Notice of Privacy Policy

Health Information Portability and Accountability Act (HIPAA)

Arcadian Therapeutic Services, LLC

Notice of Privacy Policy

This document contains important information about federal law, the Health Information Portability and Accountability Act (HIPAA), which provides privacy protections and patient rights about the use and disclosure of your Protected Health Information (PHI) used for treatment, payment, and health care operations.

HIPAA requires that we provide you with a Notice of Privacy Practices (the Notice) for the use and disclosure of PHI for treatment, payment, and healthcare operations. The Notice explains HIPAA and its application to your PHI in greater detail.

The law requires that we obtain your signature acknowledging that we have provided you with this. If you have any questions, it is your right and obligation to ask so we can have a further discussion before signing this document. When you sign this document, it will also represent an agreement between us. You may revoke this Agreement in writing at any time. That revocation will be binding unless we have taken action in reliance on it.

Uses and Disclosures

We may use and disclose your PHI without obtaining your authorization as described below. Not every use or disclosure in a category will be listed. Your PHI may be stored in paper, electronic or other form and may be disclosed electronically and by other methods.

● For treatment. We use and disclose your health information internally in the course of your treatment. If we wish to provide information outside of our practice for your treatment by another healthcare provider, we will have you sign an authorization for the release of information. Furthermore, authorization is required for most uses and disclosures of psychotherapy notes.

● For healthcare operations. We may use and disclose your PHI in connection with healthcare operations. Healthcare operations include quality assessment and improvement activities, arranging for legal services, conducting training programs, reviewing the competence and qualifications of healthcare professionals, and licensing activities. We may also use your PHI to notify you about our health-related products and services, to recommend possible treatment options or alternatives that may interest you, to send you patient satisfaction surveys, and to send you appointment reminders.

● For payment. We may use and disclose your PHI to obtain payment for the treatment and services you receive from us or another entity involved with your care.

● For public health. We may use and disclose your PHI for public health activities, such as to prevent or control disease, injury or disability. For example, we can disclose PHI about you for specific situations, such as reporting adverse reactions to medications to the FDA; preventing the spread of disease; helping with product recalls; reporting suspected abuse, domestic violence or neglect; or preventing or reducing a serious threat to the health or safety of a person or the public.

● For research. We may use or disclose your PHI for research in limited circumstances.

● To comply with the law. We will share PHI about you if required by state or federal law, including with the U.S. Department of Health and Human Services if it wants to see that we are complying with federal privacy law.

● To report abuse, neglect or domestic violence. If we reasonably believe that you are a victim of abuse, neglect, or domestic violence, we may disclose your PHI to a government authority, including a social service protective agency, authorized by law to receive reports of abuse, neglect or domestic violence.

● For health oversight activities. We may disclose your PHI to a health oversight agency for activities authorized by law, such as audits, investigations, inspections, and licensure actions.

● For organ and tissue donation. We may disclose PHI about you to organ procurement organizations, which are entities involved in procuring, banking and transplanting organs, eyes, and tissues.

● To a medical examiner, coroner, or funeral director. We may disclose PHI with a coroner, medical examiner, or funeral director when an individual dies.

● To law enforcement. We may disclose your PHI for law enforcement purposes, as permitted by HIPAA, including in response to a subpoena or court order.

● For lawsuits and legal actions. We may disclose PHI about you in response to a court or administrative order. We may also disclose your PHI in response to a subpoena, discovery request or other lawful process instituted by someone involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.

● To our business associates. We may disclose your PHI to one our service providers, known as “business associates,” in order for them to provide services to us or on our behalf. Our business associates are required by written agreement to safeguard your PHI and otherwise protect your privacy as required by law.

● Incidental. We may make incidental disclosures of limited PHI, such as by mailing statements to you with your name on the envelope by calling your name in the waiting room to call you back to an examination room.

● To individuals involved in your care or payment for your care. We may disclose your PHI to your family or friends or any other individual identified by you when they are involved in your care or in the payment for your care. For example, when a family member or a friend comes with you into an exam room, we understand this to be your acknowledgment that you want this individual to be involved in your care.

● To communicate with you. We may use your PHI in order to communicate with you in person, by phone, by leaving a message in your voicemail, bye-mail, or by text. Unencrypted emails and text can be intercepted. We will only send secure emails or texts to you unless you have agreed to receive unencrypted messages. Permissible communications also include payment and insurance-related items, care correspondence, patient satisfaction surveys and patient statements about your health care. We may record your phone calls so that we may monitor the quality of the service we provide you over the phone.

● To a Health Information Exchange. We may participate in one or more Health Information Exchanges (HIEs) and may electronically share your PHI for treatment, payment, healthcare operations and other permitted purposes with other participants in the HIE. HIEs allow your healthcare providers to efficiently access and use your PHI as necessary for treatment and other lawful purposes.

