Mindful Dermatology, PLLC
NOTICE OF PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
EFFECTIVE MAY 1, 2018
This Notice of Privacy Practices (the “Notice”) tells you about the ways we may use and disclose your protected health information (“medical information”) and your rights and our obligations regarding the use and disclosure of your medical information. This Notice applies to MINDFUL DERMATOLOGY, PLLC, including its providers and employees (the “Practice”).
I. OUR OBLIGATIONS.
We are required by law to:
• Maintain the privacy of your medical information, to the extent required by state and federal law;
• Give you this Notice explaining our legal duties and privacy practices with respect to medical information about you; • Notify affected individuals following a breach of unsecured medical information under federal law; and
• Follow the terms of the version of this Notice that is currently in effect.
II. HOW WE MAY USE AND DISCLOSE MEDICAL INFORMATION ABOUT YOU.
The following categories describe the different reasons that we typically use and disclose medical information. These categories are
intended to be general descriptions only, and not a list of every instance in which we may use or disclose your medical information. Please
understand that for these categories, the law generally does not require us to get your authorization in order for us to use or disclose your medical
A. For Treatment. We may use and disclose medical information about you to provide you with health care treatment and related services, including coordinating and managing your health care. We may disclose medical information about you to physicians, nurses, other health care providers and personnel who are providing or involved in providing health care to you (both within and outside of the Practice). For example, should your care require referral to or treatment by another physician of a specialty outside of the Practice, we may provide that physician with your medical information in order to aid the physician in his or her treatment of you.
B. For Payment. We may use and disclose medical information about you so that we or may bill and collect from you, an insurance company, or a third party for the health care services we provide. This may also include the disclosure of medical information to obtain prior
authorization for treatment and procedures from your insurance plan. For example, we may send a claim for payment to your insurance company, and that claim may have a code on it that describes the services that have been rendered to you. If, however, you pay for an item or service in full, out of pocket and request that we not disclose to your health plan the medical information solely relating to that item or service, as described more fully in Section IV of this Notice, we will follow that restriction on disclosure unless otherwise required by law.
C. For Health Care Operations. We may use and disclose medical information about you for our health care operations. These uses and disclosures are necessary to operate and manage our practice and to promote quality care. For example, we may need to use or disclose your medical information in order to assess the quality of care you receive or to conduct certain cost management, business management, administrative, or quality improvement activities or to provide information to our insurance carriers.
D. Quality Assurance. We may need to use or disclose your medical information for our internal processes to assess and facilitate the provision of quality care to our patients.
E. Utilization Review. We may need to use or disclose your medical information to perform a review of the services we provide in order to evaluate whether that the appropriate level of services is received, depending on condition and diagnosis.
F. Credentialing and Peer Review. We may need to use or disclose your medical information in order for us to review the credentials, qualifications and actions of our health care providers.
H. Treatment Alternatives. We may use and disclose medical information to tell you about or recommend possible treatment options or alternatives that we believe may be of interest to you.
I. Appointment Reminders and Health Related Benefits and Services. We may use and disclose medical information, in order to
contact you (including, for example, contacting you by phone and leaving a message on an answering machine) to provide appointment reminders
and other information. We may use and disclose medical information to tell you about health-related benefits or services that we believe may be of
interest to you.
J. Business Associates. There are some services (such as billing or legal services) that may be provided to or on behalf of our Practice through contracts with business associates. When these services are contracted, we may disclose your medical information to our business associate so that they can perform the job we have asked them to do. To protect your medical information, however, we require the business associate to appropriately safeguard your information.
K. Individuals Involved in Your Care or Payment for Your Care. We may disclose medical information about you to a friend or family member who is involved in your health care, as well as to someone who helps pay for your care, but we will do so only as allowed by state or federal law (with an opportunity for you to agree or object when required under the law), or in accordance with your prior authorization.
L. As Required by Law. We will disclose medical information about you when required to do so by federal, state, or local law or
M. To Avert an Imminent Threat of Injury to Health or Safety. We may use and disclose medical information about you when necessary to prevent or decrease a serious and imminent threat of injury to your physical, mental or emotional health or safety or the physical safety of another person. Such disclosure would only be to medical or law enforcement personnel.
