top of page

Consent to Treatment, Privacy Policy, HIPAA Compliance

Informed Consent For

Telemedicine Medical Services

 

 

  1. Introduction: Please read this document thoroughly and completely. To better serve the needs of the community, health care services are now available using telecommunications or information   technology (“Telemedicine”).       Telemedicine involves the use of real-time or asynchronous evaluation, diagnosis, consultation, and treatment of health conditions using interactive telecommunications technology allowing the health care provider to see and communicate with you. Asynchronous telemedicine encompasses all of the above with the exception of care being provided through means of communication that does not always occur in real time or immediately, also known as store and forward healthcare. More specifically this type of service is done through contacting the provider through a message or filling out a healthcare survey which is then reviewed thoroughly along with your personal healthcare information to come to a diagnosis and treatment plan.

 

  1. Consent for Treatment: You have voluntarily requested that a health care provider of Concierge Asynchronous Licensed Medicine PLLC participate in your medical care through the use of Telemedicine (synchronous or asynchronous). In doing so, you understand, acknowledge and agree to the following:

 

  1. The health care provider may practice in a location different than where you normally go to receive in-person medical care.

  2. Unlike traditional medicine, the health care provider providing the Telemedicine services will not have the opportunity to meet with you face to face.

  3. The health care provider providing the Telemedicine services must rely on the information you provide.

  4. To the best of your ability, you agree to provide complete and accurate information concerning your medical history, condition and care as may be requested by the health care provider.

  5. You understand that if the health care provider feels that your medical needs cannot be adequately addressed using Telemedicine, you may be required to seek an in-person evaluation.

  6. You understand you can stop your Telemedicine session at any time.

  7. You understand you can ask questions or seek clarifications of the Telemedicine procedures and technology at any time.

  8. You understand that no guarantee of any specific result or cure is made by the health care provider rendering the Telemedicine services.

  9. If you experience an emergency after the Telemedicine session, you should alert your primary treating physician and dial 911 or go to the nearest emergency department.

 

  1. Risks. You agree and acknowledge that there are potential risks associated with receiving medical care using Telemedicine:

 

  1. The Telemedicine session may be interrupted or disconnected due to a technological problem or equipment failure.

  2. There may be electronic tampering.

  3. The advice provided by the health care provider may be based on factors not within his/her control, such as incomplete or inaccurate information provided by you or distortions of diagnostic images or specimens due to their electronic transmission.

Telemedicine Consent

  1. NOTICE CONCERNING COMPLAINTS. While we hope all patients are happy with the Telemedicine services they receive, you have a right to make a verbal or written complaint. If you have comments, questions or concerns, please contact us.

 

Complaints about physicians, as well as other licensees and registrants of the Texas Medical Board, including physician assistants, acupuncturists, and surgical assistants may be reported for investigation to the following address:

 

Texas Medical Board Attn: Investigations

333 Guadalupe, Tower 3, Suite 610

P.O. Box 2018, MC-263 Austin, TX 78768-2018

 

Assistance in filing a complaint is available by calling the following telephone number: 1- 800-201-9353. For more information on filing a complaint with the Texas Medical Board, visit the Texas Medical Board website at www.tmb.tx.us

 

 

Please click "I agree" in the application or website window to affirm that you have read this consent form and agree to receive treatment from Concierge Asynchronous Licensed Medicine PLLC's healthcare providers through telemedicine and/or asynchronous telemedicine.

​

COPY OF PRIVACY POLICY

April 5, 2023


Concierge Asynchronous Licensed Medicine PLLC ( c.a.l.m. Healthcare) values its users' privacy. This Privacy Policy ("Policy") will help you understand how we collect and use personal information from those who visit our website or make use of our online facilities and services, and what we will and will not do with the information we collect. Our Policy has been designed and created to ensure those affiliated with Concierge Asynchronous Licensed Medicine PLLC of our commitment and realization of our obligation not only to meet, but to exceed, most existing privacy standards.


We reserve the right to make changes to this Policy at any given time. If you want to make sure that you are up to date with the latest changes, we advise you to frequently visit this page. If at any point in time Concierge Asynchronous Licensed Medicine PLLC decides to make use of any personally identifiable information on file, in a manner vastly different from that which was stated when this information was initially collected, the user or users shall be promptly notified by email. Users at that time shall have the option as to whether to permit the use of their information in this separate manner.


This Policy applies to Concierge Asynchronous Licensed Medicine PLLC, and it governs any and all data collection and usage by us. Through the use of www.calmhealthcaretexas.com, you are therefore consenting to the data collection procedures expressed in this Policy.


