of Privacy Practices, which explains our legal duties and privacy practices, as well as your rights, with respect to PHI that we collect and maintain. We are required by federal law to abide by the terms of this Notice currently in effect. However, we reserve the right to change the privacy practices described in this Notice and make the new practices effective for all PHI that we maintain. Should we make such a change, you may obtain a revised Notice by calling our office and requesting a revised copy be sent in the mail, or accessing our website at www.hvcmd.com.

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION

A. Routine Uses and Disclosures of Protected Health Information

We are permitted under federal law to use and disclose PHI, without your written authorization, for certain routine uses and disclosures, such as those made for treatment, payment, and the operation of our business. The following are examples of the types of routine uses and disclosures of PHI that we are permitted to make. While this list is not exhaustive, it should give you an idea of the routine uses and disclosures we are permitted to make. For Treatment: We will use and disclose your PHI to provide, coordinate, or manage your treatment. For example, a [Practice] physician may share your PHI with another health care provider who is also treating you.

For Payment: Your PHI will be used, as needed, to obtain payment for the health care services we provide you. For example, [Practice] may provide information regarding the treatment you received when submitting claims for reimbursement to your health plan.

For Health Care Operations: We may use or disclose your PHI in order to support the business activities of this facility. For example, we may use your PHI for quality assessment reviews.

B. Uses and Disclosures That May Be Made Without Your Authorization or Opportunity to Object

We may use or disclose your PHI in the following situations without your authorization or providing you the opportunity to object.

Required by the Secretary of Health and Human Services: We may be required to disclose your PHI to the Secretary of Health and Human Services to investigate or determine our compliance with the requirements of the final rule on Standards for Privacy of Individually Identifiable Health Information.

Required By Law: We may use or disclose your PHI to the extent that the use or disclosure is otherwise required by federal, state or local law.

Public Health: We may disclose your PHI for public health activities, such as disclosures to a public health authority or other government agency that is permitted by law to collect or receive the information (e.g., the Food and Drug Administration).

Health Oversight: We may disclose PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies include government agencies that oversee the health care system, government benefit programs, other government regulatory programs and civil rights laws.

Abuse or Neglect: If you have been a victim of abuse, neglect, or domestic violence, we may disclose your PHI to a government agency authorized to receive such information. In addition, we may disclose your PHI to a public health authority that is authorized by law to receive reports of child abuse or neglect.

Judicial and Administrative Proceedings: We may disclose your PHI in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized), and, in certain conditions, in response to a subpoena, discovery request or other lawful process.

Law Enforcement: We may disclose your PHI, so long as applicable legal requirements are met, for law enforcement purposes, such as providing information to the police about the victim of a crime.

Coroners and Funeral Directors: We may disclose your PHI to a coroner, medical examiner, or funeral director if it is needed to perform their legally authorized duties.

Organ Donation: If you are an organ donor, we may disclose your PHI to organ procurement organizations as necessary to facilitate organ donation or transplantation.

Research: Under certain circumstances, we may disclose your PHI to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your PHI.

Serious Threat to Health or Safety: We may disclose your PHI if we believe it is necessary to prevent a serious and imminent threat to the public health or safety and it is to someone we reasonably believe is able to prevent or lessen the threat.

Specialized Government Functions: When the appropriate conditions apply, may disclose PHI for purposes related to military or national security concerns, such as for the purpose of a determination by the Department of Veterans Affairs of your eligibility for benefits.

National Security and Intelligence Activities: We may disclose your PHI to authorized federal officials for intelligence, counterintelligence, protection of the President, other authorized persons or foreign heads of state, for purpose of determining your own security clearance and other national security activities authorized by law.

Workers' Compensation: We may disclose your PHI as necessary to comply with workers' compensation laws and other similar programs.

Inmates: We may use or disclose your PHI if you are an inmate of a correctional facility and we created or received your PHI in the course of providing care to you.

Business Associates: We may disclose your PHI to persons who perform functions, activities or services to us or on our behalf that require the use or disclosure of PHI. To protect your health information, we require the business associate to appropriately safeguard your information.

C. Uses and Disclosures That May Be Made Either With Your Agreement or the Opportunity to Object

Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, orally or in writing, your PHI that directly relates to that person's involvement in your health care. If you are unable to agree or object to such disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment. We may use or disclose your PHI to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location or general condition.

