Legal
Privacy Policy GlobaliD IQ
Introduction
Your privacy is important to us and we believe it is important for you to know what personal data we, GlobaliD IQ (“GIDIQ” or “we”), collect from you (and third parties), why we collect it, how we use it and what rights you might be entitled to as a data subject or consumer.
Please note: all information in this privacy notice is applicable to you unless otherwise indicated based on your residency status. For the additional terms which may be applicable to you based on your residency status, please refer to your country-specific terms at the end of this notice. In this notice, term “personal data” is used to represent any information relating to an identified or identifiable person; country-specific notices might adopt a different terminology.
We encourage you to read this notice, together with any additional and more specific information we may provide to you on various occasions when we are collecting or processing personal data on GIDIQ websites, products or applications, events and initiatives so that you are aware of how and the purpose for which we are processing your personal data. (Please note: We issue a different privacy notice which applies where there is an employment relationship between GIDIQ and its employees.)
How we will use your personal data
We may collect different kinds of personal data in several different ways and use it for a number of different purposes:
- To ensure access to our website and online services.
In general, you can visit globalidiq.com and its affiliate websites on the World Wide Web without telling us who you are. Our web servers or Affiliates who provide analytics and performance enhancement services may collect:
– IP addresses,
– operating system details,
– browsing details,
– device and connectivity details, and/or
– language settings.
This information is aggregated to measure the number of visits, average time spent on the site, pages viewed and similar information. GIDIQ uses this information to measure the site usage, improve content and to ensure safety and security as well as enhance performance and user experience of the website. In few situations, you are required to register to access an authenticated area of the website: in these cases, we will also collect your username and password.
We may also obtain data from third parties including:
– Social networks, when you grant permission to us to access your data on one or more networks through our website.
– Service providers, who help us to determine a location based on your IP address in order to customize offerings and content to your location.
– Partners with whom we offer co-branded services or engage in joint marketing activities.
GIDIQ uses cookies (small text files placed on your device) and similar technologies to facilitate proper functioning of our websites and to help collect data: please read here our full cookie policy. Please note that our websites may include links to websites of third parties whose privacy practices differ from those of GIDIQ; if you provide personal data to any of those websites, your data is governed by their privacy statements.
- To answer your queries, support and contact requests.
If you contact us with queries, requests for more information about initiatives or products or other generic support inquiries, we may need to process personal data about you such as:
– personal and contact details, like full name, company and role, email and address,
– demographic data,
– qualifications and profession, and/or
– the content of your messages to us.
For information about managing your contact data, email subscriptions and promotional communications, please use the contact us form on the globalteciq.com or affiliate websites where you had given your Personal data.
- Subscriptions to our promotional communications.
If you sign up to receive marketing communications from GIDIQ we may send these by email, post, telephone or any other means of communication. For information about managing your contact data, you may reach out to the contact details provided in the event privacy notice or in the emails you receive, or you may use the contact us form on the globalidiq.com or affiliate websites where you had given your Personal data.
- To administer events and initiatives.
GIDIQ frequently organizes events and initiatives, either free to join or by invitation only; in these cases, this privacy notice applies to both participants and speakers, together with any other supplementary information that is provided in relation with each event. To allow participants to join the events (including communications pre and post event), we are required to collect and process a limited amount of information, such as:
– full name,
– company, job title and business email address,
– telephone number,
– location, and/or
– pictures and video of you.
Where a hospitality service is provided, we may also collect, store and process “special categories” of more sensitive personal data (SPI), such as dietary requirements or personal disabilities. This will be done only and to the extent permitted by law. Events might be recorded, hence pictures and videos may be collected too; in such cases, you may be informed via a specific notice at the location of recording. This material may be used later by GIDIQ for further compatible purposes in accordance with the notices you receive. Also, during the course of the events, we may collect from you data about yourself, which we later may use to contact you again in order to receive feedback and/or provide further commercial information about GIDIQ; this may be done with your consent, wherever necessary.
