HIPAA Notice of Privacy Practices
Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
printer friendly version
Longevity Diagnostics Inc ("Longevity Diagnostics") is committed to protecting the privacy of your identifiable health information. This information is known as "protected health information" or "PHI". Examples of documents that may contain your PHI include laboratory test orders, test results, health reports, and invoices.
Our Responsibilities
Longevity Diagnostics is required by law to maintain the privacy of your PHI. We are also required to provide you with this Noice of our legal duties and privacy practices upon request. It describes our legal duties, privacy practices, and your client rights as determined by the Health Insurance Portability and Accountability Act of 1996 (HIPAA). We are required to follow the terms of this Notice currently in effect. We are required to notify affected individuals in the event of a breach involving PHI that is unsecured. PHI is stored electronically and is subject to electronic disclosure.
How We May Use or Disclose Your Health Information
We use your PHI for treatment, payment, or healthcare operations purposes and for other purposes permitted or required by law. Not every use or disclosure is listed in this Notice, but all of our uses or disclosures of your PHI will fall into one of the categories listed below. Subject to compliance with limited exceptions, we will not use or disclose your PHI for marketing purposes or sell your PHI, unless you have signed an authorization. You may revoke any authorization you sign at any time. If you revoke your authorization, we will no longer use or disclose your health information except to the extent we have already take action based on your authorization.
We may use and disclose your PHI for the following purposes:
LABORATORY TESTING, TREATMENT, AND MEDICAL CONSULTATION
Longevity Diagnostics provides laboratory testing and medical consultations by working with physicians and other healthcare professionals, and we use your PHI in our testing purposes. We disclose your PHI to authorized healthcare professionals who order tests or need access to your test results for risk assessment or consultation purposes. You will disclose PHI about yourself by completing the online health history questionnaire which is used, along with your laboratory test results to assess your risk for major diseases affecting your longevity. It is your decision whether your test results or any recommendations provided by our medical consultants are disclosed to your personal healthcare professional, and it is your responsibility to do so.
We may use and disclose PHI to contact you to remind you of an appointment or to tell you about our health-related products and services that may be of interest to you. Examples of other treatment-related purposes include disclosure to a pathologist to help interpret your test results or use of your PHI to contact you to obtain another specimen or recommend follow-up testing, if necessary.
NUTRITION AND LIFESTYLE COACHING
We also disclose PHI about you to our Longevity Diagnostics registered dietitians so that they may provide the nutrition and lifestyle coaching services that are included with our testing. You may also provide PHI about yourself in the course of coaching sessions or by completing voluntary online questions and surveys about your diet and lifestyle. It is your decision whether that information, as well as any PHI created by the nutrition and lifestyle coach, such as progress notes or health recommendations, are disclosed to your personal healthcare professional; and it is your responsibility to do so.
Payment
Longevity Diagnostics will use and disclose your PHI for purposes of billing and payment. Our payment procedure is direct client-bill only. We will not, therefore, disclose your PHI to health plans or other payers to determine whether you are enrolled with the payer or eligible for health benefits or to obtain payment for our services. We will also not seek to determine if you are insured under your own or another person’s health insurance policy (for example, parent, spouse, domestic partner, or former spouse) or send invoices to a third party.
Longevity Diagnostics uses a secured third-party service to process credit cards through its website. When you enter your credit card information, you are passing that information directly to the third-party payment processor and not to Longevity Diagnostics. At no time does Longevity Diagnostics capture or store your credit care information.
BUSINESS ASSOCIATES
Longevity Diagnostics may provide your PHI to other companies or individuals that need it to provide services to us. These other entities, known as “business associates”, are required to maintain the privacy and security of PHI. For example, we may provide information to companies that assist us with billing for our services or with scheduling, test reporting, and other electronic services or that conduct courier services on our behalf.
AS REQUIRED BY LAW
We may use and disclose your PHI as required by law.
LAW ENFORCEMENT ACTIVITIES AND LEGAL PROCEEDINGS
We may disclose your PHI as required to comply with a court or administrative order. We may disclose your PHI in the course of a judicial or administrative proceeding, in response to a subpoena, discovery request, or other lawful process, but only if efforts have been made to tell you about the request or obtain an order of protection for the requested information. The HIPAA Privacy Standards specify certain other circumstances where we may legally use or disclose your PHI without your authorization; such circumstances include but are not limited to public health and safety or law enforcement purposes. Longevity Diagnostics has policies in place that are intended to ensure, to the extent possible, that PHI is not intentionally or unintentionally used or disclosed in a manner that would violate the HIPAA Privacy Standards or other federal or state regulation governing confidentiality and privacy of health information.
RESEARCH
Longevity Diagnostics may use and disclose PHI about you for research purposes when an Institutional Review Board or privacy board has reviewed the research proposal and established protocols to ensure the privacy of your PHI and determined that the researcher does not need to obtain your authorization prior to using your PHI for research purposes. Limited data or records may be viewed by researchers to identify individuals who may qualify for their research project or for other similar purposes. We may also disclose information about ancestors and descendants to researchers under certain circumstances. Any published articles or public presentations resulting from such research would undergo peer review prior to publication or presentation and would not contain PHI that would identify you directly or link the information to you specifically.