● For specialized government functions. To the extent applicable, we may release your PHI for specialized government functions, including military and veterans activities, national security and intelligence activities, and correctional institutions.

● For worker’s compensation purposes. We may disclose your PHI to the extent authorized by and to the extent necessary to comply with laws relating to worker’s compensation or other similar programs established by law.

● When data is limited or de-identified. We may remove most information that identifies you from a set of data and use and disclose this data set for research, public health and healthcare operations, provided the recipients of the data set agree to keep it confidential. We may also de-identify your PHI and use and disclose the de-identified for purposes permitted by law.

● To fundraise. We may contact you about fundraising efforts, but we will comply with any request to opt-out of future fundraising communications.

● For HIV Disclosure. We may release information related to HIV/AIDS to medical personnel, appropriate state agencies, or county and district courts to enforce regulations governing the control and treatment of STDs.

Client Rights:

● Right to Treatment. You have the right to ethical treatment without discrimination regarding race, ethnicity, gender identity, sexual orientation, religion, disability status, age, or any other protected category.

● Right to Confidentiality. You have the right to have your health care information protected. If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for payment or our operations with your health insurer. We will agree to such unless a law requires us to share that information.

● Right to Request Restrictions. You have the right to request restrictions on certain uses and disclosures of protected health information about you. However, we are not required to agree to a restriction you request.

● Right to Receive Confidential Communications by Alternative Means and at Alternative

Locations. You have the right to request and receive confidential communications of PHI by alternative means and at alternative locations.

● Right to Inspect and Copy. You have the right to inspect or obtain a copy (or both) of PHI. Records must be requested in writing and the release of information must be completed. Furthermore, there is a copying fee charge of $40.00. Please make your request well in advance and allow 2 weeks to receive the copies. If we refuse your request for access to your records, you have a right to review them, which we will discuss with you upon request.

● Right to Amend. If you believe the information in your records is incorrect and/or missing important information, you can ask us to make certain changes, also known as amending, to your health information. You have to make this request in writing. You must tell us the reasons you want to make these changes, and we will decide if it is and if we refuse to do so, we will tell you why within 60 days.

● Right to a Copy of This Notice. If you received the paperwork electronically, you have a copy in your email. If you completed this paperwork in the office at your first session a copy will be provided to you per your request or at any time.

● Right to an Accounting. You generally have the right to receive an accounting of disclosures of PHI regarding you. At your request, we will discuss with you the details of the accounting process.

● Right to Choose Someone to Act for You. If someone is your legal guardian, that person can exercise your rights and make choices about your health information; we will make sure the person has this authority and can act for you before we take any action.

● Right to Choose. You have the right to decide not to receive services with us. If you wish, we will provide you with the names of other qualified professionals.

● Right to Terminate. You have the right to terminate services with us at any time without any legal or financial obligations other than those already accrued. We ask that you discuss your decision with us in session before terminating or at least contact must be made by phone letting us know you are terminating services.

● Right to Release Information with Written Consent. With your written consent, any part of your record can be released to any person or agency you designate. Together, we will discuss whether or not we think releasing the information in question to that person or agency might be harmful to you.

● Make a complaint. You have the right to complain if you feel we have violated your rights. A patient has the right to submit a complaint if:

a.       They believe their health provider has improperly used or disclosed their PHI;

b.       They have concerns about their health provider’s HIPAA privacy policies; or

c.       They have concerns about the provider’s compliance with its privacy policies.

We will not retaliate against you for filing a complaint. You may file a complaint directly with us by contacting Amy Frew (amyf@arcadiantherapy.com). All complaints must be submitted in writing. You may also report violations to the Office for Civil Rights at the US Department of Health and Human Services. Please visit this site for further information on how to report violations: 

www.hhs.gov/ocr/privacy/hipaa/complaints/

Additionally, you may contact the Tennessee Department of Health Privacy Officer for any HIPAA-related inquiries: privacy.health@tn.gov; TDH HIPAA Hotline: (615) 253-5637 or 1-877-280-0054.

Clinician Duties:

We are required by law to maintain the privacy of PHI and to provide you with a notice of our legal duties and privacy practices concerning PHI. We reserve the right to change the privacy policies and practices described in this notice. Unless we notify you of such changes, however, we are required to abide by the terms currently in effect. If we revise our policies and procedures, we will provide you with a revised notice in the office during our session.

Data Breach Notification

We will promptly notify you if a data breach occurs that may have compromised the privacy or security of your PHI. We will notify you in writing, by first-class mail, or we may email you if you have provided us with your current email address and you have previously agreed to receive notices electronically. In some circumstances, our business associates, may provide the notification. In limited circumstances when we have insufficient or out-of-date contact information, we may provide notice in a legally acceptable alternative form.