We may also obtain data from third parties including third party event organizers where the event is sponsored by GIDIQ. Organizers might provide the attendee list. In such cases, the privacy statement of those third parties to whom you provide your personal data will apply to you.
- To promote the GIDIQ brand, products, initiatives and values with marketing communications.
GIDIQ has a strong legitimate interest in promoting its brand, products, initiatives and values. In order to further such goals, we process personal data about our business contacts including existing and potential GIDIQ clients, third parties and intermediaries GIDIQ interacts with in the course of doing business. GIDIQ may collect details about you including name, contact details and other information such as your job title, employer, areas of business interest and other business details. We may process such data using software or platforms which allow us to manage our client relationships. We collect such data directly or indirectly from you, or from third parties, such as business partners, data brokers, social networks, marketing companies, and publicly available sources such as social media sites where lawful to do so. In such cases, we will also comply with any additional restrictions imposed by the region in which your data was collected as well as the source of the data. GIDIQ may also collect data from our email and calendar systems concerning interactions between GIDIQ associates and contacts or third parties.
Your data is used by us in part for administering, managing and developing our business and services; such as identifying existing and potential client business needs, analyzing and evaluating the strength of our interactions with certain business contacts, performing analytics including to produce metrics such as relationship maps for our business leadership and limited profiling for the purposes of helping us to develop and offer appropriate products and services to existing and potential clients. Analytics may be performed by us using algorithms which help us analyze and rank interactions with you depending on interaction frequency and duration. We may also send you marketing communications and surveys to carry out market research or provide information to you about us and our services which we have reason to believe would be of interest to you in your professional capacity.
When reaching out to you, we may do so through different channels, such as email, phone calls, post or any other means of communication such as through social media sites such as LinkedIn. We will only send electronic marketing communications to business contacts in a business-to-business context, where we have your prior consent or where it is otherwise lawful to do so in the jurisdiction you are located in. You can opt-out from receiving such communications at any time using the contact us form on globalteciq.com or affiliate websites where you had given your personal data, writing to our Data Protection Officers or Chief Privacy Officer (see section below) or by any other given method provided from time to time (for example: unsubscribe link included at the bottom of emails).
From time to time, we may use your name, quotes, pictures or videos to promote and amplify GIDIQ’ brand and activities. In any such case, you will receive appropriate additional information about the usage of your personal data.
- To manage, administer and fulfill the obligations under contracts, and regulations
Where GIDIQ is in a contractual relationship with you (other than an employment relationship), your employer or your company, or is taking steps to enter into such a contractual relationship, we may need to process your personal data, usually limited to name, business contact details and job title in order to enter into and/or fulfill the obligations arising from the same contract, such as providing you or your employer or company with the services you have requested or make use of the services that you or your employer or company are offering to us. We will also process such personal data for ancillary tasks related to our daily business activities, such as accounting, auditing, reporting (to regulators and authorities) and to comply with applicable regulations.
If you do not provide certain information when requested, it may delay or prevent us from administering a service you have requested from us, or in replying to your queries and/or in letting you join our initiatives.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason that is compatible with the original purpose and applicable law. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
How we will share your personal data
We may share your data with third parties, including third-party service providers and other entities in the GIDIQ group. Please note, GIDIQ has not in the past, nor does it currently, under any circumstances sell your personal data to any third party. Further, GIDIQ does not share your personal data with third parties for any additional purpose (as outlined below) unless required to fulfill a legal obligation or a legitimate business purpose where permitted by law.
Why might you share my personal data with third parties?
We may share your personal data with third parties where required by law, where it is necessary for one of the activities mentioned above or where we have another legitimate legal basis in doing so. We require third parties to respect the security of your data and to treat it in accordance with the law. Where required by the law, we will request your consent before transferring data to third parties which are not part of the GIDIQ group of companies.
Which third-party service providers process my personal data?
”Third parties” includes third-party service providers (including contractors and designated agents) and other entities within our group. The following activities may be carried out by third-party service providers: hosting and other internet services, data storage and analytics, marketing research and campaign management, event organizers and caterers. All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions and applicable law. We may also need to share your personal data with regulators or to otherwise comply with the law.
