NOTICE OF PRIVACY PRACTICES

This notice describes how medical information about you may be used and disclosed as well as how you can get access to this information. Please review this information carefully. If you have any questions, please do not hesitate to contact Kidney Care Center.

Kidney Care Center (“KCC”) is dedicated to maintaining the privacy of your personal health information. Each time a patient visits an office of the Practice, a record is made that describes the treatments and services provided. Federal law outlines specific privacy protections and individual rights related to the information we maintain that identifies you as a patient. Protected health information includes demographic data and facts about your past, present and/or future physical or mental health. KCC has put into place policies and procedures to help protect your health information. We are required to provide this notice outlining our legal duties and responsibilities related to the use and disclosure of patient identifiable health information (i.e. Privacy Practices), and examples of how your information may be used or disclosed. The Practice will abide by the terms of this notice and may revise this notice at any time. The new notice will be posted in the offices of the Practice in a prominent location. You may access a revised version on our website. Revisions to this notice will be effective for all health information the Practice maintains- past, present and/or future.

The Practice may use your individually identifiable health information for the following purposes without your authorization:

1. Treatment: We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This use includes the coordination or management of your health care with another provider. For instance, we may send a copy of your records to another physician so that you can be evaluated for a specific condition.
2. Payment: Your protected health information will be used and disclosed, as needed, to obtain payment for your health care services provided by us or another provider. This use may include providing your insurance company with the details of your treatment, sharing your payment information with other treatment providers, contacting you via telephone or through the mail about balances, or sending unpaid balances to a collection agency.
3. Health Care Operations: We may use and disclose health information to support business activities of your physician at the Practice. For example, your health information may be used to evaluate the quality of care provided, for state licensing, or to identify you by name when you visit an office of the Practice. You understand and acknowledge that KCC will disclose information in accordance with the Health Information Portability and Accountability Act of 1996 (HIPAA) to our affiliates for the purposes of creating a population health care delivery model with the goals of improving the quality of health care and outcomes, reducing health care costs, and increasing savings to patients.
4. Appointment Reminders: The Practice may use your health information to remind you of appointments. A postcard may also be mailed to you for follow-up visit reminders.
5. Treatment Options: The Practice may use your health information to inform you of treatment options or other health-related services, which may be of interest to you.
6. Business Associates: The Practice may share your health information with other individuals or companies that perform various activities for or on behalf of the Practice, such as after-hours telephone answering, billing, or quality assurance. Our Business Associates agree to protect the privacy of your health information.
7. Research: The Practice may use your health information in conjunction with agents of the Practice who may be required to review your files, just as our employees are so permitted, to determine whether you qualify for a research project. If you qualify for a research project, you will first be asked to execute an authorization granting the Practice or research organization the right to use your protected health information.

 

The Practice may disclose your health information without your authorization when permitted or required by law, including:

• For public health activities, including reporting of certain communicable diseases
• To the Food and Drug Administration (FDA)
• For workers’ compensation or similar programs as required by law
• To authorities when abuse, neglect or domestic violence is suspected
• If you are an inmate of a correctional facility
• To health oversight agencies
• To your employer if we provide health care services to you at the request of the employer, whereupon we shall provide you written notice of release of such information
• For certain judicial and/or administrative proceedings pursuant to an administrative order
• For law enforcement purposes
• To a medical examiner, coroner or funeral director
• For the facilitation of organ, eye or tissue donation, if you are an organ donor
• For research purposes under strictly limited circumstances
• To avert a serious threat to your health and safety or that of others
• To follow various mandates for clinical quality metrics reporting, benchmarking and/or related matters
• For government purposes, such as military service or national security
• In the event of an emergency or for disaster relief
• In any other circumstances required by law
• On the sign-in sheet at the offices of the Practice

Unless you object, the Practice may also disclose your health information to family members and/or others involved in your care or payment for your care. The Practice may use or disclose protected health information to notify or assist in notifying a family member, personal representative or any other person responsible for your care, general condition or death.

The Practice may leave messages for you at work or home about your visits. If you do not want the Practice to do so, please inform our Privacy Officer in writing. All other uses and/or disclosures of your health information to others will require a written, signed authorization from you. You have the right to revoke your authorization at any time, except to the extent the Practice has already acted on it. Should you require your records to be released, the Practice will provide you with an authorization form to complete and return to the address listed on it.