N. Organ and Tissue Donation. If you are an organ donor, we may use and disclose medical information to organizations that
handle organ procurement or organ, eye or tissue transplantation or to an organ donation bank as necessary to facilitate organ or tissue donation and
O. Research. We may use or disclose your medical information for research purposes in certain situations. Texas law permits us to
disclose your medical information without your written authorization to qualified personnel for research, but the personnel may not directly or
indirectly identify a patient in any report of the research or otherwise disclose identity in any manner. Additionally, a special approval process will
be used for research purposes, when required by state or federal law. For example, we may use or disclose your information to an Institutional
Review Board or other authorized privacy board to obtain a waiver of authorization under HIPAA. Additionally, we may use or disclose your medical information for research purposes if your authorization has been obtained when required by law, or if the information we provide to researchers is “de-identified.”
P. Military and Veterans. If you are a member of the armed forces, we may use and disclose medical information about you as required by the appropriate military authorities.
Q. Workers’ Compensation. We may disclose medical information about you for your workers' compensation or similar program. These programs provide benefits for work-related injuries. For example, if you have injuries that resulted from your employment, workers’ compensation insurance or a state workers’ compensation program may be responsible for payment for your care, in which case we might be required to provide information to the insurer or program.
R. Public Health Risks. We may disclose medical information about you to public health authorities for public health activities. As a general rule, we are required by law to disclose certain types of information to public health authorities, such as the Texas Department of State Health Services. The types of information generally include information used:
• To prevent or control disease, injury, or disability (including the reporting of a particular disease or injury). • To report births and deaths.
• To report suspected child abuse or neglect.
• To report reactions to medications or problems with medical devices and supplies. • To notify people of recalls of products they may be using.
• To notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.
• To notify the appropriate government authority if we believe a patient has been the victim of abuse, neglect, or domestic violence. We will
only make this disclosure if you agree or when required or authorized by law.
• To provide information about certain medical devices.
• To assist in public health investigations, surveillance, or interventions.
S. Health Oversight Activities. We may disclose medical information to a health oversight agency for activities authorized by law. These oversight activities include audits, civil, administrative, or criminal investigations and proceedings, inspections, licensure and disciplinary actions, and other activities necessary for the government to monitor the health care system, certain governmental benefit programs, certain entities subject to government regulations which relate to health information, and compliance with civil rights laws.
T. Legal Matters. If you are involved in a lawsuit or a legal dispute, we may disclose medical information about you in response to a court or administrative order, subpoena, discovery request, or other lawful process. In addition to lawsuits, there may be other legal proceedings for which we may be required or authorized to use or disclose your medical information, such as investigations of health care providers, competency hearings on individuals, or claims over the payment of fees for medical services.
U. Law Enforcement, National Security and Intelligence Activities. In certain circumstances, we may disclose your medical information if we are asked to do so by law enforcement officials, or if we are required by law to do so. We may disclose your medical information to law enforcement personnel, if necessary to prevent or decrease a serious and imminent threat of injury to your physical, mental or emotional health or safety or the physical safety of another person. We may disclose medical information about you to authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law.
V. Coroners, Medical Examiners and Funeral Home Directors. We may disclose your medical information to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We may also release medical information about our patients to funeral home directors as necessary to carry out their duties.
W. Inmates. If you are an inmate of a correctional institution or under custody of a law enforcement official, we may disclose
medical information about you to the health care personnel of a correctional institution as necessary for the institution to provide you with health care
X. Marketing of Related Health Services. We may use or disclose your medical information to send you treatment or healthcare operations communications concerning treatment alternatives or other health-related products or services. We may provide such communications to you in instances where we receive financial remuneration from a third party in exchange for making the communication only with your specific authorization unless the communication: (i) is made face-to-face by the Practice to you, (ii) consists of a promotional gift of nominal value provided by the Practice, or (iii) is otherwise permitted by law. If the marketing communication involves financial remuneration and an authorization is required, the authorization must state that such remuneration is involved. Additionally, if we use or disclose information to send a written marketing communication (as defined by Texas law) through the mail, the communication must be sent in an envelope showing only the name and addresses of sender and recipient and must (i) state the name and toll-free number of the entity sending the market communication; and (ii) explain the recipient’s right to have the recipient’s name removed from the sender’s mailing list.
Y. Fundraising. We may use or disclose certain limited amounts of your medical information to send you fundraising materials. You have a right to opt out of receiving such fundraising communications. Any such fundraising materials sent to you will have clear and conspicuous instructions on how you may opt out of receiving such communications in the future.