When might you share my personal data with other entities in the group?
We may share your personal data with other entities in the GIDIQ group as part of our regular reporting activities on company performance, in the context of a business reorganization or group restructuring exercise, for system maintenance support and hosting of data and when it is required to do so in order to perform one of the activities listed above (see “How we will use information about you”). Other entities in the GIDIQ group are required to take appropriate security measures to protect your personal data in line with our policies.
Transferring your personal data outside of your country of residence
We may transfer the personal data we collect about you to one of more countries outside of your country of residence or outside of the country in which you access this website, including India, in order to perform one of the activities listed above (see “How we will use information about you”). – In such cases, we have put in place the appropriate measures to ensure that your personal data will be secure according to the laws of the country in which you reside. If you require further information about these protective measures, you can request it from our Data Protection Officers (see contacts below) or send an email to privacy@globalidiq.com.
How we will keep your information safe
We have put in place appropriate technical, organizational and security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
How long we will keep your information
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal data are available in our retention policy upon request from our Data Protection Officers (see contact details below). To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you.
How to contact us
If you have a privacy concern, complaint or a question regarding this privacy statement, please direct it to the Chief Privacy Officer of GlobaliD IQ at privacy@globalidiq.com or contact us through the “Contact us” form on globalidiq.com or affiliate websites where you provided your Personal data indicating your concern in detail.
For the purposes of the data processed under this statement, the controller or business/service provider for the data processing of your personal data collected through our websites is GlobaliD IQ, 5901 SW 74th Street, Suite 400, Miami Florida 33143, United State of America. For all the other purposes indicated above, the controller or business/service provider is the same entity unless indicated otherwise in other privacy statement communicated in each situation.
Right to withdraw consent
In the limited circumstances and based on your country of residence; where you may have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you may have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact our Data Protection Officers (see contacts below). Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legal basis for doing so.
Please find below the list of region wise Data Protection Officers
We have appointed Data Protection Officers (DPOs) to oversee compliance of GIDIQ with applicable data protection laws and with this privacy notice. If you have any questions about this privacy notice or how we handle your personal data, please contact the DPO in your region:
| Data Protection Officer for UK and Ireland | Data Protection Officer for Continental Europe |
| Data Protection Officer for the United States: | Data Protection Officer for Canada: |
| Data Protection officer for Brazil: | Data Protection Officer for LATAM |
| Data Protection officer for APAC: | Data Protection officer for South Africa: |
Please refer to region specific privacy regulations below:
EU/EEA: Click here
US: Click here
Canada: Click here
Brazil: Click here for English | Click here for Portuguese
Australia: Click here
New Zealand: Click here
APAC: Click here
Argentina: Click here for English | Click here for Spanish
Chile: Click here for English | Click here for Spanish
Colombia: Click here for English | Click here for Spanish
Ecuador: Click here for English | Click here for Spanish
Mexico: Click here for English | Click here for Spanish
Peru: Click here for English | Click here for Spanish
Uruguay: Click here for English | Click here for Spanish
Malaysia: Click here for Malay
South Africa: Click here
Guatemala: Click here for English | Click here for Spanish
Our Commitment to Privacy
Click here to read more.
Changes to this privacy notice
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal data.
EFFECTIVE AND REVISED 10/15/2024
PrimaHealth Healthcare Virtual Care Products & Services
PrimaHealth, LLC, a Florida Limited Liability Company (“PrimaHealth”) in association and collaboration with healthcare providers, provides Healthcare products & services. PrimaHealth websites: www.primahealth.tech, www.primahealth.net, and www.primahealth.us
The following is the PrimaHealth Privacy Policy…
LEGAL
PRIVACY POLICY
PRIMAHEALTH NOTICE OF PRIVACY PRACTICES
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
PrimaHealth, LLC. (“PRIMAHEALTH’), as well as our licensors, vendors, partners, consultants, and affiliates respect the privacy of its members and users of web site. As used in this Privacy Policy, references to “PRIMAHEALTH” and/or “We” and/or “Our” means and includes PRIMAHEALTH, its parent, subsidiaries, associates, affiliated entities, vendors, partners, consultants and its licensors. PRIMAHEALTH’s policy regarding privacy information that is collected and how that data is used is outlined below.
