HIPAA PRIVACY STATEMENT
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Blue Spiral MedSpa and its affiliated entities (collectively “Blue Spiral Medspa”) use health information about you for treatment, to obtain payment for treatment, to evaluate the quality of care you receive, and for other administrative and operational purposes. Your health information is contained in a medical record that is the physical property and responsibility of Blue Spiral MedSpa. Blue Spiral MedSpa is required by law to maintain the privacy of health information about you and provide you with this notice of our legal duties and privacy practices with respect to your health information (“Notice of Privacy Practices” or “Notice”). We must abide by the terms of this Notice currently in effect. Blue Spiral MedSpa reserves the right to change the terms of this Notice, our privacy practices, and to make the new provisions effective for all protected health information we maintain. You may contact your local Blue Spiral MedSpa location or Blue Spiral MedSpa’s Chief Privacy Officer at the address or phone listed below to obtain a revised Notice of Privacy Practices.
Your Health Information Rights: You have the following rights with respect to health information about you.
Right to Copy of Notice of Privacy Practices. You have the right to a paper copy of our Notice at any time. Please contact your local Blue Spiral MedSpa location or Blue Spiral MedSpa’s Chief Privacy Officer at the address or phone listed below to obtain a copy.
Right to Inspect and Copy. You have the right to inspect and/or obtain a copy of the health information about you that we maintain. Your request must be in writing. We will charge you a fee to cover the costs of copying and mailing that are necessary to fulfill your request. In very limited circumstances, we may deny your request. If we deny your request, we will explain our reasons in writing. Under certain circumstances, you have the right to request that another person at Blue Spiral MedSpa review the decision. We will comply with the review outcome.
Right to Amend. If you feel that health information about you that we maintain is inaccurate or incomplete, you have the right to request that we amend the information. You may request an amendment as long as we maintain the information. We may ask that you submit it in writing and include a reason supporting the request. In certain circumstances, we may deny your request. If your request is denied, we will explain our reasons in writing. You may submit a statement explaining why you disagree with our decision to deny your amendment request. We will share your statement when we disclose health information about you that we maintain in certain groups of records.
Right to an Accounting of Disclosures. You have the right to request an accounting or a detailed listing of certain disclosures of health information about you. The period covered by the accounting is limited to six years before the date of your request. Your request must be in writing. If you request an accounting more often than once every twelve (12) months, we may charge you a fee to cover the costs of preparing the accounting.
Right to Request Restrictions. You have the right to request a restriction or limitation on the health information about you that we use or disclose. Your request must be in writing. We are not required to agree to your request. However, we must agree not to disclose health information about you to your health plan if the disclosure is for payment or health care operations and relates to a health care item or service which you paid for in full out of pocket. If we agree to your request, we will comply with it unless the information is needed for emergency treatment. We will notify you if we are unable to agree to a requested restriction.
Right to Revoke Authorization. You have the right to revoke your authorization to use or disclose health information, except to the extent that action has been taken in reliance upon your authorization. Your request must be in writing.
Right to Request Alternative Method of Communication. You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. Your request must be in writing. We will accommodate all reasonable requests.
Right to Notification of Breach. You have a right to be notified if you are affected by a breach of unsecured health information about you.
Right to Opt Out of Fundraising Communications. We may contact you for fundraising purposes. You have the right to opt out to receive these communications.
Complaints: If you believe your privacy rights have been violated, you may complain to Blue Spiral MedSpa and the Secretary of the Department of Health and Human Services. You may make a complaint to us by contacting Blue Spiral MedSpa’s Chief Privacy Officer at the address or phone listed below. You will not be retaliated against for filing a complaint.
USES OR DISCLOSURES OF YOUR HEALTH INFORMATION THAT MAY BE MADE WITHOUT YOUR AUTHORIZATION
Treatment. We may use and disclose health information about you to provide you with pharmacy care or other medical treatment or services. For example, information related to your treatment may be communicated with and obtained by a health care provider, such as a pharmacist, nurse, or other person providing health services to you, and will be recorded in your medical record. This information is necessary for health care providers to determine what treatment you should receive.
Payment. We may disclose health information about you for payment related purposes. For example, we may contact your insurer, payor, or other entity, for purposes of receiving payment for treatment and services that you receive or to determine whether the entity will pay for the particular product or service. The billing information may identify you, your diagnosis, and treatment or supplies used in the course of your treatment.
