Last Revised: June 29, 2018

Notice of Privacy Practices

This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review carefully.

If you have any questions about this notice, please contact our designated privacy officer, Johnson Hsieh, at [email protected]

WHO IS COVERED BY THIS NOTICE

This notice describes CARDIOGRAM, INC.’s (Cardiogram’s) practices and that of:

  • Any health care professional authorized to access or enter information into your medical record maintained by Cardiogram.
  • All employees, staff, contractors, and agents of Cardiogram.
These individuals may share health information with each other for treatment, payment or health system operations purposes, as further described in this notice.

OUR PLEDGE REGARDING MEDICAL INFORMATION

We understand that your health information is personal. We are committed to protecting this information. We create a record of the care and services you receive. We need this record to provide you with quality care and to comply with certain legal requirements. This notice will tell you about the ways in which we may use and disclose your health information. We also describe your rights and certain obligations we have regarding the use and disclosure of health information. We are required by law to:

  • Make sure that your health information is kept private;
  • Give you this notice of our legal duties and privacy practices; and
  • Follow the terms of the notice that is currently in effect.

HOW WE MAY USE AND DISCLOSE YOUR HEALTH INFORMATION

The following categories describe different ways that we use and disclose medical information. We will explain what we mean and give some examples for each category. Not every use or disclosure in a category will be listed. However, all of the ways we are permitted to use and disclose information will fall within one of the categories.

For Treatment. We may use your health information to provide you with Cardiogram Care or other related services. We also may disclose medical or treatment information about you to people outside of the health system who may be involved in your medical treatment.

For Payment. We may use and disclose your health information so that the treatment and services you receive may be billed to, and payment may be collected from an insurance company, you, or a third party.

For example, we may tell your health plan about a treatment you are going to receive to obtain prior approval or to determine whether your plan will cover the treatment. We may also share your health information in order to facilitate payment to another provider who has participated in your care.

Reminders. We may use and disclose medical information to contact you as a reminder that you have an appointment for treatment or medical care. If you do not wish to receive appointment reminders, be sure to tell your health care provider.

Health Related Benefits and Services. We may use and disclose medical information to tell you about treatment options, health related benefits, or services that may be of interest to you.

As Required By Law. We will disclose medical information about you when required to do so by federal, state or local law.

To Avert a Serious Threat to Health or Safety. We may use and disclose medical information about you when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person.

Workers’ Compensation. We may release medical information to Workers’ Compensation, as required by workers’ compensation laws. This program provides benefits for work related injuries or illness.

Public Health Risks. As required by law, we may disclose your health information to public health authorities for purposes related to: preventing or controlling disease, injury, or disability; reporting medical device safety issues and adverse events to the federal Food and Drug Administration’s MedWatch program; and reporting disease or infection exposure.

Victims of Abuse, Neglect, or Domestic Violence. We may disclose pertinent health information to government agencies authorized by law to receive reports of abuse, neglect, or domestic violence if we believe that you have been such a victim.

Health Oversight Activities. We may disclose medical information to a health oversight agency for activities authorized by law. These oversight activities include, for example, audits, investigations, inspections, and licensure.

Judicial and Administrative Proceedings. We may disclose your health information in the course of an administrative or judicial proceeding, such as in response to a court order.

Law Enforcement. We may release medical information to a law enforcement official if required or permitted by law.

Deceased Person Information. We may release medical information to a coroner or medical examiner, or a funeral director as necessary to carry out their duties.

Specialized Government Functions. We may release medical information about you to authorized federal officials for national security and intelligence, military, or veteran’s activities required by law.

USES OF MEDICAL INFORMATION THAT REQUIRE AUTHORIZATION

Disclosures of medical information that are not related to treatment, payment, or health care operations, or are not otherwise covered by this notice (e.g., under “Special Situations”) can be made only with your specific written authorization. You may revoke that authorization, in writing, at any time. If you revoke your permission, we will no longer use or disclose medical information about you for the reasons covered by your written authorization. However, we will not be able to take back and disclosures that we have already made with your prior permission.