PRIMAHEALTH has developed all the system technologies, including the interfaces to the technology systems provided by third party providers. PRIMAHEALTH manages the data security for this site. All data is stored in encrypted format that meets standards defined by HIPAA (Health Insurance Portability and Accountability Act). All data transfer is executed using similar standards that meet or exceed HIPAA, and no data is transferred to users that do not have specific data access keys.
The importance of security for all personal information associated with you, your family, and that which you share with your primary care physician (PCP), is of extreme concern to us. At PRIMAHEALTH, we put into practice state of the art care in providing secure transmission of your information from your personal computer to our servers. Personal information collected by our web site is stored in secure operations environments that are not available to the public; and firewalled. Only those employees who require access to your information in order to do their jobs are allowed access, and each have signed a confidentiality agreement that is on-file. Any employee who violates our privacy or security policies is subject to disciplinary action, up to, and including, termination and civil and/or criminal prosecution.
OUR PLEDGE REGARDING YOUR MEDICAL INFORMATION
We understand that medical information about you and your health is personal. We are dedicated to maintaining the privacy and integrity of your protected health information (“PHI”), which is information about you that may be used to identify you (such as your name, social security number, or address), and that relates to (a) your past, present, or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present, or future payment for the provision of health care. In providing services, we will receive and create records containing your PHI. We need these records to provide you with quality care and to comply with certain federal and state legal requirements.
We are required by law to maintain the privacy of your PHI and to provide you with notice of our legal duties and privacy practices with respect to your PHI. To the extent required by law, when using or disclosing your PHI or when requesting your PHI from another covered entity, we will make reasonable efforts not to use, disclose, or request more than the minimum necessary set of your PHI or, if needed by us, no more than the minimum amount of PHI necessary to accomplish the intended purpose of the use, disclosure, or request, taking into consideration practical and technological limitations.
This Notice of Privacy Practices applies to all of the records of your care generated by PRIMAHEALTH. When we use or disclose your PHI, we are required to abide by the terms of this Notice (or other Notice in effect at the time of the use or disclosure).
NOTICE OF HIPAA PRIVACY PRACTICES
THIS NOTICE OF PRIVACY PRACTICES DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED, AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY AND REPORT ANY ISSUES, OR CONCERNS VIA EMAIL, TO: PRIMAHEALTH HIPAA COMPLIANCY DEPARTMENT, hipaacompliance@primahealth.us
The Health Insurance Portability & Accountability Act of 1996 (HIPAA) is a federal program requiring that all medical records and other individually identifiable health information used, or disclosed, by us in any form, whether electronically, on paper, or orally, are kept properly confidential. This Act gives you, the Patient, significant new rights to understand and control how your health information is used. HIPAA provides penalties for covered entities that misuse personal health information.
HOW WE MAY USE AND DISCLOSE MEDICAL INFORMATION ABOUT YOU.
For Treatment
This is the most important use and disclosure of your PHI. PRIMAHEALTH will use or disclose your medical information to provide treatment and deliver the services you have requested, for example for purposes of a telemedicine consultation or in connection with the provision of follow-up treatment. Use and disclosure of your medical information may include, without limitation, creation of an electronic health record and appointment reminders, discussion with your treating health care practitioners to facilitate your health care oversight, investigation of research opportunities or treatment alternatives for your health care issues, identification of health-related benefits and services that may be of interest to you, and to communicate important health information with members of your family. We may also disclose PHI to other providers involved in your treatment.