Your health record is the physical property of the Practice. The information contained in it belongs to you. Below is a list of your rights regarding individually identifiable health information.

All requests related to these items must be made in writing to the Practice’s Privacy Officer at the address listed below. The Practice will provide you with the appropriate forms to exercise these rights. The Practice will notify you in writing if your requests cannot be granted.

1. Restrictions on Use and Disclosure: You have the right to request restrictions on how we use and disclose your health information. This right includes requests to restrict disclosure of your health information only to certain individuals or entities involved in your care, such as family members and/or insurance companies. The Practice is not required to agree with your request. If the Practice agrees, we are bound to the agreement, unless disclosure is otherwise required or authorized by law.
2. Confidential Communications:You have the right to request that the Practice communicate with you in a particular manner or at a certain location. For example, you may request that we only contact you at home. The Practice will accommodate reasonable requests.
3. Access: You have the right to inspect or request a copy of records used to make decisions about your health care, including your medical chart and billing records. The office of the Practice will schedule appointments for record inspection. The Practice may charge a fee for providing you copies of your records. Under special circumstances, we may deny your request to inspect and/or copy your records. You may request review of such denial.
4. Record Amendments: You may have the right to request amendments to your health records created by and for the Practice, if you feel they are incorrect or incomplete. The Practice may accept or deny your request. If the request is denied, you have the right to provide a statement of disagreement or rebuttal statement.
5. Accounting of Disclosures: You have the right to receive an accounting of the disclosures, meaning you may request a list of certain disclosures the Practice has made of your records. Upon your request, the Practice will provide this information to you one time at no charge once each twelve (12) month period. Fees may be assessed for additional copies.
6. Copy of Notice: You have the right to request that the Practice provide you a paper copy of this Notice of Privacy Practices.

Privacy Policy Regarding information collected through website

Collection of Information

We may collect the following kinds of information when you use a Service:

• Information you provide directly to us. For certain Services or activities, such as when you register with a Service, subscribe to our alerts, or contact us directly, we may collect some or all of the following types of information:
• Contact information, such as your full name, email address, mobile phone number, and address;
• Username and password;
• Payment information, such as your credit card number, expiration date, and credit card security code;
• Personal health information, including information about your diagnosis, previous treatments, general health, and health insurance;
• Doctor reviews; and
• Any other information you provide to us.
• We may combine such information with information we already have about you.

Information we collect automatically. We may collect certain information automatically when you use our Services, such as your computer’s Internet protocol (IP) address, device and advertising identifiers, browser type, operating system, Internet service provider, pages that you visit before and after using the Services, the date and time of your visit, information about the links you click and pages you view within the Services, and other standard server log information. We may also collect certain location information when you use our Services, such as your mobile device’s GPS signal, or information about nearby WiFi access points and cell towers.

We may use cookies, pixel tags, Local Shared Objects, and similar technologies to automatically collect this information. Cookies are small bits of information that are stored by your computer’s web browser. Pixel tags are very small images or small pieces of data embedded in images, also known as “web beacons” or “clear GIFs,” that can recognize cookies, the time and date a page is viewed, a description of the page where the pixel tag is placed, and similar information from your computer or device. Local Shared Objects (sometimes referred to as “Flash Cookies”) are similar to standard cookies except that they can be larger and are downloaded to a computer or mobile device by the Adobe Flash media player. By using the Services, you consent to our use of cookies and similar technologies.

We may also collect technical data to address and fix technical problems and improve our Services. Your device or browser settings may permit you to control the collection of this technical data. By using the Services, you are consenting to us or any party acting on our behalf collecting this technical data.

Information from Third-Party Services. If you access the Services from an advertisement on a third-party website, application, or other service (a “Third-Party Service”) we may receive information from the owner of the Third-Party Service related to you or that advertisement.

Information we obtain from your health care providers and other sources. In connection with Services that involve medical treatment, we may collect medical records from your past, current, and future health care providers. This may include information about your diagnosis, previous treatments, general health, laboratory and pathology test results and reports, social histories, any family history of illness, and records about phone calls and emails related to your illness.

