NOTICE OF PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY. THIS NOTICE IS ONLY APPLICABLE IF WE HAVE PROTECTED HEALTH INFORMATION ABOUT YOU THAT IS REGULATED BY HIPAA.
Effective August 5, 2020
A. REQUIREMENTS UNDER HIPAA
Nox Health is required to:
- Maintain the privacy of your protected health information (‘PHI’), to the extent required by state and federal law. PHI is information about you that may be used to identify you (such as your name, social security number or address), and that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present, or future payment for the provision of health care. In conducting its business, Nox Health will receive and create records containing your PHI.
- Give you this Notice explaining our legal duties and privacy practices with respect to medical information about you.
- Nox Health is required to notify affected individuals following a breach of unsecured medical information under federal law.
- Nox Health is required by law to maintain the privacy of your PHI and to provide you with notice of its legal duties and privacy practices with respect to your PHI. Additionally, Nox Health must abide by the terms of this Notice while it is in effect. This current Notice takes effect on February 29, 2016, and will remain in effect until Nox Health replaces it. Nox Health reserves the right to change the terms of this Notice at any time, as long as the changes are in compliance with applicable law. If Nox Health changes the terms of this Notice, the new terms will apply to all PHI that it maintains, including PHI that was created or received before such changes were made. If Nox Health changes this Notice, it will post the new Notice on its Web site and will make the new Notice available upon request.
B. USES AND DISCLOSURES OF PHI
The following categories describe the different reasons that we typically use and disclose medical information. These categories are intended to be general descriptions only, and not a list of every instance in which we may use or disclose your medical information. Please understand that for these categories, the law generally does not require us to get your authorization in order for us to use or disclose your medical information. Nox Health may use and disclose your PHI in the following ways:
- Treatment, Payment and Health Care Operations. Nox Health is permitted to use and disclose your PHI for purposes of (a) treatment, (b) payment and (c) health care operations. For example:
- Treatment. Nox Health may disclose your PHI to another physician or health care provider for purposes of a consult or in connection with the provision of follow-up treatment.
- Payment. Nox Health may use and disclose your PHI to your health insurer or health plan in connection with the processing and payment of claims and other charges.
- Health Care Operations. Nox Health may use and disclose your PHI in connection with its health care operations, such as providing customer services and conducting quality review assessments. Nox Health may engage third parties to provide various services for Nox Health. If any such third party must have access to your PHI in order to perform its services, Nox Health will require that third party to enter a business associate agreement that binds the third party to the use and disclosure restrictions outlined in this Notice.
- Appointment Reminders and Health Related Benefits and Services. We may use and disclose medical information, in order to contact you (including, for example, contacting you by phone and leaving a message on an answering machine) to provide appointment reminders and other information. We may use and disclose medical information to tell you about health- related benefits or services that we believe may be of interest to you.
- Healthcare Operations and Continuity of Care. In the event that you or a third party chooses to discontinue payment for services that Nox Health provides or arranges for you, Nox Health may reach out to you to offer ongoing healthcare services to you under new payment arrangements, at your choosing.
- Authorization. Nox Health is permitted to use and disclose your PHI upon your written authorization, to the extent such use or disclosure is consistent with your authorization. You may revoke any such authorization at any time.
- As Required by Law. Nox Health may use and disclose your PHI to the extent required by federal, state, or local law or regulations.
C. SPECIAL CIRCUMSTANCES
The following categories describe unique circumstances in which Nox Health may use or disclose your PHI:
- Public Health Activities. Nox Health may disclose your PHI to public health authorities or other governmental authorities for purposes including preventing and controlling disease, reporting child abuse or neglect, reporting domestic violence and reporting to the Food and Drug Administration regarding the quality, safety and effectiveness of a regulated product or activity. Nox Health may, in certain circumstances disclose PHI to persons who have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading a disease or condition.
- Workers’ Compensation. Nox Health may disclose your PHI as authorized by, and to the extent necessary to comply with, workers’ compensation programs and other similar programs relating to work-related illnesses or injuries.
- Health Oversight Activities. Nox Health may disclose your PHI to a health oversight agency for authorized activities such as audits, investigations, inspections, licensing and disciplinary actions relating to the health care system or government benefit programs.
- Judicial and Administrative Proceedings. Nox Health may disclose your PHI, in certain circumstances, as permitted by applicable law, in response to an order from a court or administrative agency, or in response to a subpoena or discovery request.
- Law Enforcement. Nox Health may, under certain circumstances, disclose your PHI to a law enforcement official, such as for purposes of identifying or locating a suspect, fugitive, material witness or missing person.