For Health Care Operations
PRIMAHEALTH may also collect aggregate data about your health (in an anonymous manner) for statistical analysis, improvement of services, and customization of web design, content layout, and services. This includes internal administration and planning, as well as various activities that improve the quality and cost effectiveness of the care that we deliver to you. We may also combine medical information about PRIMAHEALTH patients to decide what additional services we should offer, what services are not needed, and if certain new treatments are effective. We may also disclose information to health care providers and other PRIMAHEALTH professionals for review and learning purposes. There are some services provided in our organization through contracts with business associates, who may gain access to PHI. Examples of business associates include management consultants, quality assurance reviewers, shredding companies, and translation services. We may disclose your PHI to our business associates so that they can perform the job we have asked them to do in order to provide better healthcare services to you. To protect your PHI, we require our business associates to sign an agreement stating that they will appropriately safeguard your PHI to in accordance with applicable federal and state laws (including HIPAA standards).
To Avert a Serious Threat to Health or Safety
PRIMAHEALTH may use and disclose your PHI when necessary to prevent a serious threat to your health and safety, or to the health and safety of the public or another person. Any disclosure would only be to someone able to help prevent the threat or to the extent necessary to comply with state and federal laws to prevent or control disease, injury, or disability regarding public health.
At Your Request
PRIMAHEALTH may disclose information when requested by you. This disclosure may require written or verbal authorization by you.
OTHER PERMITTED AND REQUIRED USES AND DISCLOSURES OF PHI THAT MAY BE MADE WITHOUT YOUR AUTHORIZATION OR OPPORTUNITY TO AGREE OR OBJECT
Required By Law
We may use or disclose your PHI to the extent that the use or disclosure is required by federal, state, or local laws or regulations. The use or disclosure will be made in compliance with the law or regulation and will be limited to the relevant requirements of the law or regulation. You will be notified, if required by law or regulation, of any such uses or disclosures.
Health Oversight Activities
We may disclose your PHI to a health oversight agency for activities authorized by law. These oversight activities include, for example, audits, investigations, inspections, and licensure. These activities are necessary for the government to monitor the health care system, government programs, and compliance with civil rights laws.
Victims of Abuse, Neglect, or Domestic Violence
We may disclose your PHI to a public health authority that is authorized by law to receive reports of child or elder abuse or neglect. In addition, we may disclose your PHI if we believe that you have been a victim of abuse, neglect, or domestic violence to the governmental entity or agency authorized to receive such information. In this case, the disclosure will be made consistent with the requirements of applicable federal and state laws.
Legal Proceedings
We may use and disclose PHI in responding to a court or administrative order, subpoena, or discovery request. We may also use and disclose your PHI to the extent permitted by law without your authorization, for example, to defend a lawsuit or arbitration.
Law Enforcement
We may disclose your PHI to the police or other law enforcement officials as required or permitted by law: (1) in response to a court order, subpoena, warrant, summons, or similar process; (2) to identify or locate a suspect, fugitive, material witness, or missing person; (3) to notify them about the victim of a crime if, under certain limited circumstances, we are unable to obtain the person’s agreement; (4) to notify them about a death we believe may be the result of criminal conduct; (5) to notify them about criminal conduct at PRIMAHEALTH or with one of our health care providers; and (6) in emergency circumstances, to report a crime, the location of a crime or the victims of a crime, or the identity, description, or location of the person who committed the crime.
Food and Drug Administration
We may disclose your PHI to a person or company required by the Food and Drug Administration for the purpose of quality, safety, or effectiveness of FDA-regulated products or activities including to report adverse events, to report product defects or problems, to report biologic product deviations, to track products, to enable product recalls, to make repairs or replacements, or to conduct post marketing surveillance, as required.
Decedents, Coroners, Funeral Directors, and Organ Donation
We may disclose your PHI to a coroner or medical examiner for identification purposes, determining cause of death, or for the coroner or medical examiner to perform other duties authorized by law. We may also disclose your PHI to a funeral director, as authorized by law, in order to permit the funeral director to carry out their duties. We may also disclose such information in reasonable anticipation of your death. Your PHI may additionally be used and disclosed for cadaveric organ, eye, or tissue donation purposes.
