Summary of Privacy Practices

South Bay Ophthalmology, Inc.

This summary of our privacy practices is contains a condensed version of our Notice of Privacy Practices.  Our full-length Notice follows this summary.

Date of Last Revision: September 15, 2013
Effective Date: Immediately

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.  PLEASE REVIEW IT CAREFULLY.

We understand that your medical information is personal to you, and we are committed to protecting the information about you.  As our patient, we create medical records about your health, our care for you, and the services and/or items we provide to you as our patient. By law, we are required to make sure that your Protected Health Information is kept private.

How will we use or disclose your information?  Here are a few examples (for more detail please refer to the Notice of Privacy Practices that follows this summary):

  • For medical treatment
  • For research
  • To obtain payment for our services
  • To avert a serious threat to health or safety
  • In emergency situations
  • For organ and tissue donation
  • For appointment and patient recall reminders
  • For workers’ compensation programs
  • To run our Practice more efficiently and ensure all our patients receive quality care
  • In response to certain requests arising out of lawsuits or other disputes

If you believe your privacy rights have been violated, you may file a complaint with the Practice or with the Secretary of the Department of Health and Human Services.  To file a complaint with the Practice, contact our office manager.  All complaints must be submitted in writing.  You will not be penalized for filing a complaint.

You have certain rights regarding the information we maintain about you.  These rights include:

  • The right to inspect and copy
  • The right to request restrictions
  • The right to amend
  • The right to a paper copy of this notice
  • The right to an accounting of disclosures
  • The right to request confidential communications

For more information about these rights, please see the detailed Notice of Privacy Practices that follows this summary.

Notice of Privacy Practices

South Bay Ophthalmology, Inc.

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION

PLEASE READ IT CAREFULLY

The Health Insurance Portability & Accountability Act of 1996 (“HIPAA”) is a Federal program that requests that all medical records and other individually identifiable health information used or disclosed by us in any form, whether electronically, on paper, or orally are kept properly confidential.  This Act gives you, the patient, the right to understand and control how your protected health information (“PHI”) is used.  HIPAA provides penalties for covered entities that misuse protected health information.

As required by HIPAA, we prepared this explanation of how we are to maintain the privacy of your health information and how we may disclose your personal information.

We may use and disclose your medical records only for each of the following purposes: treatment, payment and health care operation.

  • Treatment means providing, coordinating, or managing health care and related services by one or more healthcare providers. An example of this would include referring you to a retina specialist.
  • Payment means such activities as obtaining reimbursement for services, confirming coverage, billing or collections activities, and utilization review. An example of this would include sending your insurance company a bill for your visit and/or verifying coverage prior to a surgery.
  • Health Care Operations include business aspects of running our practice, such as conducting quality assessments and improving activities, auditing functions, cost management analysis, and customer service. An example of this would be new patient survey cards.
  • The practice may also disclose your PHI for law enforcement and other legitimate reasons although we shall do our best to assure its continued confidentiality to the extent possible.

We may also create and distribute de-identified health information by removing all reference to individually identifiable information.

We may contact you, by phone or in writing, to provide appointment reminders or information about treatment alternatives or other health-related benefits and services, in addition to other fundraising communications, that may be of interest to you.  You do have the right to “opt out” with respect to receiving fundraising communications from us.

The following use and disclosures of PHI will only be made pursuant to us receiving a written authorization from you:

  • Most uses and disclosure of psychotherapy notes
  • Uses and disclosure of your PHI for marketing purposes, including subsidized treatment and health care operations;
  • Disclosures that constitute a sale of PHI under HIPAA
  • Other uses and disclosures not described in this notice.

You may revoke such authorization in writing and we are required to honor and abide by that written request, except to the extent that we have already taken actions relying on your authorization.

You may have the following rights with respect to your PHI.

  • The right to request restrictions on certain uses and disclosures of PHI, including those related to disclosures of family members, other relatives, close personal friends, or any other person identified by you. We are, however, not required to honor a request restriction except in limited circumstances which we shall explain if you ask. If we do agree to the restriction, we must abide by it unless you agree in writing to remove it.
  • The right to reasonable requests to receive confidential communications of PHI by alterative means or at alternative locations.
  • The right to inspect and copy your PHI.
  • The right to amend your PHI.
  • The right to receive an accounting of disclosures of your PHI.
  • The right to obtain a paper copy of this notice from us upon request.
  • The right to be advised if your unprotected PHI is intentionally or unintentionally disclosed.

If you have paid for services “out of pocket”, in full, and you request that we not disclose PHI related solely to those services to a health plan, we will accommodate your request, except where we are required by law to make a disclosure.

We are required by law to maintain the privacy of your PHI and to provide you the notice of our legal duties and our privacy practice with respect to PHI.

This notice is effective as of September 15, 2013 and it is our intention to abide by the terms of the Notice of Privacy Practices and HIPAA Regulations currently in effect.  We reserve the right to change the terms of our Notice of Privacy Practice and to make the new notice provision effective for all PHI that we maintain.  We will post and you may request a written copy of the revised Notice of Privacy Practice from our office.

You have recourse if you feel that your protections have been violated by our office.  You have the right to file a formal, written complaint with office and with the Department of Health and Human Services, Office of Civil Rights.  We will not retaliate against you for filing a complaint.

Feel free to contact the Practice Compliance Officer for more information, in person or in writing.

Website Privacy

Our website address is: southbayophthalmology.com.

What personal data we collect and why we collect it

Comments

While we have taken measures to disable comment functionality on the website, it may occasionally be possible to post comments. When posting a comment, we collect the data shown in the comments form, as well as the visitor’s IP address and browser user agent string to help spam detection.

Contact forms

We make contact and other forms available on our website, which collect the information you provide. We do keep a record of this information, but do not connect it to your medical information.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, forms, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

We use Google Analytics that collects data in aggregate about website usage. We don’t pass personally-identifying information collected on the website over to Google.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

Visitor comments may be checked through an automated spam detection service. We may also use other systems that collect limited data about you.

How we protect your data

We make every attempt to protect the data we collect about you on our website, and do not connect it with your private health information (as detailed above). We can delete any online information we have about you at your request.

What data breach procedures we have in place

We have intentionally designed the website to collect very limited information, making it a very low-quality target. Regardless, in the event of a data breach, we will take appropriate measures to lock down our data and address any security concerns.

What third parties we receive data from

We may link out to external resources or embed content or links from outside sources. While we believe this external content to be of high quality, we do not necessarily endorse or guarantee any of this content.