Please note that this Policy does not govern the collection and use of information by companies that Concierge Asynchronous Licensed Medicine PLLC does not control, nor by individuals not employed or managed by us. If you visit a website that we mention or link to, be sure to review its privacy policy before providing the site with information. It is highly recommended and suggested that you review the privacy policies and statements of any website you choose to use or frequent to better understand the way in which websites garner, make use of and share the information collected.


Specifically, this Policy will inform you of the following
1.    What personally identifiable information is collected from you through our website;
2.    Why we collect personally identifiable information and the legal basis for such collection;
3.    How we use the collected information and with whom it may be shared;
4.    What choices are available to you regarding the use of your data; and
5.    The security procedures in place to protect the misuse of your information.


Information We Collect

It is always up to you whether to disclose personally identifiable information to us, although if you elect not to do so, we reserve the right not to register you as a user or provide you with any products or services. This website collects various types of information, such as:
·        Voluntarily provided information which may include your name, address, email address, billing and/or credit card information etc. which may be used when you purchase products and/or services and to deliver the services you have requested.
·        Information automatically collected when visiting our website, which may include cookies, third party tracking technologies and server logs.


In addition, Concierge Asynchronous Licensed Medicine PLLC may have the occasion to collect non-personal anonymous demographic information, such as age, gender, household income, political affiliation, race and religion, as well as the type of browser you are using, IP address, or type of operating system, which will assist us in providing and maintaining superior quality service.


Concierge Asynchronous Licensed Medicine PLLC may also deem it necessary, from time to time, to follow websites that our users may frequent to gleam what types of services and products may be the most popular to customers or the general public.
 
Please rest assured that this site will only collect personal information that you knowingly and willingly provide to us by way of surveys, completed membership forms, and emails. It is the intent of this site to use personal information only for the purpose for which it was requested, and any additional uses specifically provided for on this Policy.


Why We Collect Information and For How Long

We are collecting your data for several reasons:
·    To better understand your needs and provide you with the services you have requested;
·    To fulfill our legitimate interest in improving our services and products;
·    To send you promotional emails containing information we think you may like when we have your consent to do so;
·    To contact you to fill out surveys or participate in other types of market research, when we have your consent to do so;
·    To customize our website according to your online behavior and personal preferences.


The data we collect from you will be stored for no longer than necessary. The length of time we retain said information will be determined based upon the following criteria: the length of time your personal information remains relevant; the length of time it is reasonable to keep records to demonstrate that we have fulfilled our duties and obligations; any limitation periods within which claims might be made; any retention periods prescribed by law or recommended by regulators, professional bodies or associations; the type of contract we have with you, the existence of your consent, and our legitimate interest in keeping such information as stated in this Policy.


Use of Information Collected

Concierge Asynchronous Licensed Medicine PLLC does not now, nor will it in the future, sell, rent or lease any of its customer lists and/or names to any third parties.


Concierge Asynchronous Licensed Medicine PLLC may collect and may make use of personal information to assist in the operation of our website and to ensure delivery of the services you need and request. At times, we may find it necessary to use personally identifiable information as a means to keep you informed of other possible products and/or services that may be available to you from www.calmhealthcaretexas.com


Concierge Asynchronous Licensed Medicine PLLC may also be in contact with you with regards to completing surveys and/or research questionnaires related to your opinion of current or potential future services that may be offered.


Disclosure of Information

Concierge Asynchronous Licensed Medicine PLLC may not use or disclose the information provided by you except under the following circumstances:
·    as necessary to provide services or products you have ordered;
·    in other ways described in this Policy or to which you have otherwise consented;
·    in the aggregate with other information in such a way so that your identity cannot reasonably be determined;
·    as required by law, or in response to a subpoena or search warrant;
·    to outside auditors who have agreed to keep the information confidential;
·    as necessary to enforce the Terms of Service;
·        as necessary to maintain, safeguard and preserve all the rights and property of Concierge Asynchronous Licensed Medicine PLLC.


Non-Marketing Purposes

Concierge Asynchronous Licensed Medicine PLLC greatly respects your privacy. We do maintain and reserve the right to contact you if needed for non-marketing purposes (such as bug alerts, security breaches, account issues, and/or changes in Concierge Asynchronous Licensed Medicine PLLC products and services). In certain circumstances, we may use our website, newspapers, or other public means to post a notice.
 