Research that Does Not Involve Your Treatment
We may disclose your PHI to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your PHI. When a research study does not involve any treatment, we may disclose your PHI to researchers. To do this, we will either ask your permission to use your PHI or we will use a special process that protects the privacy of your PHI. In addition, we may use information that cannot be identified as your PHI, but that includes certain limited information (such as your date of birth and dates of service). We will use this information for research, quality assurance activities, and other similar purposes and we will obtain special protections for the information disclosed.
Military Activity and National Security
We may use and disclose your PHI to units of the government with special functions, such as the U.S. military or the U.S. Department of State, under certain circumstances. We may use and disclose your PHI to authorized federal officials for intelligence, counterintelligence, and other national security activities authorized by law. We may use and disclose your PHI to authorized federal officials so they may provide protection to the President, other authorized persons, or foreign heads of state, or conduct special investigations.
Criminal Activity
Consistent with applicable federal and state laws, we may disclose your PHI if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. We may also disclose your PHI if it is necessary for law enforcement authorities to identify or apprehend an individual.
Inmates
If you are an inmate of a correctional institution or under custody of a law enforcement official, we may disclose your PHI to the correctional institution or the law enforcement official. This is necessary for the correctional institution to provide you with health care, to protect your health and safety and the health and safety of others, and to protect the safety and security of the correctional institution.
Public Health Risks
We may disclose your PHI for public health activities. These activities generally include the following: to prevent or control disease, injury, or disability; to report births and deaths; to report reactions to medications or problems with products; to notify people of recalls of products they may be using; and to notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition. We will only make this disclosure when required or authorized by law or if you authorize such disclosure.
USES AND DISCLOSURES OF PHI BASED UPON YOUR WRITTEN AUTHORIZATION
Other uses and disclosures of your PHI will be made only with your written authorization, unless otherwise permitted or required by law as described in this Notice. You may revoke this authorization in writing at any time. If you revoke your authorization, we will no longer use or disclose your PHI for the reasons covered by your written authorization. Please understand that we are unable to take back any disclosures already made with your authorization, and we are required to retain our records of the care we provide to you. If you are not present or able to agree or object to the use or disclosure of the PHI, then your provider may, using professional judgement, determine whether the disclosure is in your best interest.
OTHER PERMITTED AND REQUIRED USES AND DISCLOSURES OF PHI THAT REQUIRE PROVIDING YOU THE OPPORTUNITY TO AGREE OR OBJECT
Others Involved in Your Health Care or Payment for Your Care
Unless you object, we may disclose to a member of your family, a relative, a close friend, or any other person you identify, your PHI that directly relates to that person’s involvement in your health care. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment. We may use or disclose your PHI to notify or assist in notifying a family member, personal representative, or any other person that is responsible for your care of your location, general condition, or death. Finally, we may use or disclose your PHI to an authorized public or private entity to assist in disaster relief efforts and to coordinate uses and disclosures to family or other individuals involved in your health care.
Special Categories of Treatment Information
In most cases, federal and/or state law requires your written authorization or the written authorization of your representative for disclosures of drug and alcohol abuse treatment, Human Immunodeficiency Virus (HIV) and Acquired Immune Deficiency Syndrome (AIDS) test results, and mental health treatment.
Research Involving Your Treatment
When a research study involves your treatment, we may disclose your PHI to researchers only after you have signed a specific written authorization. In addition, an Institutional Review Board (IRB) will already have reviewed the research proposal, established appropriate procedures to ensure the privacy of your PHI, and approved the research. You do not have to sign the authorization, but if you refuse you cannot be part of the research study and may be denied research-related treatment.
Fundraising Activities
We may use demographic information and your dates of service for our own fundraising purposes; otherwise we will obtain your authorization. If you do not want us to contact you for fundraising efforts, you must notify us in writing at the address listed at the end of this Notice.
YOUR RIGHTS REGARDING YOUR PHI
You have the following rights with respect to your PHI. You may contact PRIMAHEALTH to obtain additional information and instructions for exercising the following rights.
