Notice of Privacy Practices
Effective Date: May 3, 2024
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE
USED AND DISCLOSED AND HOW YOU MAY RECEIVE ACCESS TO THIS
INFORMATION. PLEASE REVIEW IT CAREFULLY
The HIPAA Privacy Law requires us to provide this Notice to you regarding our privacy practices, our legal duties to protect your private information and your rights concerning health information about you. We are required to maintain the privacy of your protected health information (“PHI”) and to notify you following a breach resulting in the inappropriate use or disclosure of your unsecured PHI. We are required to abide by the terms of this Notice of Privacy
Practices. Sanova Dermatology reserves the right to revise the terms of this Notice and make any changes effective for all PHI we maintain. This Notice applies to all locations of Sanova Dermatology. Copies of our current Notice of Privacy Practices will be available to you on our website or upon request at the front desk of all of our locations. This Notice of Privacy Practices will also be on display at each of our locations.
Other companies or persons that perform services on our behalf, called Business Associates, must also protect the privacy of your information. Business Associates are not allowed to release your information to anyone else unless specifically permitted by law. There may be other state and federal laws, which provide additional protections related to communicable disease, mental health, substance or alcohol abuse, or other health conditions.
This Notice explains how that information, called PHI may be used and disclosed to others. The terms of this Notice apply to health information produced or obtained by Sanova Dermatology.
Our Commitment to You
Sanova Dermatology is committed to maintaining the privacy of your health information. This practice strives to maintain the highest degree of integrity in its interactions with patients and the delivery of quality healthcare. The practice, its employees, and business associates will at all times strive to maintain compliance with all laws, regulations, and requirements affecting the practice of medicine and the handling of patient information. The protection of the privacy of the individual’s and the security of an individual’s electronic protected health information (“ePHI) is a critical concern to this practice, and to the trust our patients offer in out treatment of their medical issues.
Uses and Disclosures
Your protected health information may be used and disclosed by Sanova Dermatology’s physicians, staff, and others involved in your care for purposes of treatment, payment and health care operations without your written authorization. The following are common types of uses and disclosures your physician’s office is authorized to make without your written authorization. While not a complete list of allowable disclosures, these examples will provide you with an understanding of acceptable disclosures made by this practice.
- Treatment: Our practice will use and may share health information about you to provide, coordinate, or manage your health care and treatments. For example, a nurse or medical assistant will obtain treatment information about you and record it in a medical record. Alternatively, one of our physicians may use information about you for a consultation with, or a referral to, another physician to diagnose your illness and determine which treatment option, such as surgery or medication, will best address your health needs. One of our physicians may also transmit a prescription to your pharmacy of choice.
- Payment: We may use and disclose health information about you to obtain payment for the care and services that we have provided to you. For example, we may need to provide your health plan provider with information about you, your diagnosis, and the treatment provided to you at Sanova Dermatology so that your health insurer will pay us, or reimburse you, for the treatment. We may also contact your health insurance to obtain prior approval about a potential treatment.
- Health Care Operations: We may use and share health information about you for Sanova Dermatology’s health care operations. These business activities include, but are not limited to, planning, management, quality assessment, and improvement activities for the treatments that we deliver. For example, we may use your health information to evaluate the skills of our physicians, nurses, and other health care providers in caring for
you. We also may use your information to review quality and health outcomes. We may also use your information for purposes of business planning or computer systems maintenance. - Business Associates: We will share your PHI with third party “business associates” that perform various activities on our behalf. Examples of a Business Associate include, billing services, transcription services, and legal services. Prior to disclosing any PHI with a business associate, we will establish a written contract that contains terms that will
protect the privacy of your information. Business associates and their subcontractors must also comply with HIPAA Privacy and Security Regulations. We verify their understanding and responsibility. - Appointment Reminders: We may use and disclose PHI to contact you for appointment reminders and to communicate necessary information about your appointment. For example, we may reach out to you to confirm your appointment or to fill out pre- appointment paperwork.
- Treatment Alternatives & Other Health Related Benefits: We may use and disclose PHI to provide you with information about treatment alternatives or other health-related benefits and services that may be of interest to you. For example, we may use your information to determine whether you might be an appropriate candidate for a new service and provide you with information regarding same.