Z. Electronic Disclosures of Medical Information. Under Texas law, we are required to provide notice to you if your medical information is subject to electronic disclosure. This Notice serves as general notice that we may disclose your medical information electronically for treatment, payment, or health care operations or as otherwise authorized or required by state or federal law.
III. OTHER USES OF MEDICAL INFORMATION
A. Authorizations. There are times we may need or want to use or disclose your medical information for reasons other than those
listed above, but to do so we will need your prior authorization. Other than expressly provided herein, any other uses or disclosures of your medical information will require your specific written authorization.
B. Psychotherapy Notes, Marketing and Sale of Medical Information. Most uses and disclosures of “psychotherapy notes,” uses
and disclosures of medical information for marketing purposes, and disclosures that constitute a “sale of medical information” under HIPAA require
C. Right to Revoke Authorization. If you provide us with written authorization to use or disclose your medical information for
such other purposes, you may revoke that authorization in writing at any time. If you revoke your authorization, we will no longer use or disclose
your medical information for the reasons covered by your written authorization. You understand that we are unable to take back any uses or
disclosures we have already made in reliance upon your authorization, and that we are required to retain our records of the care that we provided to
IV. YOUR RIGHTS REGARDING MEDICAL INFORMATION ABOUT YOU.
Federal and state laws provide you with certain rights regarding the medical information we have about you. The following is a summary of those rights.
A. Right to Inspect and Copy. Under most circumstances, you have the right to inspect and/or copy your medical information that we have in our possession, which generally includes your medical and billing records. To inspect or copy your medical information, you must submit your request to do so in writing to the Practice’s HIPAA Officer at the address listed in Section VI below.
If you request a copy of your information, we may charge a fee for the costs of copying, mailing, or certain supplies associated with your request. The fee we may charge will be the amount allowed by state law.
If your requested medical information is maintained in an electronic format (e.g., as part of an electronic medical record, electronic billing record, or other group of records maintained by the Practice that is used to make decisions about you) and you request an electronic copy of this information, then we will provide you with the requested medical information in the electronic form and format requested, if it is readily producible in that form and format. If it is not readily producible in the requested electronic form and format, we will provide access in a readable electronic form and format as agreed to by the Practice and you.
In certain very limited circumstances allowed by law, we may deny your request to review or copy your medical information. We will give you any such denial in writing. If you are denied access to medical information, you may request that the denial be reviewed. Another licensed health care professional chosen by the Practice will review your request and the denial. The person conducting the review will not be the person who denied your request. We will abide by the outcome of the review.
B. Right to Amend. If you feel the medical information we have about you is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept by the Practice. To request an amendment, your request must be in writing and submitted to the HIPAA Officer at the address listed in Section VI below. In your request, you must provide a reason as to why you want this amendment. If we accept your request, we will notify you of that in writing.
We may deny your request for an amendment if it is not in writing or does not include a reason to support the request. In addition, we may deny your request if you ask us to amend information that (i) was not created by us (unless you provide a reasonable basis for asserting that the person or organization that created the information is no longer available to act on the requested amendment), (ii) is not part of the information kept by the Practice, (iii) is not part of the information which you would be permitted to inspect and copy, or (iv) is accurate and complete. If we deny your request, we will notify you of that denial in writing.
C. Right to an Accounting of Disclosures. You have the right to request an "accounting of disclosures" of your medical information. This is a list of the disclosures we have made for up to six years prior to the date of your request of your medical information, but does not include disclosures for Treatment, Payment, or Health Care Operations (as described in Sections II A, B, and C of this Notice) or disclosures made pursuant to your specific authorization (as described in Section III of this Notice), or certain other disclosures.
If we make disclosures through an electronic health records (EHR) system, you may have an additional right to an accounting of disclosures for Treatment, Payment, and Health Care Operations. Please contact the Practice’s HIPAA Officer at the address set forth in Section VI below for more information regarding whether we have implemented an EHR and the effective date, if any, of any additional right to an accounting of disclosures made through an EHR for the purposes of Treatment, Payment, or Health Care Operations.
