Privacy Policy for Bone Health Clinic (HIPAA Compliant)
Effective Date: 3/1/2022
1. Introduction
Bone Health Clinic is committed to protecting the privacy and confidentiality of our patients’ protected health information (PHI) in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and other applicable laws and regulations. This Privacy Policy outlines how we collect, use, disclose, and safeguard PHI when you interact with our clinic, website, or any related services. By using our services, you consent to the practices described in this HIPAA-compliant Privacy Policy.
2. Information Collection and Use
2.1. Protected Health Information (PHI): We collect PHI that is necessary for providing quality healthcare services, including but not limited to your name, address, contact details, date of birth, medical history, test results, diagnoses, and treatment plans.
2.2. Treatment, Payment, and Operations (TPO): We use your PHI for treatment, payment, and healthcare operations purposes, such as providing medical care, processing insurance claims, and improving the quality of our services.
3. Uses and Disclosures of PHI
3.1. Treatment Purposes: We may use and disclose PHI to provide, coordinate, or manage your healthcare and related services. This includes sharing information with healthcare professionals involved in your treatment.
3.2. Payment Purposes: We may use and disclose PHI to obtain payment for the healthcare services we provide. This includes submitting insurance claims and sharing information with billing entities.
3.3. Healthcare Operations: We may use and disclose PHI for healthcare operations, such as quality assessment, staff training, legal compliance, and conducting audits.
3.4. Authorization: We will obtain your written authorization before using or disclosing PHI for purposes not covered by this Privacy Policy, except as required or permitted by law.
3.5. Required Disclosures: We may disclose PHI without your authorization in cases required by law, such as public health reporting, reporting abuse or neglect, or responding to judicial or administrative proceedings.
4. Data Security
4.1. We implement appropriate administrative, technical, and physical safeguards to protect your PHI from unauthorized access, use, or disclosure.
4.2. All our employees and business associates are trained to comply with HIPAA and maintain the confidentiality of PHI.
5. Patient Rights
5.1. Access: You have the right to access your PHI and obtain a copy of your health records upon request.
5.2. Amendment: You have the right to request an amendment to your PHI if you believe it is inaccurate or incomplete.
5.3. Restriction: You have the right to request restrictions on the use and disclosure of your PHI for treatment, payment, and operations purposes.
5.4. Confidential Communication: You have the right to request confidential communication of PHI through a preferred method or location.
6. Complaints
6.1. If you believe your privacy rights have been violated, you have the right to file a complaint with our clinic or with the Secretary of the U.S. Department of Health and Human Services.
7. Contact Information
7.1. If you have any questions, concerns, or requests related to this HIPAA-compliant Privacy Policy or our data practices, please contact our clinic using the information provided below:
By using our services, you acknowledge that you have read and understood this HIPAA-compliant Privacy Policy, and you consent to the collection, use, and disclosure of your PHI as described herein.