This Notice Regarding HIPAA and our Privacy Policies (“Notice”) describes how Digital Wellness and its affiliates (collectively “we,” “us,” or “our”) use your health information (“Health Information”), and what rights you have to access and control your Health Information. In this Notice, we tell you how your Health Information may be accessed, exchanged, or used by other persons or entities.
Health Information is any information that relates to your past, present, or future physical or mental health or condition and related health care services. Health Information that identifies you may be considered Protected Health Information (“PHI”) under HIPAA if we create, receive, maintain, or transmit it on behalf of an entity regulated by the Health Insurance Portability and Accountability (“HIPAA”) Act. Not all of your Health Information is PHI, even if it identifies you.
If we collect Health Information directly from you and outside of a relationship with your healthcare provider or health plan, your Health Information is generally not PHI. In addition, when you give your health care provider permission to send Health Information to us, the information is generally no longer protected by HIPAA. Ask your health care provider for more information when you authorize the disclosure of information to us.
If we create, receive, maintain, or transmit PHI on behalf of an entity regulated by HIPAA (such as most healthcare providers and health plans (each, a “Covered Entity”)), we are serving as a Business Associate under HIPAA. As a Business Associate, we can only use and disclose your PHI in accordance with our contractual relationship with the Covered Entity. The Covered Entity, on whose behalf we use or disclose your PHI, determines our uses and disclosures of your PHI.
In general, PHI may be used and disclosed in accordance with your Covered Entity’s Notice of Privacy Practices. Your healthcare provider or health plan is required to provide that document to you. As a Business Associate, we do not maintain the Notice of Privacy Practices on behalf of your healthcare provider or health plan. HIPAA requires that your healthcare provider or health plan enter into a written agreement with us before we are allowed to access, use, or disclose your PHI.
This Notice and our Privacy Policies describe whether and how your Health Information that is not PHI is accessed, exchanged, or used. When you sign up for our Services and when you provide your Health Information, you expressly consent to the ways we use or share your Health Information. We will not sell your Health Information or use or disclose your Health Information in other ways, except in connection with the sale of us or our Services (or similar transactions) or as required by law.
Some of the other ways your Health Information and PHI are used and disclosed are as follows:
If we have PHI, HIPAA and our Covered Entity clients require us to follow certain protocols to comply with law, before we can use or disclose PHI in connection with judicial, administrative, or other legal proceedings; law enforcement requests; public health purposes; health oversight activities; and other purposes. Our Privacy Policies describe our policies and procedures with Health Information that is not PHI.
If we have PHI and experience a breach of unsecured PHI, HIPAA requires us to notify our Covered Entity client. If we experience a breach of your Health Information that is not PHI, we will follow the requirements of other applicable law which may require us to contact your directly. In that case, we will use the contact information you have provided us to notify you of the breach.
Under HIPAA, you have certain rights regarding your PHI. Your healthcare provider or health plan fulfills those rights, and we are not permitted by HIPAA to honor those requests unless your healthcare provider or health plan authorizes us to do so. If we have Health Information that is not PHI, we offer certain rights which are described in our other Privacy Policies.
We reserve the right to change the terms of this Notice, and we will notify you of such changes and post the updated Notice on our Services. As laws and our business evolve, our obligations under the law with respect to your Health Information may change.
If at any time you believe your privacy rights have been violated, you may contact us and/or file a complaint through the contact details below. We will not retaliate against you for filing a complaint.
If you have any questions or comments about this Notice, the ways in which we collect and use your information, your choices and rights regarding such use, or wish to exercise your rights, please do not hesitate to contact us at: [email protected]