- People Assisting in Your Care: In certain limited situations, Sanova Dermatology may disclose essential health information to people such as family members, relatives, or close friends who are helping care for you or helping you pay your health care bills. We will disclose information to them only with your permission, if you are present or otherwise available, or if these people need to know the information to help you and you are not available to provide permission due to incapacity, death, or an emergency circumstance. For example, if you become incapacitated and disclosure of your medical information is necessary for a relative to help you obtain proper treatment. Generally, we will ask you prior to making disclosures if you agree to such disclosures. If you are unable to make health-related decisions or it is an emergency, Sanova Dermatology will determine if it would be in your best interest to disclose pertinent health information about you to the people assisting in your care. If you have objections to us providing these individuals with the information described in this section, please contact us so that we can ensure your wishes are respected.
- Fundraising Communications: We may contact you as part of a fundraising effort. For example, we may use or disclose your information in order to contact you for fundraising activities associated with Sanova Dermatology and its operations. We would only release your name, address and phone number, and the dates you received treatment. If you do not want us to contact you for fundraising efforts, you may “Opt-Out” of this at any time by contacting our office. Your PHI may be used and disclosed by Sanova Dermatology’s physicians, staff, and others involved in your care for other purposes only with your written authorization. The following are common types of uses and disclosures your physician’s office is authorized to make only after obtaining your written authorization.
- Marketing: We may also contact you with advertisements about our services and promotions. This could include promotions that we are running for particular items or services along with marketing materials regarding same. The only exceptions to the need for an authorization are that we can provide you with marketing materials in a face-to- face encounter or a promotional gift of very small value, if we so choose
- Psychotherapy Notes: A written authorization is required for us to use or disclose your psychotherapy notes in most cases, except where they are created by our practice, used in a psychotherapy training program for of other providers, or when used to defend in a legal proceeding brought by you. Our practice does not provide psychotherapy services or engage in psychotherapy training programs. Therefore, Sanova Dermatology will typically obtain a written authorization from you for most uses and disclosures of your psychotherapy notes.
- Sale of Your Information: A written authorization is required for Sanova Dermatology to sell your information. Sanova Dermatology does not engage in the sale of patient information. If Sanova Dermatology chooses to engage in the sale of your patient information in the future, we will only do so with your written authorization and will disclose whether the sale results in profit to Sanova Dermatology.
- Revoking Authorization related to Marketing, Psychotherapy Notes, and Sale of Your Information: If you have already given your written authorization for uses and disclosures related to marketing, psychotherapy notes, or the sale of your information and would like to revoke this authorization, you may do so by revoking your authorization in writing. Please note, that these authorizations cannot be revoked to the extent Sanova Dermatology has already taken action in reliance on your authorization.
Other Uses and Disclosures That May be Made without Your Written Authorization.
Your protected health information may be used and disclosed by Sanova Dermatology without your authorization or opportunity to object when required or permitted by law. If required, you will be notified of any disclosure. Examples of these types of disclosures include:
- As Required by Law: We must disclose health information about you if federal, state, or local law requires us. We will maintain compliance with the law and will limit the disclosure to the minimum necessary. If required, you will be notified of any disclosure.
- Legal Proceedings: If you are involved in a lawsuit, dispute, or other judicial or administrative proceeding, we may disclose health information about you in response to a court order, subpoena, or other lawful process.
- Required by HIPAA Law: The Secretary of the Department of Health and Human Services (HHS) may investigate privacy violations. If your health information is requested as part of an investigation, we must share your information with HHS.
- Law Enforcement: We may disclose your health information to a law enforcement official if required or allowed by law.
- In emergency circumstances to report a crime: the location of the crime or victims; or the identity, description or location of the person who committed the crime.
- Workers Compensation: If you are seeking compensation due to a work-related injury, we may release health information about you to the extent necessary to comply with laws relating to Workers Compensation claims.