You have the right to inspect and copy your PHI
You may request access to your medical and billing records maintained by us, for so long as we maintain such information. You may inspect and request copies of the records. Under federal law, however, you may not inspect or copy the following records: psychotherapy notes; information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding; and laboratory results that are subject to law that prohibits access to PHI. Under such limited circumstances, we may deny you access to a portion of your records. If you are denied access to your PHI, you may request that the denial be reviewed. Another licensed health care professional chosen by us will review your request and the denial. The person conducting the review will not be the person who denied your request. We will comply with the outcome of the review. Please contact our HIPAA Compliance Officer if you have questions about access to your PHI. If you desire access to your records, you must submit your request in writing. If your medical information is maintained in an electronic health record, you may obtain an electronic copy of your medical information and, if you choose, instruct us to transmit such copy directly to an entity or person you designate in a clear, conspicuous, and specific manner. If you request paper copies, we will charge you for the costs of copying, mailing, labor, and supplies associated with your request. Our fee for providing you an electronic copy of your medical information will not exceed our labor costs in responding to your request for the electronic copy (or summary or explanation). You should take note that, if you are a parent or legal guardian of a minor, certain portions of the minor’s PHI will not be accessible to you (for example, records pertaining to health care services for which the minor can lawfully give consent and therefore for which the minor has the right to inspect or obtain copies of the record, or where the health care provider determines, in good faith, that access to the records requested by the representative would have a detrimental effect on the provider’s professional relationship with the minor or on the minor’s physical safety or psychological well-being).
You have the right to request a restriction of your PHI
You may ask us not to use or disclose any part of your PHI for the purposes of treatment, payment, or health care operations. You may also request that any part of your PHI not be disclosed to family members or friends who may be involved in your care or for notification purposes, such as assisting in the notification of such individuals regarding your location and general condition. While we will consider all requests for additional restrictions carefully, we are not required to agree to a requested restriction, unless the disclosure is to a health plan for a payment or health care operation purpose and the medical information relates solely to a health care item or service for which we have been paid out-of-pocket in full. Your request must state the specific restriction requested and to whom you want the restriction to apply. This request must be in writing. We will send you a written response.
You have the right to request to receive confidential communications
You may request to receive your PHI by alternative means of communication or at alternative locations. For example, you can request that we only contact you at work or by mail. To request confidential communications, you must make your request in writing. We will not ask you for the reason for your request. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted.
You have the right to amend your records
You have the right to request that we amend PHI maintained in your medical or billing records generated by us or our providers. If you desire to amend your records, your request must be in writing. We will comply with your request unless we believe that the information that would be amended is accurate and complete or other special circumstances apply. If we deny your request, you will be permitted to submit a statement of disagreement for inclusion in your records. You have the right to add a 250-word document addendum to your PHI.
You have the right to receive an accounting of disclosures
Upon written request, you may obtain an accounting of certain disclosures of your PHI made by us during any period of time six years prior to the date of your request, except that for requests made on or after January 1, 2016 that relate to treatment, payment, or health care operation disclosures from our electronic health record system, the accounting period is three years. Your written request should indicate in what form you want the list (for example, on paper or electronically). If you request an accounting more than once during a twelve month period, we will charge you for the costs involved in fulfilling your additional request. We will inform you of such costs in advance, so that you may modify or withdraw your request to save costs. In addition, we will notify you as required by law if there has been a breach of the security of your PHI.
You have the right to obtain a paper copy of this Notice
Upon request, you may obtain a paper copy of this Notice. Even if you have agreed to receive such Notice electronically, you are still entitled to a paper copy of this Notice. To obtain a paper copy of this Notice, please contact the PRIMAHEALTH HIPAA Compliance Officer using the contact information at the end of this Notice.
Social media
In order to maintain a professional relationship consistent with professional standards, providers are not permitted to have interactions and communications with patients outside of the normal practices necessary for treatment. Interactions and communications between patients and providers must adhere to applicable federal and state laws and be supported by the provider’s code of ethics. Patients and providers are required to respect the privacy of each other’s presence on social media and to maintain strict professional boundaries and an overall professional relationship focused on treatment.
