This policy may change from time to time. All changes are effective immediately when we post them, and apply to all access to and use of the Website thereafter. Your continued use of this Website after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates. If you have any questions or concerns about your privacy, please submit a thorough description of the issue through the Contact section of our Website.
1. Information We May Collect from You.
The information we collect on or through our Website may include information that you provide by filling in forms on our Website. This includes records and copies of your correspondence (including email addresses) if you contact us. As you navigate through and interact with our Website, we may use automatic data collection technologies to collect certain General Information about your equipment, browsing actions and patterns, including details of your visits to our Website, traffic data, location data, logs and other communication data and the resources that you access and use on the Website. It may also include information about your computer and internet connection, including your IP address, operating system, and browser type. We also may use these technologies to collect information about your online activities over time and across third-party websites or other online services (behavioral tracking). We may maintain or associate information we collect automatically with Personal Information we collect in other ways or receive from third parties. It helps us to improve our Website and to deliver a better and more personalized service. Information that may be collected and technologies that may be used are as follows:
b. “Flash Cookies” are local stored objects (or flash cookies) collect and store information about your preferences and navigation to, from and on our Website. Flash cookies are not managed by the same browser settings as are used for browser cookies. Certain features of our Website may use Flash Cookies.
d. “Personal Information” is information through which you can be personally identified. Through the Website, we only collect Personal Information that you voluntarily provide to us, which may include your name, address, email address, telephone number, or other personally identifiable information you submit to us, which may also include Protected Health Information.
e. “Protected Health Information” is information that individually identifies you and that we create or get from you or from another health care provider, health plan, your employer, or a health care clearinghouse and that relates to (1) your past, present, or future physical or mental health or conditions, (2) the provision of health care to you, or (3) the past, present, or future payment for your health care.
3. What We Do with Your Information.
a. We use the General Information we collect from you to generate aggregate statistics about visitors to our Website. This data can then be used to tailor this Website’s content and advertising to deliver a better experience for our visitors. We may further share such aggregate information about our visitors with advertisers, business partners, sponsors and other third parties. With respect to our use of General Information, you are not able to opt out of such use.
4. Sharing of Personal Information with Third Parties.
5. How We Keep Your Information Secure.
We safeguard the security of the data we receive from you with physical, electronic and managerial procedures. At the same time, we urge you to take every precaution to protect your personal data when you are on the Internet. However, despite our efforts to protect your Personal Information and Protected Health Information, there is always some risk that an unauthorized third party may find a way around our security systems or that transmissions of your information over the Internet will be intercepted. Therefore, we cannot guarantee the absolute security of our database, nor can we guarantee that information that you provide will not be intercepted while being transmitted to us over the Internet.
The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is a federal statute that requires that all protected health information used or disclosed by Jeff Thaxton, M.D. (“Practice”) in any form, whether electronically, on paper, or orally, are kept confidential. Protected health information is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services (“PHI”).
As required by HIPAA, this Notice of Privacy Practices (“Notice”) describes how the Practice is required to maintain the privacy of your PHI and how it may use and disclose PHI. It also describes your rights to access and control your PHI.
Use and Disclosures of PHI
Your PHI is subject to use or disclosure by the Practice’s physicians, office staff, employees or other third parties that are involved in your care and treatment, including electronic disclosures. It is the Practice’s responsibility to ensure that all uses or disclosures are made in accordance with HIPAA and as further detailed below in this Notice and as further detailed below in this Notice.
NO AUTHORIZATION REQUIRED
Required Disclosures: The Practice is required to disclose PHI to you directly when requested in accordance with your rights described below or the Department of Health and Human Services when investigating or determining the Practice’s compliance with HIPAA.
Treatment: The Practice will use and disclose your PHI to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party, consultation between physicians relating to your care, or your referral for health care to another physician. For example, your PHI may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to provide you the proper care or to a pharmacy to fill a prescription.
Payment: The Practice will use and disclose your PHI, as needed, as it relates to payment for your health care services. This may include obtaining reimbursement information for the health care services you are receiving, confirming coverage or co-pay amounts under your health plan, billing and collecting from you, an insurance company, or a third party for your health care services, or obtaining precertification or preauthorization for specific health care services. For example, the Practice may send a claim for payment to your insurance company and that claim may contain PHI such as a code describing your diagnosis or medical treatment.
