top of page

PRIVACY PRACTICES NOTICE for PROTECTED HEALTH INFORMATION (HIPAA)

​Whenever you visit a healthcare provider, a record of your care is generated. This record typically includes details like your symptoms, examinations, test results, diagnoses, treatment plans, and billing information. This data is referred to as Protected Health Information (PHI).

This Notice is intended to inform you of how we may use and disclose your medical information. It also outlines your rights and our responsibilities concerning your health information, applying to all records related to your care generated by your healthcare provider within our organization.

Our Duties Our practice is legally required to safeguard your health information and to provide you with this Notice, detailing our privacy practices and legal responsibilities regarding your PHI.

We are obligated by law to follow the terms of this Notice and to inform you of any changes. We reserve the right to revise this Notice and make any new terms effective for all PHI we maintain.

Copies of the Notice are available in our main reception areas and on our website.

How We May Use and Share Your Medical Information Our practice may use a patient sign-in sheet visible to others, which is permissible under HIPAA’s Privacy Rule.

For Treatment: We may use your health information to provide, coordinate, or manage your care. We may share your information with other health professionals involved in your treatment, such as doctors, nurses, lab technicians, imaging centers, medical students, or other personnel.

Communication methods we use may include verbal, written, faxed, or electronic formats. Appointment reminders may be sent via phone, postcard, or email unless otherwise requested. If conversations may be overheard in open areas, we will take steps to reduce exposure of your PHI and will accommodate private rooms if requested.

For Payment: Your health information may be used or disclosed for billing purposes, including collecting payment from you, your insurance provider, or a third-party payer. Examples include contacting your insurance company for pre-approval of services or verifying coverage.

For Healthcare Operations: We may use or disclose your health information to support our business activities. These activities could include quality assessments, staff performance reviews, legal consultations, licensing, IT support, and business functions like lab or radiology services within an electronic health record (EHR) system or through a Health Information Exchange (HIE) program. We may also share your medical information with other professionals contributing to your care.

Business Associates (BA): We work with third-party service providers through contracts and service agreements. These include services like billing or software support. We may disclose your health information to these associates so they can perform their tasks. They are legally required to protect your information according to the terms outlined in our agreements with them.

Breach Notification: If a breach of your unsecured PHI occurs, whether by our organization or a Business Associate, you will be notified within 60 days unless state law dictates a stricter timeline. Additional reporting may be required by state and federal agencies.

Uses and Disclosures With Your Consent, Authorization, or Opportunity to Object: Your written consent is needed for most uses of your medical information, except as outlined in this Notice or as required by law. Authorization is specifically required for certain uses, like research, psychotherapy notes, or disclosure of sensitive health details (such as HIV status or drug treatment). You can revoke your authorization at any time in writing. However, this will not affect actions already taken with your previous consent.

Immunizations: We may share immunization records directly with schools requiring them by law, with verbal or written consent from a parent or guardian.

Involvement in Your Care or Payment: Unless you object, we may share your health information with friends or family involved in your care or who help pay for your medical treatment. We may also disclose information to organizations assisting in disaster relief efforts to help inform your family of your condition or location.

Future Communications: We may communicate with you about treatment options, health-related benefits, and services, or to remind you about appointments. You can opt out of such communications at any time by contacting our Privacy Officer.

Disclosures Without Your Consent or Opportunity to Object: Certain situations allow us to disclose your health information without your authorization, such as:

  • Compliance with laws and regulations

  • Reporting to agencies like the FDA, public health authorities, or law enforcement

  • Working with organizations related to organ and tissue donations

  • Assisting in national security efforts or protective services for the president

  • Complying with laws surrounding abuse, neglect, or workers' compensation

If you are unable to give consent in an emergency, we will use professional judgment to determine if disclosure is in your best interest.

Legal or Law Enforcement Matters: Your information may be disclosed in response to a valid subpoena, court order, or for law enforcement purposes as required by law.

State-Specific Requirements: Some states have additional health reporting requirements, such as cancer registries or programs to reduce healthcare costs.

Your Health Information Rights Although your medical record is the property of our practice, you have certain rights regarding your health information:

  • Access and Copies: You (or your representative) have the right to inspect and request copies of your medical information. Electronic copies may be available through a patient portal or other means. We may deny access in limited cases, such as for psychotherapy notes. Requests must be submitted in writing, and a fee may apply for copies.

  • Amendments: If you believe that your medical information is incorrect or incomplete, you can request an amendment in writing. If we deny your request, you will be informed of the reasons for the denial.

  • Accounting of Disclosures: You have the right to request a list of disclosures of your medical information, except for those related to treatment, payment, or healthcare operations. This request must be made in writing, and the list will cover up to six years of disclosures. The first list provided within a 12-month period will be free; subsequent lists may have a fee.

  • Restrictions: You have the right to request restrictions on how your medical information is used or disclosed for treatment, payment, or healthcare operations.

  • Request Confidential Communications: You can request that we communicate with you in specific ways, such as at an alternate phone number or address. We will accommodate reasonable requests.

To File a Complaint or Request More Information If you have any questions or would like to exercise your rights, submit your request in writing to our Privacy Officer. If you believe your privacy rights have been violated, you can file a complaint with the Privacy Officer or with the Secretary of Health and Human Services within 180 days of the incident. There will be no retaliation for filing a complaint.

Privacy Officer and Primary Office Location

Dr. Tina Mobley

Address: 701 Market Street Suite 111

Saint Augustine, FL 32095

Telephone Number: 904-701-1800

 

Effective Date: 1/2022

 

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

 

If you have any questions about this Notice, please contact our Privacy Officer at the number listed at the end of this Notice.

bottom of page