Effective: March 31, 2015
This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
Please review it carefully.
How is Patient Privacy Protected?
As the healthcare providers providing online medical services through Bright Heart Health (the “Healthcare Providers”, “us”, “we”, “our”), we understand that information about you and your health is personal. Because of this, we strive to maintain the confidentiality of your health information. We continuously seek to safeguard that information through administrative, physical and technical means, and otherwise abide by applicable federal and state guidelines.
How do we use and disclose health information?
We use and disclose your health information for the normal business activities that the law sees as falling in the categories of treatment, payment and health care operations. Below we provide examples of those activities, although not every use or disclosure falling within each category is listed:
Treatment – We keep a record of the health information you provide us. This record may include your test results, diagnoses, medications, your response to medications or other therapies, and information we learn about your medical condition through the online services. We may disclose this information so that other medical doctors, psychiatrists, psychologists, counselors, dietitians, and other licensed professionals can meet your healthcare needs.
Payment – We document the services and supplies you receive when we are providing care to you so that you, your insurance company or another third party can pay us. We may tell your health plan about upcoming treatment or services that require prior approval by your health plan.
Health Care Operations – Health information is used to improve the services we provide, to train staff and students, for business management, quality improvement, and for customer service. For example, we may use your health information to review our treatment and services and to evaluate the performance of our staff in caring for you.
We may also use your health information to:
- Comply with federal, state or local laws that require disclosure.
- Inform authorities to protect victims of abuse or neglect.
- Comply with Federal and state health oversight activities such as fraud investigations.
- Respond to law enforcement officials or to judicial orders, subpoenas or other process.
- Inform coroners, medical examiners and funeral directors of information necessary for them to fulfill their duties.
- Facilitate organ and tissue donation or procurement.
- Conduct research following internal review protocols to ensure the balancing of privacy and research needs.
- Avert a serious threat to health or safety.
- Assist in specialized government functions such as national security, intelligence and protective services.
- Inform military and veteran authorities if you are an armed forces member (active or reserve).
- Inform a correctional institution if you are an inmate.
- Inform workers’ compensation carriers or your employer if you are injured at work.
- Recommend treatment alternatives.
- Tell you about health-related products and services.
- Communicate within our organization for treatment, payment, or health care operations.
- Communicate with other providers, health plans, or their related entities for their treatment or payment activities, or health care operations activities relating to quality assessment or licensing.
- Provide information to other third parties with whom we do business, such as a record storage provider. However, you should know that in these situations, we require third parties to provide us with assurances that they will safeguard your information.
We may also use or disclose your personal or health information for the following operational purposes. For example, we may:
- Communicate with individuals involved in your care or payment for that care, such as friends and family.
Send appointment reminders.
- You may tell us that you do not want us to use or disclose your information for these two activities.
- All other uses and disclosures, not previously described, may only be done with your written authorization. For example, we need your authorization before we disclose your psychotherapy notes. We will also obtain your authorization before we use or disclose your health information for marketing purposes. You may revoke your authorization at any time; however, this will not affect prior uses and disclosures.
In some cases state law may require that we apply extra protections to some of your health information.
What are the Healthcare Provider’s Responsibilities?
We are required by law to:
- Maintain the privacy of your health information
- Provide this notice of our duties and privacy practices
- Abide by the terms of the notice currently in effect.
- Tell you if there has been a breach that compromises your health information.
We reserve the right to change privacy practices, and make the new practices effective for all the information we maintain. Revised notices will be posted on the Bright Heart Health website.
Do you have any Federal Rights?
The law entitles you to:
- Inspect and copy certain portions of your health information. In most cases this will not include psychotherapy notes and we may deny your request under limited circumstances. (Fees may apply to this request). If we keep records electronically, you may request that we provide them to you in an electronic format.
- Request amendment of your health information if you feel the health information is incorrect or incomplete. (However, under certain circumstances we may deny your request.)
- Receive an accounting of certain disclosures of your health information made for the prior six (6) years, although this excludes disclosures for treatment, payment, health care operations. (Fees may apply to this request).
- Request that we restrict how we use or disclose your health information. (However, we are not required to agree with your requests, unless you request that we restrict information provided to a payor, the disclosure would be for the payor’s payment or health care operations, and you have paid for the health care services completely out of pocket).
- Request that we communicate with you at a specific telephone number or address.
Obtain a paper copy of this notice even if you receive it electronically.
We may ask that you make some of these requests in writing.
What if I have a Complaint?
If you believe that your privacy has been violated, you may file a complaint with us or with the Secretary of Health and Human Services in Washington, D.C. We will not retaliate or penalize you for filing a complaint with the facility or the Secretary.
To file a complaint with us or receive more information contact:
Phone: (844) 884-4474
Address: 2603 Camino Ramon, Suite 200, San Ramon, CA 94583
To file a complaint with the Secretary of Health and Human Services write to 200 Independence Ave., S.E., Washington, D.C. 20201 or call 1-877-696-6775.
Who Will Follow This Notice?
This Notice describes the healthcare practices of:
- Any physician or other health care professional authorized by us to access and/or enter information into your medical record,
- All departments and units through which Bright Heart Health’s online services are provided; and
All affiliates and volunteers.