We may also receive information about you from other sources, including through third-party services and organizations. We may combine our first-party data, such as your email address or name, with third-party data from other sources and use this to contact you (e.g. through direct mail). For example, if you access third-party services, such as Facebook, Google, or Twitter, through the Services to login to the Services or to share information about your experience on the Services with others, we may collect information from these third-party services.

Use of Information

We may use the information we collect online to:

• Provide and improve the Services;
• Contact you;
• Fulfill your requests for products, services, and information;
• Send you information about additional clinical services or general wellness from us or on behalf of our affiliates;
• Analyze the use of the Services and user data to understand and improve the Services;
• Conduct research using your information, which may be subject to your separate written authorization;
• Prevent potentially prohibited or illegal activities and otherwise in accordance with our Terms of Use; and
• For any other purposes disclosed to you at the time we collect your information or pursuant to your consent.

III. Sharing of Information

We are committed to maintaining your trust, and we want you to understand when and with whom we may share the information we collect.

Authorized third-party vendors and service providers. We may share your information with third-party vendors and service providers that help us with specialized services, including billing, payment processing, providing medical advice for telemedicine services, management and hosting of telemedicine services, customer service, email deployment, business analytics, marketing (including but not limited to advertising, attribution, deep-linking, direct mail, mobile marketing, optimization and retargeting) advertising, performance monitoring, hosting, and data processing. These third-party vendors and service providers may not use your information for purposes other than those related to the services they are providing to us.

Corporate affiliates. We may share your information with our affiliates.

Legal purposes. We may disclose information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, health, safety, and security of Cleveland Clinic, our affiliates, patients, users, or the public.

Business Transfers. HIPAA permits organizations to transfer PHI in certain circumstances. We can transfer your information as part of a transfer of the assets of the organization, merger, or consolidation or in the unlikely event of bankruptcy, if such transfer is permissible under HIPAA and the HIPAA Notice.

Protected Health Information. We may transfer your PHI as described in the HIPAA Notice and permitted under HIPAA.

With your consent or at your direction. We may share information for any other purposes disclosed to you at the time we collect the information or pursuant to your consent or direction.

If you choose to engage in public activities on the third party sites that we link to, you should be aware that any information you share there can be read, collected, or used by other users of these sites and forums. You should use caution in disclosing personal information while participating in these areas. We are not responsible for the information you choose to submit in public areas.

No information provided by patients during medical consultations or requests for medical appointments is ever used for marketing purposes.

Security

We use measures to protect Protected Health Information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction in accordance with HIPAA. We use measures designed to protect other information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. You should understand that no data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100 percent secure.

Your Choices

You may also request that we delete your personal information by sending us an email at privacy@kidneycares.com. We will delete such information unless we are required to maintain information in accordance with applicable law.

You may be able to refuse or disable cookies by adjusting your web browser settings. Because each web browser is different, please consult the instructions provided by your web browser (typically in the “help” section). Please note that you may need to take additional steps to refuse or disable Local Shared Objects and similar technologies. For example, Local Shared Objects can be controlled through the instructions on Adobe’s Setting Manager page. If you choose to refuse, disable, or delete these technologies, some of the functionality of the Services may no longer be available to you.

We do not share Protected Health Information with third parties for their own direct marketing purposes.

Third-party Links and Content

Some of the Services may contain links to content maintained by third parties that we do not control. We are not responsible for the privacy practices of these third parties, and the information practices of these third parties are not covered by this Privacy Policy.

Limiting Data Collection and Do Not Track

Opt-Out. To opt out of interest-based advertising across browsers and devices from companies that participate in the Digital Advertising Alliance or Network Advertising Initiative opt-out programs, please visit their respective websites. You may also be able to opt out of interest-based advertising through the settings within the mobile app or your mobile device, but your opt-out choice may apply only to the browser or device you are using when you opt out, so you should opt out on each of your browsers and devices if you want to disable interest-based advertising for those browsers and devices. If you opt out, you will still receive ads but they may not be as relevant to you and your interests, and your experience on our Services may be degraded.

Do-Not-Track Signals and Similar Mechanisms. Some web browsers transmit “do-not-track” signals to websites. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether users intend for these signals to be transmitted, or whether they even are aware of them. We currently do not take action in response to these signals.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Services to stay informed of our privacy practices.

Questions?

If you have any questions about this Privacy Policy or our practices, please email us at privacy@kidneycares.com