Health Care Operations. We may use and disclose health information about you for administrative and operational purposes. For example, members of the risk management or quality improvement teams may use health information about you to assess the care and outcomes in your case and others like it. The results will be used internally to continually improve the quality of care for all patients.
Organized Health Care Arrangement. An organized health care arrangement is a clinically integrated care setting in which individuals typically receive health care from more than one healthcare provider. We may participate in organized health care arrangements with long-term care facilities, hospice, or other healthcare facilities in connection with the services we furnish to patients in such settings. Health information may be shared between the participants in the organized health care arrangement for the health care operations of the arrangement.
Individuals Involved in Your Care or Payment for Your Care. We may disclose to a family member, other relatives, close personal friend or any other person you identify, health information about you directly relevant to that person’s involvement in your care or payment related to your care. Also, we may disclose health information about you to a public or private entity assisting in a disaster relief effort (such as the Red Cross) so that your family can be notified about your condition, status, and location.
Business Associates. We provide some services through contracts with business associates, such as accountants, consultants, and attorneys so that they can perform the tasks that we have assigned to them. To protect your health information, we require the business associate to appropriately safeguard health information about you.
Appointment Reminders. We may use health information about you to provide you with an appointment or prescription reminders.
Alternative Treatments. We may use health information about you to provide you with information about alternative treatments or other health-related benefits and services that may be of interest to you.
Future Communications. We may communicate with you via newsletters, mailings, or other means regarding treatment options, health-related information, disease-management programs, wellness programs, or other community-based initiatives or activities in which we are participating.
Required by Law. We may use and disclose health information about you as required by federal, state, or local law. For example, we may disclose health information for the following purposes: (1) for judicial or administrative proceedings according to legal authority; (2) to report information related to victims of abuse, neglect, or domestic violence; and (3) to assist law enforcement officials in their law enforcement duties.
Public Health. We may use or disclose health information about you for public health activities such as assisting public health authorities or other legal authorities to prevent or control disease, injury, or disability, or for other health oversight activities.
Health Care Oversight. We may use or disclose health information about you to a health oversight agency for oversight activities authorized by law, such as audits, investigations, and inspections.
Research. We may use or disclose health information about you to researchers if an institutional review board or privacy board has reviewed and approved the research proposal, and established protocols to ensure the privacy of your health information.
Health and Safety. We may use or disclose health information about you to avert a serious threat to your health or safety or any other person pursuant to applicable law.
Medical Examiners and Others. We may use or disclose health information about you to medical examiners, coroners, or funeral directors to allow them to perform their lawful duties. If you are an organ or tissue donor, we may disclose health information about you to organizations that help with organ, eye, and tissue donation and transplantation.
Food and Drug Administration (FDA). We may use or disclose health information for purposes of notifying the FDA of adverse events with respect to food, supplements, product, and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacements.
Information Not Personally Identifiable. We may use or disclose health information about you in ways that do not personally identify you or reveal who you are.
Government Functions. We may use or disclose health information about you for specialized government functions, such as protection of public officials, national security and intelligence activities, or reporting to various branches of the armed services.
Workers Compensation. We may use or disclose health information about you to comply with laws and regulations related to workers compensation.
Correctional Institutions. If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may use or disclose health information about you. Such health information will be disclosed to the correctional institution or law enforcement official when necessary for the institution to provide you with health care and to protect the health and safety of others.
Affiliated Covered Entity. We are part of an affiliated covered entity with other entities that are under common ownership or control. The entity treats itself as a single entity for purposes of using and disclosing health information about you.
USES OR DISCLOSURES OF YOUR HEALTH INFORMATION BASED UPON YOUR WRITTEN AUTHORIZATION
Psychotherapy Notes. We must obtain your written authorization for most uses and disclosures of psychotherapy notes.
Marketing. We must obtain your written authorization to use and disclose health information about you for most marketing purposes.
Sale of Your Health Information. We must obtain your written authorization for any disclosure of health information about you which constitutes a sale of such health information.
Other Uses. Other uses and disclosures of health information about you, not described above, will be made only with your written authorization. You may revoke your authorization, at any time, in writing, except to the extent that we have taken action in reliance on the authorization.
OTHER APPLICABLE LAWS
This Notice is provided to you as a requirement of the Health Insurance Portability and Accountability Act (“HIPAA”). There are other laws that may apply and limit our ability to use and disclose health information about you beyond what we are allowed to do under HIPAA.