Protocol for communications
All communications between patients and providers must occur via phone or the use of the PRIMAHEALTH secure platform. In the event a patient needs to schedule a consultation with a provider, or for another pertinent reason, the patient should utilize the PRIMAHEALTH secure platform or contact PRIMAHEALTH’s Care Coordination.
OUR PLEDGE REGARDING YOUR FINANCIAL INFORMATION
This Notice applies to all of the financial records generated by PRIMAHEALTH. All financial records created will be held confidentially by PRIMAHEALTH, unless PRIMAHEALTH is required by law to disclose the information.
HOW WE MAY USE AND DISCLOSE FINANCIAL INFORMATION ABOUT YOU
PRIMAHEALTH will only use your financial information to transact business with you and for everyday business purposes of the company. We will not share this information with any unauthorized affiliates or non-affiliates.
OUR PLEDGE REGARDING OUR WEBSITE
No data transmission over the Internet can be guaranteed to be 100% secure. But, we strive to protect your personal information from unauthorized access, use, or disclosure. When you interact on our web site, all of your information is transmitted through the Internet using Secure Socket Layers (SSL) technology. SSL technology causes your browser to encrypt your information before transmitting it to our secure server. SSL technology, an industry standard, is designed to prevent someone other than operators of our web site from capturing and viewing your personal information. Once your information leaves our Secure Site, PRIMAHEALTH is no longer able to control further disclosure of your information. If you choose to share your PHI over email, you acknowledge the risk of unsecured communication. Additionally, you should be aware of the information collected through cookies. Cookies are text information files that your web browser places on your computer when you visit a website. Cookies assist in providing non-personal information from you as an online visitor. It can be used in the customization of your preferences when visiting our website. Most browsers accept cookies automatically, but can be configured not to accept them or to indicate when a cookie is being sent. We use Google Analytics, a third-party tracking service, which uses cookies to track non-personally identifiable information about our visitors to our main site in the aggregate to capture usage and volume statistics. We have no access to or control over these cookies. This Notice covers the use of cookies by our company only and does not cover the use of cookies by any third-party.
CHANGES TO THIS STATEMENT
PRIMAHEALTH will occasionally update this Notice of Privacy Practices to reflect company and customer feedback, or as regulated by federal and/or state law. This Notice is effective for health information we already have about you as well as any information we receive in the future. PRIMAHEALTH encourages you to periodically review this Notice to be informed about how PRIMAHEALTH is protecting your information. In addition, at any time you may request a copy of the most current Notice in effect.
QUESTIONS OR COMPLAINTS
If you have any questions about this Notice of Privacy Practice, please contact us at email hipaacompliance@primahealth.us . If you believe your privacy rights have been violated, or if you believe that PRIMAHEALTH has not adhered to this Notice, you may file a complaint with PRIMAHEALTH or with the Secretary of the Department of Health and Human Services, Office for Civil Rights. To file a written complaint with PRIMAHEALTH, contact us at PRIMAHEALTH Patient Relations, email hipaacompliance@primahealth.us. You will not be penalized by us for filing a complaint.
ACCEPTANCE
By using this site and the PRIMAHEALTH service, you signify your acceptance of this Privacy Policy, as stated. If you do not agree to this policy, you should not continue, and you should not use our service. Should we make any changes to the PRIMAHEALTH Privacy Policy, we will post these changes prominently so users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. We recommend that you read this Privacy Policy each time you use our Web site in case you missed our notice of changes to the Privacy Policy. Your continued use of the services and site following the posting of changes to these terms will mean you accept those changes.
CONTACT
PRIMAHEALTH welcomes your questions and comments about privacy, in general, and our privacy policy, specifically. If you have any questions about our policies or our site, please email:
PRIMAHEALTH
Attn: Privacy Policy
Email: privacy@primahealth.us
EFFECTIVE AND REVISED 10/15/2024
