THIS NOTICE DESCRIBES HOW WE MAY USE AND DISCLOSE YOUR PROTECTED HEALTH INFORMATION AND HOW YOU CAN ACCESS AND CONTROL YOUR PROTECTED HEATLH INFORMATION. PLEASE REVIEW IT CAREFULLY.
1.1. “PHI” means Protected Health information which is information that relates to the past, present, or future physical and mental health or condition of an individual, the provision of health care to the individual, or the past, present, or future payment for the provision of health care to an individual that identifies the individual, or with respect to which there is a reasonable basis to believe that the information can be used to identify the individual.
1.2. “Medical Record” means electronic file in which information is recorded that is relevant to making decisions about your health by Doctor. That information may consist of medical test results, surveys, or questionnaires You have completed about yourself, notes made by Doctor, and other relevant health care information. Your Medical Record consists of all the information contained in that file. Medical Record mostly includes information that You provide through Medical History Form on Web Page.
1.3. “Doctor” or “We” mean Allied Medical & Diagnostic Services, LLC and its subsidiary LatisseDoctor.com. Allied Medical & Diagnostic Services, LLC is covered entity that needs to provide you with this notice about its duties and privacy practices with respect to PHI and is responsible to maintain the privacy of your PHI.
1.4. “User” or “You” mean actual owner of the account within the web page LatisseDoctor.com. It also means any other person acting on behalf of another as health care representative in connection to the same account. In the event of health care representation, actual User is the health care representative as well as account holder on whose behalf the account exists.
1.5. “Web Page” means www.latissedoctor.com.
Statement of Intent
2.1. We intent to use your PHI provided to us by You through medical history form only to ensure that LATISSE® Solution is a safe option for You to use. We make reasonable effort to limit the use of your PHI to accomplish the intended purpose. However, in certain circumstances We are required by law to disclose your PHI with regard to other circumstances. You will find the description of possible use of your PHI with regard to these circumstances in this Notice.
Our Obligation to You
3.1. In General. We are required by law to maintain the privacy of your PHI as described below. Our obligation extends to using or disclosing information in your Medical Record that identifies, or could be used to identify You. We are required to provide You with this notice explaining exactly what our legal duties are and what practices We follow to ensure compliance with those legal duties.
Your Individual Rights
4.1. Right to Request Restrictions on Use and Disclosure of Your PHI.
4.1.1. Additional Restrictions. Our right to use and disclose your PHI is restricted by law in many circumstances. You have the right to request other additional restrictions on how We use your PHI. You may also request that we restrict to whom we will disclose that information.
4.1.2. Consequences of Your Request. We are not required to agree to any restriction You may request and We are not allowed to agree to any restriction that is not permitted by law. However, We pledge to give due consideration to all requests and, if We do agree to a request, We are generally required to abide by that agreement. There are some exceptions to the general rule. For example, we are not required to abide by an agreement not to disclose if disclosure is necessary in an emergency situation to treat You or to prevent harm to another.
4.1.3. Termination of Restrictions. Our agreement to a restriction not to use or disclose your PHI in your Medical Record may be revoked by You pursuant to a written request that the restriction be terminated. The restriction may also be terminated if You and We agree to terminate it, either in writing or orally. Finally, We may terminate the agreement by informing You that We are doing so. However, if You do not agree with us that the restriction should be terminated, the restriction will continue to apply to any PHI that was in the Medical Record prior to receiving notice of termination from us.
4.1.4. Request for Restrictions. If you wish to use your right to request a restriction on the use or disclosure of your PHI in your Medical Record, please submit a written request to us by email at email@example.com or send us a mail to Seaside Medical Spa Inc. 212 N El Camino Real San Clemente, CA 92672. You will find all the contact information through the Web Page in the section “Contact Us”.
4.2. Right to Request Special Confidential Communications
4.2.1. Form of Communications. You have a right to request that We communicate with You about your PHI in your Medical Record in a manner that differs from the manner We would normally employ or at location other than that to which We normally address such communications. For example, Youmay request thatWe communicate with You only in writing and that any such communication is sent to a location other than your home address. We will accommodate all reasonable requests.