DE-IDENTIFIED INFORMATION
Longevity Diagnostics uses your PHI to create “de-identified” information, that is, information where certain identifiers, as defined by the HIPAA Privacy Standards, that can be used to identify you directly has been removed. In the de-identification process, Longevity Diagnostics will follow the specific rules under law about the type of information that needs to be removed before the information is considered de-identified. Once the information has been de-identified as required by law, it is no longer PHI; and we may use it for any lawful purposes.
OTHER USES AND DISCLOSURES
As permitted by HIPAA, we may disclose your PHI to:
- Social Services Agencies
- Public Health Authorities
- The Food and Drug Administration
- Health Oversight Agencies
- Military Command Authorities
- National Security and Intelligence Organizations
- Correctional Institutions
- Organ and Tissue Donation Organizations
- Coroners, Medical Examiners, and Funeral Directors
- Workers Compensation Agents
We may also disclose your PHI to those assisting in disaster relief efforts so that others can be notified about your condition, status, and location.
INCIDENTAL USES AND DISCLOSURES
Sometimes your PHI may be used or disclosed in the course of our primary uses and disclosures, such as healthcare, lifestyle coaching, or payment operations. For example, we may use your name in a telephone conversation with a healthcare professional or registered dietitian. We are permitted to make such incidental uses and disclosures as long as we take reasonable steps to minimize them and have in place the appropriate safeguards to protect them.
NOTE REGARDING STATE LAW
For all the above purposes, when state law is more restrictive than federal law, we are required to follow the more restrictive state law.
Your Client Rights
RECEIVE TEST INFORMATION
You have the right to access your PHI that we hold. You may obtain your test results and other PHI by completing and submitting a Longevity Diagnostics Client Request to Access or to Disclose Protected Health Information (Access Form). If your request for test information is denied, you may request that the denial be reviewed by contacting us.
AMEND HEALTH INFORMATION
You may request amendments (changes) to your PHI by making a written request. However, we may deny the request in some cases (such as if we determine the PHI is accurate). If we deny your request to change your PHI, we will provide you with a written explanation of the reason for the denial and inform you about further actions you may take.
ACCOUNT OF DISCLOSURES
You have the right to receive a list of certain disclosures of your PHI made by Longevity Diagnostics in the past six years from the date of your written request. Under the law, this does not include disclosures made for purposes of treatment, payment, or healthcare operations or certain other purposes.
REQUEST RESTRICTIONS AND LIMITS ON USES AND DISCLOSURES
You have request that we agree to the restrictions on certain uses and disclosures of your PHI. We are not required to agree to your request, except for requests to limit disclosures to your health plan for purposes of payment or healthcare operations when you have paid us for the item or service covered by the request out-of-pocket and in full and when the uses or disclosures are not required by law.
REQUEST CONFIDENTIAL COMMUNCATIONS
You have the right to request that we send your health information by alternative means or to an alternative address, and we will accommodate reasonable request.
COPY OF THIS NOTICE
You have the right to obtain a paper copy of this Notice upon request.
HOW TO EXERCISE YOUR RIGHTS
To exercise any of your rights described in this notice, you must send a written request to: HIPAA Privacy and Compliance Officer, Longevity Diagnostics, 7 Fieldstone Lane, Natick MA 01760. Longevity Diagnostics will consider your request and provide you a response.
RIGHT TO RECEIVE NOTICE OF A PRIVACY OR SECURITY BREACH
In the event Longevity Diagnostics discovers that the privacy or security of your PHI has been, or is reasonably believed to have been, compromised, Longevity Diagnostics is required to provide client notification. You will be notified without unreasonable delay giving you notice. Such notification will include information about what happened and what can be done to mitigate any harm. We will not notify you if it can be demonstrated, based on a risk assessment, that there is low probability that the PHI has been compromised.
COMPLAINTS/QUESTIONS/CONTACT INFORMATION
If you believe your privacy rights have been violated, you have the right to file a complaint with us. You also have the right to file a complaint with the Secretary of the U.S. Department of Health and Human Services, Office for Civil Rights. Longevity Diagnostics will not retaliate against any individual for filing a complaint.
To file a complaint with us, or should you have any questions about this Notice, send an email to us at
Longevity Diagnostics
Attention: Privacy and Compliance Officer
7 Fieldstone Lane
Natick, MA 01760
You may also contact the Privacy and Compliance Officer at xxx.xxx.xxxx.
Note
We reserve the right to amend the terms of this Notice to reflect changes in our privacy practices, and to make the new terms and practices applicable to all PHI that we maintain about you, including PHI created or received prior to the effective date of the Notice revision. Our Notice is displaced on our website, and a copy is available upon request.