Notice of Privacy Practices
Notice of Privacy Practices
Effective Date: January 16, 2024
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice of Privacy Practices (the “Notice”) describes the privacy practices of Pippen Health of Delaware, P.A. In this Notice, we may also refer to we, us or our. It also applies to the members of its Affiliated Covered Entity (“Found ACE”). This is a group of covered entities and health care providers we own or control and includes Pippen Health of Delaware, P.A., Pippen Health of California, P.C., Pippen Health of Texas, P.A. and Pippen Health of New Jersey, P.A.. They designate themselves as a single entity to comply with the Health Insurance Portability and Accountability Act (“HIPAA”). The members of the Found ACE can share PHI (“PHI”) with each other. We do this for the treatment, payment and health care operations of the Found ACE and as allowed by HIPAA and this Notice.
PROTECTION OF YOUR PHI
By law, we must protect your Protected health information. “Protected health information” or “PHI” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical health or condition, treatment or payment for health care services. We must provide you with this Notice explaining our legal duties and privacy practices for your PHI. This Notice describes how we may use and disclose your PHI. We provide you with some examples, but we don’t spell out every allowable use or disclosure in this Notice. This Notice also describes your rights and what we must do to use and disclose your PHI. We, and our employees and workforce members, must follow the terms of this Notice and any changes we make to it. This Notice also describes your rights to access and control your protected health information. In addition to HIPAA, we must also follow state privacy laws that are stricter (or more protective of your PHI) than federal law.
USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION
Your PHI may be used and disclosed by our health care providers, our staff, and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to support our business operations, to obtain payment for your care, and any other use authorized or required by law.
We will use and disclose your PHI to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, we may share your PHI with other parties (such as pharmacies, doctors, hospitals or other health care providers) to help them provide care to you or coordinate your care. In some cases, uses and disclosures of your PHI may be made through a Health Information Exchange or other shared system.
Your PHI may be used to bill or obtain payment for your health care services. This may include sharing your PHI with your insurer, pharmacy benefit manager, or other health care payor to determine whether it will pay for your health care products and services. This also may tell us how much you may owe.
HEALTH CARE OPERATIONS
We may use or disclose, as needed, your PHI in order to support the business activities of Found ACE. These activities include things like to improving quality of care, providing information about treatment alternatives or other health-related benefits and services, developing or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste and abuse investigations. We may also use and share your PHI to contact you about health-related products and programs.
USES AND DISCLOSURES THAT DO NOT REQUIRE YOUR AUTHORIZATION:
We may use or disclose your PHI in the following situations without your authorization. These situations include the following uses and disclosures: as required by law; for public health purposes; for health care oversight purposes; in connection with legal proceedings; for law enforcement purposes; to coroners, funeral directors and organ donation agencies; for certain research purposes; for abuse or neglect reporting; pursuant to Food and Drug Administration requirements; for allegations of certain criminal activities; for certain military activity and national security purposes; for workers’ compensation reporting; relating to certain inmate reporting; and other required uses and disclosures. Under the law, we must make certain disclosures to you upon your request, and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of HIPAA. State laws may further restrict these disclosures. We may also use or disclose your de-identified information for any purpose permitted by law without your authorization.
USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION
Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless permitted or required by law. Without your authorization, we are expressly prohibited from using or disclosing your PHI for marketing purposes. We may not sell your PHI without your authorization. Your PHI will not be used for fundraising. We will not use or disclose your psychotherapy notes without your authorization, except as permitted by law. If you provide us with an authorization for certain uses and disclosures of your information, you may revoke such authorization, at any time, in writing, except to the extent that we have taken an action in reliance on the use or disclosure indicated in the authorization.
YOUR RIGHTS WITH RESPECT TO YOUR PROTECTED HEALTH INFORMATION
You have the right to request a restriction on the use or disclosure of your PHI. Your request must be in writing and state the specific restriction requested and to whom you want the restriction to apply. We are not required to agree to a restriction that you may request, except if the requested restriction is on a disclosure to a health plan for a payment or health care operations purpose regarding a service that has been paid in full out-of-pocket.
You have the right to request to receive confidential communications from us by alternative means or at an alternate location. We will comply with all reasonable requests submitted in writing which specify how or where you wish to receive these communications.
You have the right to request to access, inspect, and copy your protected health information.
You have the right to request an amendment of your protected health information. If we deny your request for amendment, you have the right to file a statement of disagreement with us. We may prepare a rebuttal to our statement and we will provide you with a copy of any such rebuttal.
You have the right to receive an accounting of certain disclosures we have made, if any, of your PHI. This right only applies to disclosures for purposes other than treatment, payment, or health care operations as described in this Notice. It excludes disclosures we may have made to you, your family members, or friends involved in your care. The right to receive this information is subject to certain exceptions, restrictions and limitations. You must specify a time period, which may not be longer than 6 years. You may request a shorter timeframe. You have the right to one free request within any 12-month period, but we may charge you for any additional requests in the same 12-month period. We will notify you about any such charges, and you are free to withdraw or modify your request in writing before any charges are incurred. We will respond to your request within 60 days (with up to a 30-day extension if needed).
You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by e-mail.
TO REPORT A PROBLEM
To report a problem about this Notice or how we handle your PHI should be directed to our HIPAA Privacy Officer in writing. You may also submit a formal complaint to the Secretary of the Department of Health and Human Services. We will not retaliate against you for filing a complaint.
- We must follow the duties and privacy practices described in this Notice. If you have any questions about this Notice, please contact us:
Found Health, Inc.
Mail: 1023 Springdale Road,
Suite 13A, Austin, Texas 78721
Attn: Privacy Officer
BREACH OF HEALTH INFORMATION
We will notify you if a breach of your unsecured PHI is discovered. Notification will be made to you no later than 60 days from the breach discovery and will include a brief description of how the breach occurred, the PHI involved and contact information for you to ask questions.
REVISIONS TO THIS NOTICE
We reserve the right to revise this Notice and to make the revised Notice effective for PHI we already have about you as well as any information we receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on our website.