D. Uses and Disclosures of Protected Health Information Based upon Your Written Authorization

Psychotherapy Notes: We must obtain your written authorization for most uses and disclosures of psychotherapy notes, if applicable.

Marketing: We must obtain your written authorization to use and disclose your PHI for most marketing purposes.

Sale of PHI: We must obtain your written authorization for any disclosure of your PHI which constitutes a sale of PHI.

Other Uses: Other uses and disclosures of your PHI, not described above, will be made only with your written authorization (unless otherwise permitted or required by law). You may revoke your authorization, at any time, in writing, except to the extent that we have taken action in reliance on the authorization.

YOUR RIGHTS REGARDING HEALTH INFORMATION ABOUT YOU

You have certain rights regarding your PHI, which are explained below. You may exercise these rights by submitting a request in writing to our Privacy Officer.

A. You have the right to inspect and copy your PHI. If you would like to see or get an electronic or paper copy your PHI that is contained in a designated record set (e.g., medical and billing records), we are required to provide you access to such PHI for inspection and copying within 30 days after receipt of your request (with up to a 30-day extension if needed). We may charge you a reasonable fee to cover duplication, mailing and other costs incurred by us in complying with your request. In addition, there are situations where we may deny your request for access to your PHI. For example, we may deny your request if we believe the disclosure will endanger your life or that of another person. Depending on the circumstances of the denial, you may have a right to have this decision reviewed.

B. You have the right to request a restriction of your PHI. This means you may ask us not to use or disclose any part of your PHI for purposes of treatment, payment or health care operations. You may also request that any part of your PHI not be disclosed to family members or friends who may be involved in your care or for notification purposes as described in this Notice. Your request must state the specific restriction requested and to whom you want the restriction to apply. We are not required to agree to a restriction that you may request, except we must agree not to disclose your PHI to your health plan if the disclosure (1) is for payment or health care operations and is not otherwise required by law, and (2) relates to a health care item or service which you paid for in full out of pocket. If we agree to the requested restriction, we may not use or disclose your PHI in violation of that restriction unless it is needed to provide emergency treatment.

C. You have the right to request to receive confidential communications from us by alternative means or at an alternative location. You have the right to request that we communicate with you in a certain way or at a certain location. We will accommodate reasonable requests. We may also condition this accommodation by asking you for information as to how payment will be handled or specification of an alternative address or other method of contact.

D. You have the right to amend your PHI. This means you may request an amendment of your PHI in our records that is contained in a designated record set (e.g., medical and billing records) for as long as we maintain the PHI. We will respond to your request within 60 days (with up to a 30-day extension if needed). We may deny your request if, for example, we determine that your PHI is accurate and complete. If we deny your request, we will send you a written explanation and allow you to submit a written statement of disagreement.

E. You have the right to receive an accounting of certain disclosures that we have made of your PHI. You have the right to receive an accounting of certain disclosures we have made, if any, of your PHI. This right only applies to disclosures for purposes other than treatment, payment or health care operations as described in this Notice. It also excludes disclosures we may have made to you, your family members or friends involved in your care. The right to receive this information is subject to certain exceptions, restrictions and limitations. You must specify a time period, which may not be longer than 6 years. You may request a shorter timeframe. You have the right to one free request within any 12-month period, but we may charge you for any additional requests in the same 12-month period. We will notify you about any such charges, and you are free to withdraw or modify your request in writing before any charges are incurred. We will respond to your request within 60 days (with up to a 30-day extension if needed).

F. You have the right to obtain a paper copy of this notice from us.

G. You have the right to be notified if you are affected by a breach of unsecured PHI.

H. You have the right to opt out of receiving fundraising communications from us. We may contact you for fundraising purposes. You have the right to opt out of receiving these communications.

COMPLAINTS

If you believe that we have violated your privacy rights, you may file a complaint with us by notifying our Privacy Officer in writing at the following address:

Heart and Vascular Care

3970 Deputy Bill Cantrell Memorial Rd., Suite 100, Cumming, GA 30040

Chris Wilde

info@hvcmd.com

678-513-2273

 

We will not retaliate against you in any way for filing a complaint. You may also submit your complaint to the Secretary of Health and Human Services.

This notice is effective on August 14, 2024.