Children under the age of 13

Concierge Asynchronous Licensed Medicine PLLC's website is not directed to, and does not knowingly collect personal identifiable information from, children under the age of thirteen (13). If it is determined that such information has been inadvertently collected on anyone under the age of thirteen (13), we shall immediately take the necessary steps to ensure that such information is deleted from our system's database, or in the alternative, that verifiable parental consent is obtained for the use and storage of such information. Anyone under the age of thirteen (13) must seek and obtain parent or guardian permission to use this website.

​

 

Unsubscribe or Opt-Out

All users and visitors to our website have the option to discontinue receiving communications from us by way of email or newsletters. To discontinue or unsubscribe from our website please send an email that you wish to unsubscribe to helpdesk@calmhealthcaretexas.com. If you wish to unsubscribe or opt-out from any third-party websites, you must go to that specific website to unsubscribe or opt-out. Concierge Asynchronous Licensed Medicine PLLC will continue to adhere to this Policy with respect to any personal information previously collected.


Links to Other Websites

Our website does contain links to affiliate and other websites. Concierge Asynchronous Licensed Medicine PLLC does not claim nor accept responsibility for any privacy policies, practices and/or procedures of other such websites. Therefore, we encourage all users and visitors to be aware when they leave our website and to read the privacy statements of every website that collects personally identifiable information. This Privacy Policy Agreement applies only and solely to the information collected by our website.


Notice to European Union Users

Concierge Asynchronous Licensed Medicine PLLC's operations are located primarily in the United States. If you provide information to us, the information will be transferred out of the European Union (EU) and sent to the United States. (The adequacy decision on the EU-US Privacy became operational on August 1, 2016. This framework protects the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes. It allows the free transfer of data to companies that are certified in the US under the Privacy Shield.) By providing personal information to us, you are consenting to its storage and use as described in this Policy.


Security

Concierge Asynchronous Licensed Medicine PLLC takes precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline. Wherever we collect sensitive information (e.g. credit card information), that information is encrypted and transmitted to us in a secure way. You can verify this by looking for a lock icon in the address bar and looking for "https" at the beginning of the address of the webpage.


While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers and servers in which we store personally identifiable information are kept in a secure environment. This is all done to prevent any loss, misuse, unauthorized access, disclosure or modification of the user's personal information under our control.


The company also uses Secure Socket Layer (SSL) for authentication and private communications to build users' trust and confidence in the internet and website use by providing simple and secure access and communication of credit card and personal information.


Acceptance of Terms
 
By using this website, you are hereby accepting the terms and conditions stipulated within the Privacy Policy Agreement. If you are not in agreement with our terms and conditions, then you should refrain from further use of our sites. In addition, your continued use of our website following the posting of any updates or changes to our terms and conditions shall mean that you agree and acceptance of such changes.


How to Contact Us


If you have any questions or concerns regarding the Privacy Policy Agreement related to our website, please feel free to contact us at the following email, telephone number or mailing address.

Email: helpdesk@calmhealthcaretexas.com Telephone Number: 832-415-1334 Mailing Address:
Concierge Asynchronous Licensed Medicine PLLC
700 Milam St Houston, Texas 77002
 

Calm Healthcare Membership Agreement

1.Patient-Clinician Relationship

 

By your signature, you acknowledge that you are voluntarily becoming a patient of Concierge Asynchronous Licensed Medicine PLLC heretofore referred to in this document as DPC PRACTICE and its medical group or affiliated clinician. As a DPC PRACTICE patient, those services described in Section 2 below will be made available to you pursuant to the terms of this Membership Agreement.

 

2.DPC PRACTICE Services

 

Health Care Services: As a patient, you are eligible to receive medical advice and prescriptions where appropriate by your individual clinician from among those listed in our Detailed Service List (attached below and also available at www.calmhealthcaretexas.com) by secure messenger and email. During the term of this Agreement, the Health Care Services provided by DPC PRACTICE may be subject to change by DPC PRACTICE from time to time. Such changes, if any, shall be reflected on the Detailed Service List.

 

If you have a pre-existing medical condition, please contact us first to learn how you may benefit from DPC PRACTICE’S services. Pre-existing medical conditions do not disqualify you from enrolling in DPC PRACTICE’s service.

 

By entering into this Membership Agreement, you acknowledge that DPC PRACTICE does not provide health insurance coverage and that this is not a contract for insurance. DPC PRACTICE provides only the Health Care Services specifically described herein and additional costs may be incurred for laboratory, medical imaging, surgery, specialist care, emergency department visits, and hospitalization required outside of DPC PRACTICE’s services. DPC PRACTICE encourages you to combine DPC PRACTICE membership with appropriate health insurance coverage.