Health care Operations: The Practice will use and disclose your PHI, as needed, in order to support the business operations of the Practice. These activities include, but are not limited to, quality assessment and improvement activities, auditing functions, cost-management analysis, or training. For example, the Practice may use or disclose your PHI during an audit of its billing practice or HIPAA compliance. The Practice may use a sign-in sheet at the registration desk where you will be asked to sign your name and may also call you by name in the waiting room when your physician is ready to see you. The Practice may also contact you to provide appointment reminders or information about treatment alternatives or other health-related benefits and services that may be of interest to you. The Practice may also contact you for the Practice’s fundraising purposes which you will have the opportunity to opt-out.
Family Members & Friends: The Practice may disclose relevant PHI with family members or friends involved in your health care or payment for your health care, if you tell us that we can do so, if you do not object to sharing of the information, or if, using our professional judgment we believe that you do not object.
Business Associates: The Practice will use and disclose your PHI, as needed, to business associates. There are some services provided in the Practice through contracts with business associates (i.e., the Practice may disclose PHI to a company who bills insurance companies on the Practice’s behalf to enable that company to assist in obtaining payment for the healthcare services provided). To protect your PHI the Practice will require its business associates to appropriately safeguard the information.
Other Uses or Disclosures: The Practice may also disclose your PHI for the following additional purposes without your authorization: when required by law (statute, law enforcement, judicial or administrative order); for public health activities (to public health or legal authorities charged with preventing or controlling disease, injury, disability, child abuse or neglect, etc., as required by law); when there is a belief you are a victim of abuse, neglect, or domestic violence; for health oversight activities (to public agencies or legal authorities charged with overseeing the health care system, government programs in which health information is necessary to determine eligibility or compliance, or to enforce civil rights); for judicial or administrative proceedings (pursuant to court order or subpoena if assurances are received); for law enforcement purposes; to funeral directors, coroners, or organ procurement organizations; for research; if there is a belief of a serious threat to health and safety; for certain essential government functions (national security, military, etc.); to comply with workers’ compensation; and as part of a limited data set pursuant to a data use agreement for research, public health or health care operations.
Any uses or disclosures outside the scope described above will be made only with your written authorization. Most uses or disclosures of psychotherapy notes, and of PHI for marketing purposes and the sale of PHI require an authorization. You may revoke such authorization in writing at any time and the Practice is required to honor and abide by that revocation, except to the extent that it has already taken actions relying on your authorization.
Your Rights for PHI
You have the right to obtain a paper copy of this Notice.
You have the right to make reasonable requests to receive confidential communications of your PHI from the Practice by alternative means or at alternative locations.
You have the right to request restrictions on uses and disclosures of PHI for treatment, payment or healthcare operations, or disclosures to family members, other relatives, close personal friends, or any other person identified by you. Generally, the Practice is not legally required to agree to a requested restriction. However, if the request is made to restrict disclosure to a health plan for purposes of carrying out Payment or Health Care Operations and the PHI pertains solely to a health care item or service for which you have paid out of pocket in full, the Practice is legally required to agree to the requested restriction.
You have the right to read or obtain a copy of your PHI or choose to get a summary of your PHI in lieu of a copy. There are some reasons why the Practice may deny such a request which will be delivered to you in writing stating the reason. If a summary or a copy of your PHI is provide, you may have to pay a reasonable fee.
You have the right to request the Practice to amend or correct your PHI to the extent legally and ethically permissible. If the Practice denies the request, it will do so in writing and you will have the ability to file a statement of disagreement.
You have the right to receive an accounting of the disclosures of PHI by the Practice in the last six years but it will not include certain disclosures including those made for treatment, payment, healthcare operations or where you specifically authorized a use or disclosure.
You may exercise any of the rights described above by contacting the Practice and requesting to speak with the Privacy Officer.
You have recourse if you feel that the privacy of your PHI has been violated. If you feel there has been a violation, you have the right to file a complaint by submitting your complaint in writing by mail to the address above or by fax at the number above. You may also contact the Practice directly by telephone. For all complaints, please ask for or direct attention to the Privacy Officer. There will be no retaliation for filing a complaint.
You may also file a complaint with or contact the WV State Privacy Office, 1124 Smith Street, Suite 4300, Charleston, WV 25311. Ph: 304-766-2646 Fx: 304-558-6004
The Practice is required by law to maintain the privacy of your PHI, to provide you with notice of its legal duties and privacy practices with respect to PHI, and to notify affected individuals following a breach of unsecured PHI. This Notice is effective as of August 24, 2017. The Practice reserves the right to change the terms of this Notice and to make any such changes or amendments effective for all PHI that it maintains. The Practice will periodically post from time to time, and you may request a written copy of, any updated versions of this Notice.