- Decedents. Nox Health may, under certain circumstances, disclose PHI to coroners, medical examiners and funeral directors for purposes such as identification, determining the cause of death and fulfilling duties relating to decedents.
- Organ Procurement. Nox Health may, under certain circumstances, use or disclose PHI for the purposes of organ donation and transplantation.
- Research. Nox Health may, under certain circumstances, use or disclose PHI that is necessary for research purposes.
- Threat to Health or Safety. Nox Health may, under certain circumstances, use or disclose PHI if necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public.
- Specialized Government Functions. Nox Health, may in certain situations, use and disclose PHI of persons who are, or were, in the Armed Forces for purposes such as ensuring proper execution of a military mission or determining entitlement to benefits. Nox Health may also disclose PHI to federal officials for intelligence and national security purposes.
D. YOUR RIGHTS REGARDING YOUR PHI
Federal and state laws provide you with certain rights regarding the medical information we have about you. You have the following rights regarding the PHI maintained by Nox Health:
- Inspection and Copies. You have the right to inspect and copy your PHI. You must submit your request in writing to Nox Health. Nox Health may impose a reasonable fee for the costs of copying, mailing, labor and supplies associated with your request. Nox Health may deny your request to inspect and/or copy your PHI in certain limited circumstances. If that occurs, Nox Health will inform you of the reason for the denial, and you may request a review of the denial. Unless such is unreasonable or unfeasible, you may request copies of your PHI from Nox Health in an electronic format.
- Amendment. You have a right to request that Nox Health amend your PHI if you believe it is incorrect or incomplete, and you may request an amendment for as long as the information is maintained by Nox Health. You must submit your request in writing to Nox Health and provide a reason to support the requested amendment. Nox Health may, under certain circumstances, deny your request by sending you a written notice of denial. If Nox Health denies your request, you will be permitted to submit a statement of disagreement for inclusion in your records.
- Accounting of Disclosures. You have a right to receive an accounting of all disclosures Nox Health has made of your PHI. However, that right does not include disclosures made for treatment, payment or health care operations, disclosures made to you about your treatment, disclosures made pursuant to an authorization, and certain other disclosures. You must submit your request in writing to Nox Health and you must specify the time period involved (which must be for a period of time less than six years from the date of the disclosure). Your first accounting will be free of charge. However, Nox Health may charge you for the costs involved in fulfilling any additional request made within a period of 12 months. Nox Health will inform you of such costs in advance, so that you may withdraw or modify your request to save costs.
- Restrictions. You have the right to request restrictions on certain uses and disclosures of PHI for treatment, payment or health care operations. You also have the right to request that Nox Health restrict its disclosures of PHI to only certain individuals involved in your care or the payment of your care. You must submit your request in writing to Nox Health. Nox Health is not required to comply with your request. However, if Nox Health agrees to comply with your request, it will be bound by such agreement, except when otherwise required by law or in the event of an emergency.
- Confidential Communication. You have the right to receive confidential communications of your PHI. You may request that Nox Health communicate with you through alternate means or at an alternate location, and Nox Health will accommodate your reasonable requests. You must submit your request in writing to Nox Health.
- Breach Notification. You have the right to be notified in the event that Nox Health (or a Nox Health Business Associate) discovers a breach of unsecured PHI.
- Changes To This Notice. We reserve the right to change this Notice at any time, along with our privacy policies and practices. We reserve the right to make the revised or changed Notice effective for medical information we already have about you as well, as any information we receive in the future. We will post a copy of the current notice, along with an announcement that changes have been made, as applicable, on our website. When changes have been made to the Notice, you may obtain a revised copy by sending a letter to Nox Health’s Privacy Officer at the address or contact information listed below.
- Complaint. If you believe that your privacy rights as described in this Notice have been violated, you may file a complaint with Nox Health’s Privacy Officer at the address or contact information listed in below. To file a complaint with Nox Health, you may either call or send a written letter. Nox Health will not retaliate against any individual who files a complaint. You may also file a complaint with the Secretary of the Department of Health and Human Services. In addition, if you have any questions about this Notice, please contact the Nox Health HIPAA Privacy Officer at the address or phone number listed below.
Attn: HIPAA Privacy Officer
5000 Research Ct #500, Suwanee, GA 30024
- Further Information. If you would like more information about your privacy rights, please contact Nox Health’s Privacy Officer as indicated above. To the extent you are required to send a written request to Nox Health to exercise any right described in this Notice, you must submit your request to Nox Health’s Privacy Officer to the mailing address above.