4.2.2. Request for Special Communications. If You wish to use your right to request special communications about your PHI in your Medical Record, please submit a written request to us by email at firstname.lastname@example.org or send us a mail to Seaside Medical Spa Inc. 212 N El Camino Real San Clemente, CA 92672. You will find all the contact information through the Web Page in the section “Contact Us”.Your request should set forth exactly how You would like us to handle such communications. If the nature of your request is such that it prevents communication of the information to the person normally responsible for payment, your request should also specify how payment will be made.
4.3. Right to inspect and copy health information
4.3.1. In General. You have a right to access the information in your Medical Record to inspect it and, if you wish to copy it. The information You have a right to inspect and copy includes both health-related and payment information. You will have access to your PHI and Medical History Form through the Web Page.
4.3.2. Request for Copy. If You wish to use your right to request a copy of your Medical Record, please submit a written request to us by email at email@example.com or send us a mail to Seaside Medical Spa Inc. 212 N El Camino Real San Clemente, CA 92672. You will find all the contact information through the Web Page in the section “Contact Us”. We will normally respond to your request within 30 days of receipt unless the information to which You request access is located off site, in which case, it may take us up to 60 days to respond. If for some reason We are unable to respond within the time frames stated above, We will, prior to the expiration of the 30-day or 60-day period, notify You in writing, why We are unable to respond and the date by which We will respond. In no case will our response be given later than 30 days after the expiration of the date that it would have been due had We not given notice.
4.3.3. Denial of Request. In almost all cases, We will grant your request and you will be so notified in writing. In rare cases, We may deny your request, or We may deny your request with respect to only some of the information in your Medical Record. If your request is denied, You will be notified in writing why We denied the request. That same notice will explain to You your rights to request a review of that denial and how to exercise those rights. Finally, We will also advise You how You may make a complaint to us or to the Secretary of the Department of Health and Human Services. If your request is denied only in part, We will provide You with access to the remaining information in your Medical Record.
4.4. Right to amend information contained in your Medical Record
4.4.1. In General. Usually You will have a right to amend your PHI through the Web Page.You also have a right to request that We amend information contained in your Medical Record. If You wish to make such a request, please submit a written request to us by email at firstname.lastname@example.org or send us a mail to Seaside Medical Spa Inc. 212 N El Camino Real San Clemente, CA 92672. You will find all the contact information through the Web Page in the section “Contact Us”.
4.4.2. Form of Request. Your written request must contain the reasons why You believe an amendment is necessary. We will respond to your request within 60 days after receipt unless We notify You in writing prior to expiration of the 60-day period why We are unable to respond within that time frame and specify the date on which We will respond, which will not be later than 90 days after receipt of your request.
4.4.3. Denial of Request. If We agree to your request for amendment, We will notify you in writing of that fact and the procedures that You and We will need to follow to accomplish the amendment. We may deny your request for a variety of reasons including our determination that the information contained in your Medical Record is complete and accurate. If We deny your request, We will notify You in writing of the reason for the denial, and of additional rights You may exercise regarding our denial, including your right to file a complaint with us or the Secretary of Health and Human Services how to go about filling such complaint.
4.5. Right to an Accounting of Disclosures of Information in Your Medical Record
4.5.1. Right and Exclusions. You have a right to receive an accounting of most disclosures that We may make of information in your Medical Record. Some disclosures that We may make are excepted from your right to an accounting, including but not limited to:
4.5.2. Form of Accounting. The accounting will list the name and (if available) address of the person or entity to whom We made the disclosure, a short description of the information disclosed and the purpose of the disclosure, and date of the disclosure. The accounting will cover the six-year period prior to the date of your request, unless you request an accounting for a shorter period.
- Disclosures We make to assist in your treatment and to obtain payment for that treatment;
- Disclosures We make to assist us or concrete Health Care Provider in health care operations;
- Disclosures We make pursuant to a written authorization that we have received from you;
- Disclosures that We make directly to You;
- Disclosures for our patient directory;
- Disclosures to persons involved in your care.
