Know Your Rights!

Notification of Privacy Practices

HIPAA-covered entities are required to notify you about how your medical data will be used. This information is provided in a Notice of Privacy Practices or NPP. The NPP should be posted on your provider’s website and should be given to you to sign when you first visit a new healthcare provider or sign up with a health plan.

​

Right to Obtain a Copy of Your Health Data

One of the most important patient rights under HIPAA is the right to view or obtain a copy of your health data. By obtaining a copy of your health records you can check the data for errors, keep a copy for your own records, and share your health information with whoever you wish. You can exercise this right by submitting a request in writing. Most healthcare providers will require you to fill in a form. A copy of your medical records must be provided within 30 days. You can specify how you want to receive the information – electronically or a physical copy. A small fee may be charged for providing a copy of health information.

 

Right to Correct Errors in Your Health Records

After obtaining and checking your health records, you may discover an error such as an allergy that has not been recorded. HIPAA gives patients the right to make changes to their health information to correct mistakes. Any request to change a health record must be submitted in writing.

​

Right to Find Out Who Has Received Your Health Data

HIPAA includes a right to an accounting of disclosures of health data. If requested, a covered entity is required to provide information about who has received an individual’s health data over the past six years.

​

Right to Restrict Sharing of your Health Data

Patient have the right to restrict sharing of their health data for certain purposes other than treatment, payment, or healthcare operations. HIPAA covered entities are not permitted to sell your health data or use it for marketing, advertising, or research, without first obtaining authorization to do so in writing. Patients can also dictate to whom their health information can be shared, such as family members, friends, caregivers, legal representatives, or other entities. They can also request that information is not shared with other individuals or groups.

 

Right to File a Complaint for a Privacy Violation

If you believe your health data has been accessed by an unauthorized individual, has been impermissibly disclosed, or you believe that any aspect of HIPAA Rules has been violated, you have the right to file a complaint.  It is also possible to file a complaint if patient rights under HIPAA have been denied.

The Department of Health and Human Services’ Office for Civil Rights (OCR) investigates complaints. If OCR determines that HIPAA Rules have been violated, fines can be issued for noncompliance. HIPAA does not have a private cause of action, which means that it is not possible for an individual to take legal action against a HIPAA-covered entity or business associate for a privacy breach or HIPAA Rule violation.

​

​

When do we collect information?

Only when you wish to contact us and we need to respond to you. You will be redirected to our HIPAA Compliant email portal to further ensure your safety. We will only use the information you disclose with us to respond to your inquiries and nothing else.
 

Third-party disclosure:
We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information.
 

Third-party links:
We do not include or offer third-party products or services on our website.