YOUR RIGHTS REGARDING MEDICAL INFORMATION ABOUT YOU

You have the following rights regarding medical information we maintain about you:

Right to Review and Copy. You have the right to inspect and obtain a copy of medical information that may be used to make decisions about your care. Usually, this information includes therapy, medical, and billing records, but does not include psychotherapy notes, information compiled for use in or created in anticipation of a civil, criminal or administrative action or proceeding, or certain lab test results subject to the Clinical Laboratories Improvement Act of 1988.

You must submit your request for your therapy record in writing to CARDIOGRAM, INC. If you request a copy of the information, we may charge a fee for the cost of copying, mailing, or other supplies associated with your request.

Right to Appeal a Denial of Access to Medical Information. We may deny your request if the health provider has determined that access to your health information is likely, for clearly stated treatment reasons, to have an adverse effect on you. If you are denied access to medical information, you may request that the denial be reviewed, or practitioner shall provide the record to a practitioner designated by you.

We may deny access without review if you are denied access to information compiled for use in or created in anticipation of a civil, criminal or administrative action or proceeding.

A licensed health care professional chosen by us will review your request and the denial. The person conducting the review will not be the person who denied your request. We will comply with the outcome of the review.

Right to Amend. If you feel that therapy and medical information we have about you is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is maintained. Submit your request to Cardiogram at [email protected] Your request must be made in writing and include a reason that supports your request.

We may deny your request if you ask us to amend information that:

  • Is not part of the information which you would be permitted to inspect and copy; or
  • We believe is accurate and complete.

Right to an Accounting of Disclosures. You have the right to request an “accounting of disclosures.” This is a list of the disclosures we made of medical information about you that are not related to treatment, payment, or health care operations, and for which we were not required to obtain your authorization.

You must submit your request in writing to Cardiogram at [email protected] Your request must:

  • Tell us the calendar dates you want to see. The time period cannot include more than six years of information, and cannot begin prior to Mar 1, 2016; and
  • Indicate in what form you want the list (paper, copy or electronic).

Charges: There will be no charge for the first list you request within a 12 month period. We may charge you for the costs of providing any additional lists. We will notify you of the cost involved. You may choose to withdraw or modify your request at that time before any costs are incurred.

Right to Request Restrictions. You have the right to request a restriction or limitation on the health information we use or disclose about you for treatment, payment or health care operations. You also have the right to request a limit on the health information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. We are not required to agree to your request. If we do agree, we will comply with your request unless the information is needed to provide you emergency treatment.

You must make your request for any restrictions in writing to Cardiogram at [email protected] In your request, you must tell us (1) what information you want to limit; (2) whether you want to limit our use, disclosure or both; (3) to whom you want the limits to apply (for example, disclosures to your spouse).

Right to Request Confidential Communications. You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you can ask that we only contact you at work or by mail.

You must make your request for confidential communications in writing to Cardiogram at [email protected] We will not ask you the reason for your request. We will accommodate all reasonable requests. Your request must specify how or where you wish to be contacted.

Right to a Paper Copy of This Notice. You have the right to a paper copy of this notice. You may ask us to give you a copy of this notice at any time. Even if you have agreed to receive this notice electronically. You are still entitled to a paper copy of this notice. You may also print a copy of this notice at our website: https://cardiogr.am/privacy

CHANGES TO THIS NOTICE

We reserve the right to change this notice. We reserve the right to make the revised or changed notice effective for medical information we already have about you as well as any information we receive in the future. Current copies of this notice will be available at any admitting or registration location. The current notice will also be posted at our website. The effective date of the notice is posted at the top of this page.

COMPLAINTS

If you believe your privacy rights have been violated, you may file a complaint by contacting the U.S. Office of Civil Rights, Washington, DC. All complaints must be submitted in writing. You will not be penalized for filing a complaint.