 

  1. Fees and Payment

 

DPC PRACTICE charges the Comprehensive Monthly Fee listed below per Member to include all Covered Healthcare Services included on the Detailed Services List.

 

  • $50/month except where discounted for multiple months

 

 

Most, but not all, of the services described above in Section 2, are covered by the Comprehensive Monthly Fee, subject to the limitations set forth in this Membership Agreement. However:

 

  • Per IRS guidance, if you participate in a high-deductible health plan with a health savings account (HSA) feature, you may be required to pay on a fee-for-service basis for certain primary care, non-preventive care and urgent care services until such time as your deductible has been satisfied. If you don’t pay on a fee-for-service basis for these services, it is possible you may lose your ability to contribute to your HSA during your membership. Please consult your attorney or financial adviser. DPC PRACTICE hereby disclaims any responsibility or liability with respect to your decisions made thereto.

  • Some Health Care Services provided by DPC PRACTICE are not covered by the Comprehensive Monthly Fee (Non-Covered Health Care Services). The DPC PRACTICE fee schedule for these services will be provided to you upon your request. DPC PRACTICE may amend the fee schedule from time to time in its sole and absolute discretion and without prior notice.

  • If you request and receive a Non-Covered Health Care Service, you can:

    • Pay for that service at the time it is provided to you and request from DPC PRACTICE a claim form that you may submit to your health plan (or other third party)

  • You agree not to submit any claims to any third party payor or any government health care program for Covered Services rendered by DPC PRACTICE to you under this Agreement.

 

  • All Fees paid are non-refundable. This includes all Fees that may have been paid whether such were paid on a monthly or annual basis.

 

4.Your Medical Information

 

Your privacy is very important to us and you control the use of your personal information. DPC PRACTICE has put important safeguards in place to make sure your medical information is protected and safe to maintain its confidentiality.

 

DPC PRACTICE seeks to work together with you to give you the best health care possible. Having access to your medical information will help your DPC PRACTICE doctor give you the best possible care because he/she will have the most up-to-date information about your health. Therefore, as allowed by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and to help us give you the right care, in the right place and at the right time, your health plan and its contractors and agents (Health Plan) may electronically share with us your health-related information (including your “protected health information” as defined by HIPAA). Such shared health-related information may include things like visits to the doctor or hospital, medical conditions, current and past prescriptions, biometric data (height, weight, body fat percentage, etc.) and other health status-related information.

 

 

5.Digital Communications Risks and Conditions

 

DPC PRACTICE offers members the ability to send and receive emails and texts to and from their care team. While DPC PRACTICE takes many precautions to protect your information and the security of the emails and texts it sends, there are still risks.

 

Risks:

Transmitting patient information by email or text has a number of risks. These risks include but are not limited to the following:

 

  • Email and texts can be circulated, forwarded, stored electronically and on paper, and broadcast to unintended recipients.

  • Email and text senders can readily misaddress an email or text.

  • Email and texts can be intercepted, altered, forwarded or used without authorization or detection.

  • Emails and texts may not be secure, and therefore it is possible that the confidentiality of such communications may be breached by a third party.

  • Email and text service providers may have access to your emails and texts.

 

Conditions:

DPC PRACTICE is not liable for improper disclosure of confidential information that is not caused by DPC PRACTICE’s misconduct. You must acknowledge and consent to the following conditions:

  • Email and text are not appropriate nor should they be used for urgent or emergency situations. Please call 911 in the event of a medical emergency.

  • Per your request, DPC PRACTICE may send emails or texts to you as necessary for your diagnosis, treatment, billing,

eligibility and other handling. You should not use email or text for sensitive communications (e.g., AIDS/HIV, mental health, developmental disability or substance abuse).

  • You are responsible for informing DPC PRACTICE, in writing, if you want to cease or limit email or text communications with DPC PRACTICE. You may do so at any time without reason or explanation.

  • You are responsible for protecting your email account or telephone password or other means of access to your email or text. DPC PRACTICE is not liable for breaches of confidentiality involving your email or telephone accounts that are caused by you or any third party.

 

By signing this Membership Agreement, you acknowledge that you have received and read the above information. In addition, you agree to any instructions that DPC PRACTICE may impose regarding the sending and receipt of email or text communications containing patient information.

