HIPAA

In accordance with its obligations under the Health Insurance Portability and Accountability Act of 1996 and implementing regulations at 45 C.F.R. Parts 160 and 164 (collectively “HIPAA”), it is NextGen Medical’s policy to protect the confidentiality and integrity of the patient health information and personal information. NextGen Medical and its employees shall strictly maintain the confidential nature of patient protected health information, which is accessed or maintained by NextGen. Protected health information includes any information about NextGen Medical’s patients that relates to their health care, including demographic information (e.g. address, phone number or email address), financial information, dates service was provided and any other information that could identify a patient.

All NextGen employees are trained regarding compliance with HIPAA. Employees must also protect the confidentiality of any other NextGen Medical confidential and proprietary information of which they have knowledge.

NextGen Medical Supplies is required by law to maintain the privacy of your health information called Protected Health Information, or PHI, which simply means medical or other information we have that identifies you or could reasonably identify you. We are required to give you this notice to explain how we may use and disclose your PHI, your rights regarding your PHI and our legal duties. We are also required to abide by the terms of this notice and will not use or disclose your PHI without your authorization, other than as described in this notice. We reserve the right to change our practices, but will make a copy of the revised notice available to you if we choose to do so

We know this notice is long and detailed, but we believe it is important for you to understand exactly what your rights are and how our office operates. We also want you to know that we appreciate the trust and confidence you have placed in us by becoming our patient and that maintaining the privacy of your health information is of the utmost importance to us.
If you have any questions about this document, the procedures we follow, or to exercise one of your rights regarding your PHI.

USE AND DISCLOSURE OF YOUR HEALTH INFORMATION

The following categories describe the ways in which we may use and disclose your PHI without your authorization. We have provided some examples of each type of disclosure, but please keep in mind that there may be other examples, which are not listed here. Some of these uses and disclosures may be limited or restricted by state laws or other legal requirements not listed.

Treatment: We may use or disclose your PHI to provide, coordinate or manage the health care we provide to you. For example, we may consult with your physician or other health care provider about the supplies, medications or medical equipment they have prescribed for you.

Payment: We may use or disclose PHI to bill or collect payment for the services we provide to you. Some examples of this include: verifying your insurance coverage; asking your insurance carrier for authorization to provide services to you; and billing and collection activities for items and services provided to you.

Health Care Operations: We may use or disclose PHI to operate our business. These activities include training our employees so they can better serve you; arranging for legal or accounting services, or business planning.

Business Associates: We contract with vendors and service providers, called business associates, to perform some services on our behalf that may involve the use or disclosure of PHI. By law and the terms of their contracts, these business associates are required to safeguard and protect the confidentiality of your PHI in the same way and to the same extent we do.

Individuals Involved in Your Care or Payment for Your Care: Unless you notify us that you object, we may disclose information to a family member, other relative, or a friend who is involved with your care or the payment for your health care when necessary to notify them of your location, general condition, or death.

Required by Law: We may use or disclose PHI if it is required by federal, state or local law.

Public Health Activities: We may disclose PHI to public health authorities for public health activities such as preventing or controlling disease, reporting disease or reporting adverse effects to the Food and Drug Administration.

Abuse, Neglect or Domestic Violence: We may disclose PHI to a government authority if we believe someone is a victim of abuse, neglect, or domestic violence.

Health Oversight Activities: We may use or disclose PHI to a health oversight agency for oversight activities authorized by law such as audits, inspections, or licensure.

Lawsuits, Court Orders and Judicial Proceedings: We may use or disclose your PHI when required by a court order or in response to a subpoena, discovery request, or other lawful process.

Law Enforcement Purposes: We may disclose your PHI to law enforcement officials, but only when permitted or required by law.

Government Functions: We may disclose PHI about you to authorized federal officials for intelligence, counterintelligence, or other national security activities authorized by law. If you are a member of the armed forces, we may also disclose your PHI when required by military command authorities.

Organ, Eye or Tissue Donation: We may disclose PHI to organ procurement organizations or to other organizations that procure, bank, or transplant organs, eyes, or tissue if you are an organ donor.

Coroners, Medical Examiners and Funeral Directors: We may disclose PHI about you to a coroner or medical examiner to identify a deceased person and determine the cause of death. We may also disclose PHI to funeral directors, as authorized by law, so they can perform their jobs.

Research: In certain circumstances, we may use or disclose PHI about you for research purposes. In almost all cases we will first obtain your written authorization.

Serious Threat to Health or Safety: We may disclose PHI about you in certain circumstances when necessary to prevent a serious threat to the health or safety of a person or the public.

Disclosures Required by the HIPAA Privacy Rule: Upon request, we are obligated to disclose PHI to the Secretary of the Department of Health and Human Services to review our compliance with the law.

Workers’ Compensation: We may disclose health information when necessary to comply with laws relating to workers’ compensation or other similar programs established by law, to the extent authorized by law.

Inmate: We may disclose PHI of an inmate or other detained person when required by a correctional institution or law enforcement official for health, safety and security purposes.

AUTHORIZATION

Any other uses or disclosures of your PHI not mentioned in this document will be made only with your written authorization. Uses and disclosures that require your authorization include any sale of your PHI, and uses and disclosures of your PHI for marketing. If you provide authorization for a use or disclosure other than those described in this notice, you may revoke that authorization by making a request in writing at any time, except to the extent PHI has already been used or disclosed based on your authorization.

YOUR RIGHTS

Right to Inspect or Receive a Copy of Your PHI: You have the right to inspect or obtain a copy of your PHI in the medical, billing and other records we use to make decisions about you, including in some cases an electronic copy. Requests for access to your PHI must be made in writing to the Privacy Official. We may charge you a reasonable fee for the copying, postage, labor and supplies used in meeting your request.

Right to Request an Amendment to Your PHI: If you believe that PHI we have is not fully accurate, you may ask us to amend it. You will need to make your request in writing to the Privacy Official. We are not required to make the amendment in all cases, but we will inform you of any denial in writing.

Right to Request Confidential Communications: You may request that you receive communications about your PHI at a specified location or in a certain manner. You will need to make your request in writing to the Privacy Official. We will accommodate your request as long as it is reasonable to do so.

Right to Request Restrictions: You have the right to request that we restrict or limit the PHI we use or disclose about you for treatment, payment and health care operations purposes. Requests for restrictions must be made in writing and state the specific restriction you are requesting. We are not obligated to agree to most requests. However, if you ask us to restrict disclosure of your PHI to a health insurer for an item or service that you have paid out of pocket for in full, we must agree to your request.

Right to Request an Accounting of Disclosures: You have the right to request a list of all the times we or our business associates have disclosed your PHI for purposes other than treatment, payment, health care operations, to you personally, or pursuant to your authorization within the last six (6) years. The first list you request will be provided for free, but we may charge you a reasonable fee for additional requests made within the same 12-month period. We will inform you of the exact costs before we provide the list so you may decide whether you wish to pay the fees.

Breach Notification: We are required to notify you of any breach of your unsecured health information that we discover.

Right to a Paper Copy of this Notice: You have a right to receive a paper copy of this notice at any time, even if this notice was provided to you electronically. To obtain a copy of this form, simply ask our office staff.