- Public Health Risks: We may disclose health information about you for public health purposes or to public health or legal authorities who are permitted by law to collect or receive the information. Examples include disclosure to prevent or controlling disease, or injury. We are permitted by law to notify a person who may have been exposed to a communicable disease or may be at risk for contracting or spreading a disease or condition. We may also disclose your PHI, if disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. We also may disclose PHI if it is necessary for law enforcement authorities to identify or apprehend an individual.
- Abuse or Neglect: We believe abuse or neglect to be a serious issue. We may disclose your PHI to a public health authority authorized to receive reports of child abuse or neglect. We may also disclose your information if, in our best judgement, we believe you have been a victim of abuse, neglect, or domestic violence. When disclosing PHI in cases of abuse or neglect, we will follow applicable state and federal laws.
- Organ and Tissue Donation: Consistent with applicable law, we may release your health information to organ procurement organizations or others engaged in the transplantation of organs to enable a possible transplant.
- Coroners, Medical Examiners, and Funeral Directors: We may release your PHI to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or to determine the cause of death. We may also release your PHI to a funeral director, as necessary, to carry out his/her duties.
- Research: Federal law permits Sanova Dermatology to use or disclose health information about you for research purposes, if the research is reviewed and approved by an Institutional Review Board to protect the privacy of your health information before the study begins. We may disclose your information if we have your written authorization to do so. In some instances, researchers may be allowed to use information about you in a restricted way to determine whether the potential study participants are appropriate. We will make a “good faith effort” to acquire your permission or rejection to participate in any research study prior to releasing any protected information about you.
- Health Oversight Activities: We must disclose health information to a health oversight agency for activities that are required by federal, state or local law. Oversight activities include investigations, inspections, industry licensures, and government audits. These activities are necessary to enable government agencies to monitor various health care systems, government programs, and industry compliance with civil rights laws. Most states require that identifying information about you, such as your social security number, be removed from information releases for health oversight purposes, unless you have provided written permission for the disclosure.
- Military Activity and National Security: If you are a member of the military or a veteran, we will disclose health information about you as required by command authorities, for the purpose of determination by the Department of Veterans Affairs of your eligibility of benefits, or to foreign military authority if you are a member of that foreign military service; or if you give us your written permission. We are also permitted to disclose your health information to authorized federal officials for other specialized government functions such as national security or intelligence activities.
- Notification/Disaster Relief Purposes: In certain situations, we may share your health information with the American Red Cross or another similar federal, state or local disaster relief agency or authority, to help the agency locate persons affected by the disaster.
Additional Uses and Disclosures That May Be Made with Your Written Authorization.
- Highly Confidential Information: Federal and state law requires special privacy protections for certain “Highly Confidential Information” about you, including any part of your health information that is about: Child abuse and neglect, Domestic abuse of an adult with a disability, mental illness or developmental disability treatment or services, alcohol or drug dependency diagnosis, treatment, or referral, HIV/AIDS testing, diagnosis, or treatment, sexually transmitted disease, sexual assault, genetic testing, In Vitro Fertilization (IVF), and information maintained in psychotherapy notes. Disclosure of your Highly Confidential Information will only be made in accordance with applicable state and federal laws.
- Any Other Purpose: For any purpose other than those described above, we may only use or share your health information when you give us your written authorization to do so. For example, you will need to sign an authorization form before we can send your health information to your life insurance company. You may revoke an authorization at any time. If you revoke your authorization, we will no longer disclose your PHI for the reasons covered by your written authorization. Note: We are unable to undo any disclosures previously made with your authorization.
Your Rights Regarding Health Information We Maintain About You
- You have the right to inspect and receive a copy of your PHI. As long as we maintain your PHI, you may request to inspect and receive a copy of your records or direct that such information be provided to another person chosen by you. You may obtain your medical record that contains medical and billing records and any other records your physician uses for health care decisions. For PHI in a designated record set that is maintained in an electronic format, you can request an electronic copy of such information. There may be a charge for copies of your PHI. To make such a request, complete a “Request for Inspecting and Copying PHI Form. However, federal law prohibits you from inspecting or copying: psychotherapy notes, information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action proceeding; and information that your provider feels would cause you to commit serious harm to yourself or to others. You will receive a letter if you are denied access. You have the right to appeal the denial. Please contact our Privacy Officer if you have any questions.