4.5.3. Request for Accounting. If You wish to make such a request, please submit a written request to us by email at email@example.com or send us a mail to Seaside Medical Spa Inc. 212 N El Camino Real San Clemente, CA 92672. You will find all the contact information through the Web Page in the section “Contact Us”. Your request must state the period you wish to be covered by the accounting. We will normally provide the accounting to You without charge. However, if You make a request for more than one accounting in any 12-month period, You will be required to reimburse us for our reasonable cost in making any accounting after the first. If your request for an accounting would subject You to paying this fee, We will notify You of that fact before We begin the processes required to provide that accounting so that You may withdraw the request if you do not wish to incur the fee.
4.5.4. Response Time. We will respond to your request for an accounting within 60 days after receipt unless We notify You in writing prior to the expiration of the 60-day period why We are unable to respond within that time frame and specify the date on which We will respond, which will not be later than 90 days after receipt of your request.
Required Uses and Disclosures of Your PHI
5.1. In General. According to law, We are required to disclose your PHI, including but not limited to these circumstances:
- To You (or your personal representative) specifically when You request access to, or an accounting of disclosure of your PHI; or
- To Department of Health and Human Services when it is undertaking a compliance investigation or review of enforcement action.
Miscellaneous Health-Related Activities
6.1. In General. We may, without your authorization, use you PHI and information in your Medical Record to send you appointment reminders, information about alternative treatments, or other health related benefits and services that we believe might be of interest to you.
Fund Raising Activities
7.1. In General. We are always hopeful that those to whom We provide the Services will find it in their hearts to contribute to our efforts. Accordingly, We may, without your authorization contact You regarding fund raising activities that will directly benefit us.
Permitted Uses and Disclosures of Your PHI
8.1.In General. Under some specific circumstances, We are permitted, but not required to use and disclose your PHI without your written authorization. The following list just demonstrates these specific circumstances and it does not mean that we use or disclose you PHI in any of the ways described below. However, for proper diagnosis with regard to LATISSE® Solution product, We use your PHI for Treatment, Payment and Health Care Operations and also as required by state or federal law.
8.2. Treatment. We may disclose your PHI for the treatment activities to concrete Health Care Provider if he or she is providing treatment for you. Treatment is the provision, coordination, or management of health care and related services for an individual by one or more health care providers, including consultation between providers regarding a patient and referral of a patient by one provider to another. For example, Doctor may share your PHI with other specialized Health Care Provider for purposes of consultation regarding your treatment.
8.3. Payment. We may use and disclose your PHI to your health insurer, health plan or concrete Health care Provider in connection with the billing, processing and payment of claims or other charges. Payment encompasses activities of a health plan to obtain premiums, determine or fulfill responsibilities for coverage and provision of benefits, and furnish or obtain reimbursement for health care delivered to an individual and activities of a Health Care Provider to obtain payment or be reimbursed for the provision of health care to an individual. For example, when your treatment is wholly or partially covered by insurance, the insurance company will require us to disclose the type of treatment provided by Doctor in order that they can determine the amount of reimbursement to which Doctor is entitled.
8.4. Health Care Operations. We may use and disclose your PHI in connection to our services or third party’s services provided for us in connection to the Web Page.These services may include any of the following activities; a) quality assessment, b) competency assurance activities, c) conducting or arranging for medical reviews, audits, or legal services, including fraud and abuse detection and compliance programs, d) specified insurance functions, including but not limited to underwriting, risk rating, and reinsuring risk, e) business planning, development, management, and administration, f) de-identifying PHI and creating a limited data set. For example,We may disclose your PHI for the purposes of quality assessment to third party. If We contract with third parties under permitted circumstances We will require from them to sign Limiting Agreements that restrict what third parties can do with your PHI.
8.5. Family Member, Other Relative or Close Friend. We may provide your PHI to a family member, other relative, or close personal friend or other individual involved in your care or payment for care, if We obtain your informal permission to do so. You have opportunity to object to such a disclosure. In certain other circumstances where We are unable to obtain your informal permission, obtaining your permission causes undue burden for us or We exercise due diligence and are unable to contact You first, We may disclose your PHI (including your location) to family member, other relative or close personal friend if We believe that disclosure is in your best interest.