To request a list of accounting, you must submit your request in writing to the Practice’s HIPAA Officer at the address set forth in Section
Your request must state a time period, which may not be longer than six years (or longer than three years for Treatment, Payment, and Health Care Operations disclosures made through an EHR, if applicable) and may not include dates before April 14, 2003. Your request should indicate in what form you want the list (for example, on paper or electronically). The first list you request within a twelve-month period will be free. For additional lists, we may charge you a reasonable fee for the costs of providing the list. We will notify you of the cost involved and you may choose to withdraw or modify your request at that time before any costs are incurred.
D. Right to Request Restrictions. You have the right to request a restriction or limitation on the medical information we use or disclose about you for treatment, payment, or health care operations. You also have the right to request a restriction or limitation on the medical information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend.
Except as specifically described below in this Notice, we are not required to agree to your request for a restriction or limitation. If we do
agree, we will comply with your request unless the information is needed to provide emergency treatment. In addition, there are certain situations
where we won’t be able to agree to your request, such as when we are required by law to use or disclose your medical information. To request
restrictions, you must make your request in writing to the Practice’s HIPAA Officer at the address listed in Section VI of this Notice below. In your
request, you must specifically tell us what information you want to limit, whether you want us to limit our use, disclosure, or both, and to whom you
want the limits to apply.
As stated above, in most instances we do not have to agree to your request for restrictions on disclosures that are otherwise allowed.
However, if you pay or another person (other than a health plan) pays on your behalf for an item or service in full, out of pocket, and you request that
we not disclose the medical information relating solely to that item or service to a health plan for the purposes of payment or health care operations,
then we will be obligated to abide by that request for restriction unless the disclosure is otherwise required by law. You should be aware that such
restrictions may have unintended consequences, particularly if other providers need to know that information (such as a pharmacy filling a
prescription). It will be your obligation to notify any such other providers of this restriction. Additionally, such a restriction may impact your health
plan’s decision to pay for related care that you may not want to pay for out of pocket (and which would not be subject to the restriction).
E. Right to Request Confidential Communications. You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you can ask that we only contact you at home, not at work or, conversely, only at work and not at home. To request such confidential communications, you must make your request in writing to the Practice’s HIPAA Officer at the address listed in Section VI below.
We will not ask the reason for your request, and we will use our best efforts to accommodate all reasonable requests, but there are some requests with which we will not be able comply. Your request must specify how and where you wish to be contacted.
F. Right to a Paper Copy of This Notice. You have the right to a paper copy of this Notice. You may ask us to give you a copy of this
Notice at any time. To obtain a copy of this Notice, you must make your request in writing to the Practice’s HIPAA Officer at the address set forth in
Section VI below.
G. Right to Breach Notification. In certain instances, we may be obligated to notify you (and potentially other parties) if we become aware that your medical information has been improperly disclosed or otherwise subject to a “breach” as defined in and/or required by HIPAA and applicable state law.
V. CHANGES TO THIS NOTICE.
We reserve the right to change this Notice at any time, along with our privacy policies and practices. We reserve the right to make the revised or changed Notice effective for medical information we already have about you as well, as any information we receive in the future. We will post a copy of the current notice, along with an announcement that changes have been made, as applicable, in our office. When changes have been made to the Notice, you may obtain a revised copy by sending a letter to the Practice’s HIPAA Officer at the address listed in Section VI below or by asking the office receptionist for a current copy of the Notice.
If you believe that your privacy rights as described in this Notice have been violated, you may file a complaint with the Practice at the following address or phone number:
MINDFUL DERMATOLOGY, PLLC
Attn: HIPAA Officer
9101 N. Central Expressway, Ste. 160
Dallas, TX 75231
To file a complaint, you may either call or send a written letter. The Practice will not retaliate against any individual who files a complaint. You may also file a complaint with the Secretary of the Department of Health and Human Services.
In addition, if you have any questions about this Notice, please contact the Practice’s HIPAA Officer at the address or phone number listed
Notice Concerning Complaints
(Aviso Sobre Quejas)
Complaints regarding physicians, as well as other licenses and registrations of the Texas State Board of Medical Examiner may be reported for investigation to the address below.
(Se pueden presentar quejas acerca de medicos, asi tambien como de otras personas autorizadas y registradas por la junta de Esaminadores Medicos del Estado do Tejas (Texas State Board of Medical Examiners) para su investigacion en siguiente direccion:
Texas State Board of Examiners
1812 Centre Creek Drive, Suite #300
Austin, Texas 78714-9134