THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Commitment to Privacy:
BioHorizon Medical, Inc. is dedicated to maintaining the privacy of your healthcare information and we are required by law to maintain the confidentiality of information that identifies you. Any use of healthcare information beyond the uses described below requires your individual written authorization. The Health Insurance Portability and Accountability Act (HIPAA) obligates BioHorizon Medical, Inc. to provide you with a copy of our Privacy Notice, outlining our privacy practices and how we safeguard your health information. BioHorizon Medical, Inc. abides by the terms of the Privacy Notice currently in effect, and reserves the right to revise or amend the notice, as needed.
Your Health Information Rights:
Although your health record is the physical property of the healthcare facility that compiled it, the information belongs to you. You have the right to:
- Request a restriction on certain uses and disclosures of your information;
- Obtain a paper copy of the notice of privacy practices;
- Inspect and copy your health care record;
- Obtain an accounting of disclosures of your health information;
- Request confidential communication;
- Amend your healthcare record;
- Revoke your authorization to use or disclose health information except to the extent that action has already been taken.
Our Responsibilities:
BioHorizon Medical, Inc. is required to:
- Maintain the privacy of your health information;
- Provide you with a notice as to our legal duties and privacy practices with respect to information we collect and maintain about you;
- Abide by the terms of this notice;
- Notify you if we are unable to agree to a requested restriction;
- Accommodate reasonable requests you my have to communicate health information by alternative means.
BioHorizon Medical, Inc. reserves the right to change our practices and to make the new provisions effective for all protected health information we maintain. Should our information practices change, we will mail a revised notice to your address on file. We will not use or disclose your health information without your authorization, except for treatment, payment, and healthcare operations.
HITECH Amendment
BioHorizon Medical, Inc. is including HITECH Act provisions to its Notice as follows:
HITECH Notification Requirements
Under HITECH, BioHorizon Medical, Inc. is required to notify patients whose PHI has been breached. Notification must occur by first class mail within 60 days of the event. A breach occurs when an unauthorized use or disclosure that compromises the privacy or security of PHI poses a significant risk for financial, reputational, or other harm to the individual. This notice must:
(1) Contain a brief description of what happened, including the date of the breach and the date of discovery;
(2) The steps the individual should take to protect themselves from potential harm resulting from the breach;
(3) A brief description of what BioHorizon Medical, Inc. is doing to investigate the breach, mitigate losses, and to protect against further breaches.
Business Associates
Effective February 2010, BioHorizon Medical, Inc. Business Associate Agreements have been amended to provide that all HIPAA security administrative safeguards, physical safeguards, technical safeguards and security policies, procedures, and documentation requirements apply directly to the business associate.
Cash Patients/Clients
HITECH states that if a patient pays in full for their services out of pocket they can demand that the information regarding the service not be disclosed to the patient's third party payer since no claim is being made against the third party payer.
Access to E-Health Records
HITECH expands this right, giving individuals the right to access their own e-health record in an electronic format and to direct BioHorizon Medical, Inc. to send the e-health record directly to a third party. BioHorizon Medical, Inc. may only charge for labor costs under the new rules.
Accounting of E-Health Records for Treatment, Payment, and Health
BioHorizon Medical, Inc. does not currently have to provide an accounting of disclosures of PHI to carry out treatment, payment, and health care operations. However, starting January 1, 2014, the Act will require BioHorizon Medical, Inc. to provide an accounting of disclosures through an e-health record to carry out treatment, payment, and health care operations. This new accounting requirement is limited to disclosures within the three-year period prior to the individual's request.
Examples of Disclosure for Treatment, Payment, and Healthcare Operations:
We will use your health information for treatment. Information obtained by our company will be documented in your healthcare record and will be used to provide you with durable medical equipment and/or supplies. The prescription that your physician has ordered will be part of the record and will determine the equipment and supplies that you receive.
We will use your health information for payment. In order to determine your eligibility for equipment and/or supplies, BioHorizon Medical, Inc. may contact your insurance company and disclose healthcare related information. Also, BioHorizon Medical, Inc. will bill you or a third-party payer for services that you receive from our company. The health information that identifies you, your diagnosis, equipment, and supplies may be included on this bill.
We will use your health information for healthcare operations. BioHorizon Medical, Inc. may use your health information to evaluate the quality of care you receive from us, to conduct cost management assessments, and to plan business activities. This information is used in an effort to continually improve the quality and effectiveness of the healthcare services we provide.
Other Uses or Disclosures:
Business Associates: There are some individuals who are under contract with BioHorizon Medical, Inc. and, from time to time, are engaged in the improvement or financial enhancement of our business. So that your health information is protected, however, we require any business associate to appropriately safeguard your information.
Public Health: As required by law, we may disclose your health information to public health or legal authorities charged with preventing or controlling disease, injury, or disability.
Law Enforcement: We may disclose health information for law enforcement purposes as required by law, or in response to a valid subpoena.
Health Oversight Activities: We may disclose health information to health oversight agencies for activities authorized by law, including surveys, audits, and compliance inspections.
Worker's Compensation: We may release your health information to the extent necessary to comply with laws relating to workers compensation or other similar programs established by law.
For More Information:
Please contact BioHorizon Medical, Inc.'s Privacy Officer, at (310) 321-5830, if you require additional information and/or want to pursue your rights, including:
- Requesting restrictions;
- Inspecting and copying your record;
- Securing an accounting of disclosures;
- Requesting additional disclosures;
- Revoking authorizations at any time;
- Filing a complaint
If you believe your privacy rights have been violated, you may contact our company's General Manager. You may also file a complaint with the Secretary of Health and Human Services (Office of Civil Rights). There will be no retaliation for filing a complaint.