 

R ecommendations and Instructions:

If you wish to send and receive emails or texts from DPC PRACTICE regarding your care and treatment, you:

 

  • Should limit or avoid use of public computers and public networks.

  • Should promptly inform DPC PRACTICE of changes in your email address or telephone number.

  • Before sending emails or texts containing personal health information to DPC PRACTICE, you should:

    • Ensure the email or text is addressed to the intended recipient.

    • List the key topic in the email subject line.

    • Put your name in the body of the email or text.

    • Take precautions to preserve the confidentiality of your emails or texts. Once DPC PRACTICE sends an email or text from its network, it has no control over its confidentiality or security.

Note: Patients can communicate securely with DPC PRACTICE if Patients via the DPC PRACTICE Patient Portal.

 

6.Term and Termination

 

This Membership Agreement shall begin upon the Effective Date and shall continue until canceled on our website, app, or electronic medical record.

 

Notwithstanding the above, in order to terminate this Membership Agreement you must message our clinic, cancel your membership in the website, or email helpdesk@calmhealthcaretexas.com.

 

Upon cancellation, after payment is received for all periods prior to the termination of this Membership Agreement, you will not be responsible for any further payments.

 

DPC PRACTICE may terminate this Membership Agreement at any time, subject to any professional obligations.

 

7.DPC PRACTICE Terms

 

  • If any term, provision, covenant or condition of this Membership Agreement is held by a court of competent jurisdiction to be invalid, void or unenforceable, the remaining provisions will remain in full force and effect and will in no way be affected, impaired or invalidated.

 

  • This Membership Agreement will be governed by and construed in accordance with the laws of the state in which the medical office of your DPC PRACTICE physician is located. By signing the Membership Agreement, you agree to have any dispute arising out of the Membership Agreement decided by neutral binding arbitration rather than by a jury or court trial. Any dispute will be submitted to arbitration in the county in the state where you receive services covered by the Membership Agreement. The decision in arbitration shall be conclusive and binding on you and DPC PRACTICE. All arbitration provisions shall be

governed by, construed and enforced in accordance with the Federal Arbitration Act.

 

  • This Membership Agreement is non-transferable.

 

 

If you have a complaint, please contact your DPC PRACTICE clinic directly or DPC PRACTICE in any of the following ways:

 

E mail: helpdesk@calmhealthcaretexas.com

 

P hone: 8324151334

 

M ail: 700 Milam St Suite 1300, Houston, TX, 77002

 

 

PATIENT RIGHTS UNDER HIPAA
 

https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html

YOUR HEALTH INFORMATION PRIVACY RIGHTS

 

Most of us feel that our health information is private and should be protected. That is why there is a federal law that sets rules for health care providers and health insurance companies about who can look at and receive our health information. This law, called the Health Insurance Portability and Accountability Act of 1996 (HIPAA), gives you rights over your health information, including the right to get a copy of your information, make sure it is correct, and know who has seen it. You can ask to see or get a copy of your medical record and other health information. If you want a copy, you may have to put your request in writing and pay for the cost of copying and mailing. In most cases, your copies must be given to you within 30 days. You can ask to change any wrong information in your file or add information to your file if you think something is missing or incomplete. For example, if you and your hospital agree that your file has the wrong result for a test, the hospital must change it. Even if the hospital believes the test result is correct, you still have the right to have your disagreement noted in your file. In most cases, the file should be updated within 60 days. Know Who Has Seen It. By law, your health information can be used and shared for specific reasons not directly related to your care, like making sure doctors give good care, making sure nursing homes are clean and safe, reporting when the flu is in your area, or reporting as required by state or federal law. In many of these cases, you can find out who has seen your health information. You can: Learn how your health information is used and shared by your doctor or health insurer. Generally, your health information cannot be used for purposes not directly related to your care without your permission. For example, your doctor cannot give it to your employer, or share it for things like marketing and advertising, without your written authorization. You probably received a notice telling you how your health information may be used on your first visit to a new health care provider or when you got new health insurance, but you can ask for another copy anytime. Let your providers or health insurance companies know if there is information you do not want to share. You can ask that your health information not be shared with certain people, groups, or companies. If you go to a clinic, for example, you can ask the doctor not to share your medical records with other doctors or nurses at the clinic. You can ask for other kinds of restrictions, but they do not always have to agree to do what you ask, particularly if it could affect your care. Finally, you can also ask your health care provider or pharmacy not to tell your health insurance company about care you receive or drugs you take, if you pay for the care or drugs in full and the provider or pharmacy does not need to get paid by your insurance company. • • Ask to be reached somewhere other than home. You can make reasonable requests to be contacted at different places or in a different way. For example, you can ask to have a nurse call you at your office instead of your home or to send mail to you in an envelope instead of on a postcard. Your Health Information Privacy Rights 2 • If you think your rights are being denied or your health information is not being protected, you have the right to file a complaint with your provider, health insurer, or the U.S. Department of Health and Human Services.