State Laws. We will comply with your state’s laws if they provide you with greater rights over your health information or provide for more restrictions on the use or disclosure of your health information.
Confidentiality of Alcohol and Drug Abuse Patient Records. The confidentiality of alcohol and drug abuse patient records by us is protected by Federal law and regulations. Generally, we may not say to a person outside our alcohol and drug treatment program that you attend the program or disclose any information identifying you as an alcohol or drug abuser, unless:
- You consent in writing;
- The disclosure is allowed by a court order; or
- The disclosure is made to medical personnel in a medical emergency or to qualified personnel for research, audit, or program evaluation.
Violation of the Federal law and regulations by the program is a crime. Suspected violations may be reported to appropriate authorities in accordance with Federal Regulations. Federal law and regulations do not protect any information about a crime committed by a patient either at the program or against any person who works for the program or about any threat to commit such a crime. Federal laws and regulations do not protect any information about suspected child abuse or neglect from being reported under State law to appropriate State or local authorities. For more information, see 42 U.S.C 290dd-3 and 42 U.S.C. 290ee-3 for Federal laws and 42 C.F.R Part 2 for Federal regulations.
USE OF COOKIES BY ADVERTISERS
Our sponsors and advertisers and their ad servers may use cookies when you view pages on our site. They use those cookies to collect non-personal information as a way of measuring the effectiveness of their advertising or to provide advertisements about goods and services that may be of interest to you or to avoid running the same ads to you over time. We do not control these third parties’ use of cookies or how they manage the non-personal information they gather through them. However, our sponsors and advertisers have agreed that they will not collect any personally identifiable information from our site visitors while they are on bluespiralmedspa.com. If you click on an advertisement on bluespiralmedspa.com and visit a site maintained by one of our sponsors or advertisers, please be aware that we are not responsible for the privacy practices of that site. You should read the privacy policies of each site you visit to determine what information that site may be collecting about you.
Some of our advertisers may participate in the Facebook/Nielsen program, which helps advertisers improve their measurement of advertising effectiveness. If you are a Facebook user and access a page on our site containing an ad from a participating advertiser, Facebook receives a random numeric code identifying the ad that was served to you. The ad is only identified to Facebook by the numeric code. Facebook does not receive information that identifies the product or the advertiser. Facebook, in turn, discloses only aggregate, de-identified information to Nielsen and the advertiser, not any personally identifiable information from your Facebook profile. You can learn more about this program and find out how to opt out here: https://www.facebook.com/help/769828729705201#What-is-the-Nielsen-partne… and http://www.nielsen-online.com/privacy.jsp?section=leg_scs.
GOOGLE ADS
Note that Google, as a third party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our site users based on their visit to our site and other sites on the Internet. No personally identifiable information is collected as part of Google’s process. Users may opt out of the use of this DART cookie by visiting Google’s privacy document.
If you would like more information about these practices and to know your choices about not having this information used by these companies, visit the Network Advertising Initiative. Some ad servers allow you to opt out of anonymous data collection through the use of cookies. To do so, you must opt out of such data collection with each individual site. You can opt out of cookies for several ad servers by visiting the Network Advertising Initiative gateway opt-out site. At that site, you can also review the privacy policies of those ad servers.
DISCLAIMER
Any materials, articles, statements, and linked websites on the pages that comprise this website are not provided in the course of a health/medical practitioner-client relationship. The material contained on this website does not constitute health/medical advice. The information presented may not be applicable to your particular situation. You should consult with a medical practitioner regarding your specific situation. This website may provide links to other websites that are provided for your convenience. Blue Spiral MedSpa undertakes reasonable efforts to keep the information contained in this website accurate. However, because Blue Spiral MedSpa compiles such information from numerous and varied sources and may experience reporting and processing errors or delays, Blue Spiral MedSpa does not vouch for the provider of such linked websites or the quality, reliability, or any other characteristic or feature of such linked websites. In addition, you should be aware that your use of any linked website is subject to the terms and conditions applicable to that website, including the privacy policies (or lack thereof) of such website. The action of communicating with Blue Spiral MedSpa via telephone, facsimile, or other means does not alone create a health practitioner-client relationship. Please also be aware that electronic mail on the Internet is not secure. Do not communicate any information via electronic mail that is sensitive or otherwise requires that level of confidentiality which the security of the Internet cannot provide. Confidential messages should be sent by other means of communication. Your use of this and any linked websites is solely at your own risk. Blue Spiral MedSpa makes no representations or warranties of any nature, whether expressed or implied, with respect to the information obtained through this or any linked websites, including without limitation, the implied warranties of merchantability and fitness for any particular purpose. You should confirm any and all information you intend to rely upon through your use of this website or any linked websites. Blue Spiral MedSpa shall not be liable (including without limitation with respect to any loss or injury you may suffer) to you or others for any matter associated with or decision made or action taken by you in reliance on the information obtained from or content provided in this or any linked websites.
