Privacy Policy
HIPAA Information
We are required by law to maintain the privacy of your health information (“Protected Health Information” or “PHI”) and to provide you with this Notice of our legal duties and privacy practices with respect to your PHI. We are also obligated to notify you following a Breach of unsecured PHI. When we use or disclose your PHI, we are required to abide by the terms of this Notice (or other notice in effect at the time of the use or disclosure)
Uses and disclosures of your protected health information (PHI) that do not require an authorization
Treatment.
For example, doctors, nurses, and other staff members involved in your care will use your PHI to coordinate your care or to plan a course of treatment for you.
Payment.
For example, we may disclose information regarding your medical procedures and treatment to your insurance company to arrange payment for the services provided to you.
Health Care Operations.
For example, we may disclose your PHI for billing or interpreter support. We may use your PHI to conduct an evaluation of the treatment and services provided or to review staff performance.
Communicating with You.
We will use your PHI to communicate with you about a number of important topics, including information about your care, treatment options and other health-related services
We may also contact you at the email, phone number or address that you provide, including via text messages, for these communications. If your contact information changes, it is important that you let us know. We will only provide you a link via text or e-mail which will require you to verify yourself prior to opening the message within our partner physician group messaging portal.
Business Associates.
At times, we need to disclose your PHI to persons or organizations outside of Gadimed LLC who assist us with our payment/billing and health care operations. We require these business associates and their subcontractors to appropriately safeguard your PHI.
Other Uses and Disclosures.
We may be permitted or required by law to make certain other uses and disclosures of your PHI without your authorization. Subject to conditions specified by law, we may release your PHI:
- For any purpose required by law
- for public health activities, including required reporting of disease, injury, birth and death, for required public health investigations, and to report adverse events or enable product recalls
- to government agencies if we suspect child/elder adult abuse or neglect. We may also release your PHI to government agencies if we believe you are a victim of abuse, neglect or domestic
- to your employer when we have provided screenings and health care at their request for occupational health and safety
- to a government oversight agency conducting audits, investigations, inspections and related oversight functions
- in emergencies, such as to prevent a serious and imminent threat to a person or the public
- if required by a court or administrative order, subpoena or discovery request
- for law enforcement purposes, including to law enforcement officials to identify or locate suspects, fugitives or witnesses, or victims of crime
- to coroners, medical examiners and funeral directors
- if necessary to arrange organ or tissue donation or transplant
- for national security, intelligence, or protective services activities
- for purposes related to your workers’ compensation benefits
Uses and disclosures of your protected health information based on a signed authorization
Except as outlined above, we will not use or disclose your PHI for any other purpose unless you have signed a form authorizing the use or disclosure. You may revoke an authorization in writing, except to the extent we have already relied upon it.
In some situations, a signed authorization form is required for uses and disclosures of your PHI, including:
- most uses and disclosures of psychotherapy notes
- uses and disclosures for marketing purposes
- disclosures that constitute the sale of PHI
- uses and disclosures for certain research protocols
- as required by privacy law. The confidentiality of substance use disorder and mental health treatment records as well as HIV-related information maintained by us is specifically protected by state and/or federal law and regulations. Generally, we may not disclose such information unless you consent in writing, the disclosure is allowed by a court order, or in other limited, regulated circumstances.
Your rights
Access to Your PHI.
You can access and inspect paper or electronic copies of certain PHI that we maintain about you. You may readily access much of your health information via our partner prescribing group without charge using the following link: https://privacy.mdintegrations.com. In line with set fees under federal and state law, we may charge you for a copy of your medical records.
Amendments to Your PHI.
You can request amendments, or changes, to certain PHI that we maintain about you that you think may be incorrect or incomplete. All requests for changes must be in writing, signed by you or your representative, and state the reasons for the request. If we decide to make an amendment, we may also notify others who have copies of the information about the change. Note that even if we accept your request, we may not delete any information already documented in your medical record. You can make such requests by contacting [email protected] or directly inside your MDI patient portal under the “privacy center” section.
Accounting for Disclosures of Your PHI.
In accordance with applicable law, you can ask for an accounting of certain disclosures made by us of your PHI. This request must be in writing and signed by you or your representative. This does not include disclosures made for purposes of treatment, payment, or health care operations or for certain other limited exceptions. An accounting will include disclosures made in the six years prior to the date of a request.
Restrictions on Use and Disclosure of Your PHI.
You can request restrictions on certain of our uses and disclosures of your PHI for treatment, payment, or health care operations. We are not required to agree but will attempt to accommodate reasonable requests when appropriate.
Restrictions on Disclosures to Health Plans.
You can request a restriction on certain disclosures of your PHI to your health plan. We are only required to honor such requests when services subject to the request are paid in full. Such requests must be made in writing and identify the services to which the restriction will apply.
Confidential Communications.
You can request that we communicate with you through alternative means or at alternative locations, and we will accommodate reasonable requests. You must request such confidential communication in writing to each department you would like to accommodate the request.
Breach Notification.
We are required to notify you in writing of any breach of your unsecured PHI without unreasonable delay and no later than 60 days after we discover the breach.
Additional Information
Complaints.
If you believe your privacy rights have been violated, you can file a complaint with the Gadimed Chief Medical Officer David A Turner DO by contacting [email protected] or calling 516-507-1055
You can also file a complaint with the Secretary of the U.S. Department of Health and Human Services in Washington D.C.
A complaint must be made in writing and will not in any way affect the quality of care we provide you.
Effective Date and Duration of This Notice
A. Effective Date. This Notice is effective on Feb 1, 2024
B. Right to Change Terms of this Notice. We may change the terms of this Notice at any time. If we change this Notice, we may make the new notice terms effective for all Protected Health Information that we maintain, including any information created or received prior to issuing the new notice. If we change this Notice, we will post the new notice on our website at gadimed.com. You also may obtain any new notice by contacting [email protected].