 

Who Must Follow These Laws

We call the entities that must follow the HIPAA regulations "covered entities."

Covered entities include:

  • Health Plans, including health insurance companies, HMOs, company health plans, and certain government programs that pay for health care, such as Medicare and Medicaid.

  • Most Health Care Providers—those that conduct certain business electronically, such as electronically billing your health insurance—including most doctors, clinics, hospitals, psychologists, chiropractors, nursing homes, pharmacies, and dentists.

  • Health Care Clearinghouses—entities that process nonstandard health information they receive from another entity into a standard (i.e., standard electronic format or data content), or vice versa.

In addition, business associates of covered entities must follow parts of the HIPAA regulations.

Often, contractors, subcontractors, and other outside persons and companies that are not employees of a covered entity will need to have access to your health information when providing services to the covered entity. We call these entities “business associates.” Examples of business associates include:

  • Companies that help your doctors get paid for providing health care, including billing companies and companies that process your health care claims

  • Companies that help administer health plans

  • People like outside lawyers, accountants, and IT specialists

  • Companies that store or destroy medical records

Covered entities must have contracts in place with their business associates, ensuring that they use and disclose your health information properly and safeguard it appropriately. Business associates must also have similar contracts with subcontractors. Business associates (including subcontractors) must follow the use and disclosure provisions of their contracts and the Privacy Rule, and the safeguard requirements of the Security Rule.

Who Is Not Required to Follow These Laws

Many organizations that have health information about you do not have to follow these laws.

Examples of organizations that do not have to follow the Privacy and Security Rules include:

  • Life insurers

  • Employers

  • Workers compensation carriers

  • Most schools and school districts

  • Many state agencies like child protective service agencies

  • Most law enforcement agencies

  • Many municipal offices

What Information Is Protected 

  • Information your doctors, nurses, and other health care providers put in your medical record

  • Conversations your doctor has about your care or treatment with nurses and others

  • Information about you in your health insurer’s computer system

  • Billing information about you at your clinic

  • Most other health information about you held by those who must follow these laws

How This Information Is Protected

  • Covered entities must put in place safeguards to protect your health information and ensure they do not use or disclose your health information improperly.

  • Covered entities must reasonably limit uses and disclosures to the minimum necessary to accomplish their intended purpose.

  • Covered entities must have procedures in place to limit who can view and access your health information as well as implement training programs for employees about how to protect your health information.

  • Business associates also must put in place safeguards to protect your health information and ensure they do not use or disclose your health information improperly.

What Rights Does the Privacy Rule Give Me over My Health Information?

Health insurers and providers who are covered entities must comply with your right to: 

  • Ask to see and get a copy of your health records

  • Have corrections added to your health information

  • Receive a notice that tells you how your health information may be used and shared

  • Decide if you want to give your permission before your health information can be used or shared for certain purposes, such as for marketing

  • Request that a covered entity restrict how it uses or discloses your health information

  • Get a report on when and why your health information was shared for certain purposes

  • If you believe your rights are being denied or your health information isn’t being protected, you can

You should get to know these important rights, which help you protect your health information.

You can ask your provider or health insurer questions about your rights.

Learn more about your health information privacy rights - PDF.

Who Can Look at and Receive Your Health Information

The Privacy Rule sets rules and limits on who can look at and receive your health information

To make sure that your health information is protected in a way that does not interfere with your health care, your information can be used and shared:

  • For your treatment and care coordination

  • To pay doctors and hospitals for your health care and to help run their businesses

  • With your family, relatives, friends, or others you identify who are involved with your health care or your health care bills, unless you object

  • To make sure doctors give good care and nursing homes are clean and safe

  • To protect the public's health, such as by reporting when the flu is in your area

  • To make required reports to the police, such as reporting gunshot wounds

Your health information cannot be used or shared without your written permission unless this law allows it. For example, without your authorization, your provider generally cannot:

  • Give your information to your employer

  • Use or share your information for marketing or advertising purposes or sell your information

 

To learn more, visit www.hhs.gov/ocr/privacy/.

​

​

bottom of page