Contact Information: If you have any questions, requests, or concerns about your Blue Spiral MedSpa-related health information rights or our use and disclosure of health information, please contact:
Chief Privacy Officer
Blue Spiral MedSpa
355 Oneta Street, D-600, Athens, 30601
706-955-1313Blue Spiral MedSpa
YOUR RIGHTS
When it comes to your health information, you have certain rights.
This section explains your rights and some of our responsibilities to help you.
- You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.
- We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.
- You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
- We may say “no” to your request, but we’ll tell you why in writing within 60 days.
- You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
- We will say “yes” to all reasonable requests.
- You can ask us not to use or share certain health information for treatment, payment or our operations.
- We are not required to agree to your request, and we may say “no” if it would affect your care.
- If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer.
- We will say “yes” unless a law requires to share that information.
- You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
- We will include all the disclosures except for those about the treatment, payment, and health care operations, and certain other disclosures (such as any you ask us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
- You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
- If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
- We will make sure the person has this authority and can act for you before we take any action.
- You can complain if you feel we have violated your rights by contacting us.
- You can file a complaint with the US Department of Health and Human Services Offices for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting https://www.hhs.gov/hipaa/filing-a-complaint/what-to-expect/index.html
- We will not retaliate against your filing a complaint.
YOUR CHOICES
For certain health information, you can tell us your choices about what we share.
If you have a clear preference for how we share your information in the situations describe below, talk to us. Tell us what you wand us to do, and we will follow your instructions.
-
- Share the information with your family, close friends, or others involved in your care.
- Share information in a disaster relief situation.
- Include your information in a hospital directory.
- Contact you for fundraising efforts.
If you are not able to tell us your preference, for example, if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
- Marketing purposes.
- Sale of your information.
- Most sharing of psychotherapy notes.
- We may contact you for fundraising efforts, but you can tell us not to contact you again.
OUR USES AND DISCLOSURES
How do we typically use or share your health information?
We typically use or share your health information in the following ways.
-
- We can use your health information and share it with other professionals who are treating you.
Example: A doctor treating you for an injury asks another doctor about your overall health condition.
-
- We can use and share your health information to run our practice, improve your care, and contact you when necessary.
Example: We use health information about you to manage your treatment and services.
-
- We can use and share your health information to bill and get payment from health plans or other entities.
Example: We give information about you to your health insurance plan so it will pay for your services.
How else can we use or share your health information?
We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html
HELP WITH PUBLIC HEALTH AND SAFETY ISSUES
- We can share health information about you for certain situations such as:
- Preventing disease
- Helping with product recalls
- Reporting adverse reactions to medications
- Reporting suspected abuse, neglect, or domestic violence
- Preventing or reducing a serious threat to anyone’s health or safety
DO RESEARCH
- We can use or share your information for health research.
COMPLY WITH THE LAW
- We will share information about you if a state or federal law requires it, including with the Department of Health and Humans Services if it wants to see that we’re complying with federal privacy law.
Respond to organ and tissue donation requests
- We can share health information about you with organ procurement organizations.
- We can share health information with a coroner, medical examiner, or funeral director when an individual dies.
- We can use or share health information about you:
- For workers’ compensation claims
- For law enforcement purposes or with a law enforcement official
- With health oversight agencies for activities authorized by law
- For special government functions such as military, national security, and presidential protective services
- We can share health information about you in response to a court or administrative order, or in response to a subpoena.
We do no manage or create a hospital directory. We do not create or maintain psychotherapy notes or substance abuse records at this practice.
OUR RESPONSIBILITIES
- We are required by law to maintain the privacy and security of your protected health information.
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
- We must follow the duties and privacy practices described in this notice and give you a copy of it.
- We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
For more information see: https://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html