8.6. Emergency and Public Health Activities. We may use or disclose your PHI in an emergency when such a use or disclosure is necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. We may use and disclose your PHI to public health authorities authorized by law to collect or receive such information for preventing or controlling disease, injury, or disability, to public health or other government authorities authorized to receive reports of child abuse and neglect, to entities subject to FDA regulation regarding FDA regulated products or activities to individuals who may have contracted or been exposed to a communicable disease when notification is authorized by law, and to employers, regarding employees, when requested by employers, for information concerning a work-related illness or injury or workplace related medical surveillance, because such information is needed by the employer to comply with the Occupational Safety and Health Administration (OHSA), the Mine Safety and Health Administration (MHSA), or similar state law.
8.7. Victims of Abuse, Neglect or Domestic Violence. In certain circumstances, We may use and disclose your PHI to appropriate government authorities regarding victims of abuse, neglect, or domestic violence.
8.8. Health Oversight Activities. We may disclose your PHI to health oversight agencies authorized by law for purposes of legally authorized health oversight activities, such as audits and investigations necessary for oversight of the health care system and government benefit programs.
8.9. Judicial and Administrative Proceedings. We may disclose your PHI in a judicial or administrative proceeding if the request for the information is through an order from a court or administrative tribunal. Such information may also be disclosed in response to a subpoena or other lawful process if certain assurances regarding notice to You or a protective order are provided.
8.10. Law Enforcement Purposes. We may disclose your PHI to law enforcement officials for law enforcement purposes as required by law (including court orders, court-ordered warrants, subpoenas) and administrative request, to identify or locate a suspect, fugitive, material witness, or missing person, in response to a law enforcement official’s request for information about a victim or suspected victim of a crime, to alert law enforcement of a person’s death, to inform law enforcement about the commission and nature of a crime, the location of the crime or crime victims, and the perpetrator of the crime.
8.11. Essential Government Functions. We may use and disclose your PHI for certain essential government functions. Such functions include assuring proper execution of a military mission, conducting intelligence and national security activities that are authorized by law, providing protective services to the President, making medical suitability determinations for U.S. State Department employees, protecting the health and safety of inmates or employees in a correctional institution, and determining eligibility for or conducting enrollment in certain government benefit programs.
8.12. Decedents. We may use and disclose your PHI to funeral directors as needed, and to coroners and medical examiners to identify a deceased person, determine the cause of death, and perform other functions authorized by law.
8.13. Cadaveric Organ, Eye, or Tissue Donation. We may use and disclose your PHI to facilitate the donation and transplantation of cadaveric organs, eyes, and tissue.
8.14. Workers Compensation. We may disclose your PHI as authorized by, and to comply with, workers’ compensation laws and other similar programs providing benefits for work-related injuries or illnesses.
9.1. In General. You have a right to file a complaint with us or with the Department of Health and Human Services if you believe your rights to Medical Record and your PHI have been violated. To file a complaint with us, simply submit it in writing to us by email at firstname.lastname@example.org or send us a mail to Seaside Medical Spa Inc. 212 N El Camino Real San Clemente, CA 92672. You will find all the contact information through the Web Page in the section “Contact Us”.In your complaint, be sure to specify which of our policies or procedures You believe have not been followed or how else You believe We have not provided You with the privacy to which You are entitled under the law. We pledge to respond to all complaints that are filed, except those that are obviously intended as harassment. You will not be retaliated against because You filed a complaint.
General Provisions and Acknowledgments
10.1. Additional Written Authorization. We may send you a request for your written authorization to use and disclose your PHI in a way when law requires your prior written authorization. You may refuse, accept or revoke such authorization.
10.2. Incidental Uses and Disclosures. Incidental uses and disclosures of information may occur. An incidental use or disclosure is a secondary use or disclosure that cannot reasonably be prevented, is limited in nature, and that occurs as a by-product of an otherwise permitted use or disclosure. However, such incidental uses or disclosures are permitted only to the extent that We have applied reasonable safeguards and do not disclose any more of your PHI than is necessary to accomplish the permitted use or disclosure.
10.3. More Stringent Laws. We offer our Services and the Application in many states across the nation. In some cases We may be required to follow the state law provisions on use and disclosure of your PHI, which may be more stringent than those outlined in this Notice.
10.4. Notice. The Effective Date of this Notice is October 1, 2011.