- You have the Right to Request Amendment. If you believe that any of the health information we have about you is incorrect or incomplete, you have the right to ask us to change the information for as long as Sanova Dermatology maintains the information. To request an amendment to your health information, your request must be in writing, signed, and submitted to the Privacy Officer. You may also submit a Request for Amendment of Protected Health Information form. If we deny your request, we will provide you with a written explanation. You may respond with a statement of disagreement that will be maintained with your records. If we accept your request to amend the information, we will make reasonable efforts to inform others, including people you name, of the amendment and to include the changes in any future disclosures of that information.
- You have the Right to Request Restrictions on Use and Disclosure: You have the right to request a restriction or limitation on certain uses and disclosures of your health information, including those involving treatment, payment, or healthcare operations, as well as those involving other individuals involved in your care. To request restrictions, you must make your request in writing. Complete a Request for Restrictions on Use and Disclosure of PHI form. If you wish to submit your request in another manner, your written request must include:
What information you wish to limit
Whether you wish to limit our use, disclosure, or both
To whom you want the limits to apply – for example, if you want to prohibit disclosures
for insurance payment, health care operations, for disaster relief purposes, to persons
involved in your care, or to your spouse.
You or your personal representative must sign it.
We are not required to agree to your request in many instances, but we will attempt to
accommodate reasonable requests when appropriate. - You have the Right to an Accounting of Disclosures: With some exceptions, you have the right to receive an accounting of certain disclosures of your PHI. Complete the Request for Accounting of Non-Authorized Use or Disclosure form. If you wish to submit a request in another manner, your accounting request must be in writing and signed by you or your personal representative and submitted to our Privacy Officer. Your request must specify the time in which the disclosures were made. These disclosures may not go back further than six years from the date of the request. You may receive one free accounting in any 12-month period. There will be a charge for more than one request in a 12-month period. The accounting will include only information that is required by law, and will not include releases for treatment, payment, and health care operations, or releases that you have authorized.
- You have the Right to Receive Confidential Communications: You have the right to request that we communicate with you about medical matters in a confidential manner or at a specific location. For example, you may ask that we only contact you via mail to a post office box. Complete the Request for Alternative means of Communication of PHI form. If you wish to submit a request in another manner, You must submit your request in writing to the practice manager. Your request must specify how or where you wish to be contacted. We will not ask you the reason for your request. We will accommodate all reasonable requests.
- You have the Right to Receive a Copy of this Notice: You have the right to a paper copy of this Notice of Privacy Practices even if you have agreed to receive the Notice electronically. You may ask us to give you a copy of this Notice at any time.
- Right to Revoke Your Authorization to Use or Disclose: Other uses and disclosures of your health information not covered by this Notice or the laws that govern us will be made only with your written authorization. You have the right to revoke your authorization in writing at any time, and we will discontinue future uses and disclosures of your health information for the reasons covered by your authorization. We are unable to take back any disclosures that were already made with your authorization, and we are required to retain the records of the care that we provided to you.
- Right to be Notified of Disclosure of Unsecured Health Information: You have the right to be notified following a breach of your unsecured health information.
For Further Information
If you have questions, or would like additional information, you may contact the Privacy Officer
at mlyons@sanovaderm.com or at the address listed below.
To File a Complaint
You may submit any complaints with respect to violations of your privacy rights through our online portal by entering our name, “Sanova Dermatology” at the following link: www.hotline-services.com. Additionally, you may also file a complaint with the Secretary of the U.S. Department of Health and Human Services if you feel that your rights have been violated. There will be no retaliation from Sanova Dermatology for making a complaint.
Changes to this Notice
If we make a material change to this Notice, we will post the revised copy in our office, and provide a revised Notice available at our reception desk and on our website. We will also send a notice that our privacy practices have been updated via email or regular mail.
Contact Information
Unless otherwise specified, to exercise any of the rights described in this Notice, for more
information, or to file a complaint, please contact the Privacy Officer.
Privacy Officer
Mike Lyons
1601 E. Pflugerville Parkway. Suite 1202
Pflugerville, TX. 78660
T: 512-492-8740