HIPAA Notice

 

HIPAA Notice of Privacy Practices (“Notice”)

This HIPAA Notice of Privacy Practices (“Notice”) describes how medical information about you may be used and disclosed by TT Orthodontics (“Company”) and how you can get access to this information. Please review it carefully. This notice is effective as of 10/2/2024.

NOTICE OF PRIVACY PRACTICES 

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.  PLEASE REVIEW IT CAREFULLY. 

UNDERSTANDING YOUR HEALTH INFORMATION 

TT Orthodontics takes the confidentiality of your health information very seriously. We are required by law to provide you with this Notice of Privacy Practices (“Notice”) and follow the terms of this Notice while it is in effect. This Notice is intended to cover the company that does business as TT Orthodontics, as health care provider covered by HIPAA (“TT Orthodontics.”)

This Notice is a summary of your privacy rights, and your use of Our Services evidences your acceptance of the terms of this Notice. “Services” means any of the services TT Orthodontics or We offer, including orthodontic exams, orthodontic treatments, retainers, and xrays. TT Orthodontics also operates the website www.TTOrthodontics.com. In this Notice, “health information”, “protected health information”, and “PHI” refer to individually identifiable health information that We obtain from you in connection with the Services. Individual information that We receive from you which is not covered by HIPAA is covered by Our Terms of Use and Privacy Policy.

Each time you visit our office, we make a record of your visit in order to manage the care you receive.  We understand that the medical information that is recorded about you and your health is personal.  The confidentiality and privacy of your health information is also protected under both state and federal law.

This Notice of Privacy Practices describes how this office may use and disclose your information and the rights that you have regarding your health information.

How We Will Use or Disclose Your Health Information

Generally, We use and disclose your PHI for the normal business activities that fall in the categories of treatment, payment, and healthcare operations, in accordance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Below are a few examples of those activities (but note that not every use or disclosure that falls within each category is included).

Treatment:  We will use your health information for treatment.  Treatment includes providing, coordinating, and managing your care. We keep record of the PHI you provide to us in the course of using the Services. This record may include the results of your orthodontic exam, information We receive in connection with your general dentist, information related to your dental/orthodontic insurance plan, and other information We learn about your dental health through our provision of the Services. We may disclose this information so that other dentists, specialists, physicians, dental assistants, dental laboratories, or custom appliance fabricators can meet your healthcare needs. For example, information obtained by the orthodontist or other members of your healthcare team will be recorded in your record and used to determine the course of treatment that should work best for you.  Your orthodontist will document in your record his or her expectations of the members of your healthcare team.  Members of your healthcare team will then record the actions they took and their observations, so the physician will know how you are responding to treatment.  We will also provide your physician, or a subsequent healthcare provider, with copies of various reports that should assist him or her in treating you.

Payment:  We will use your health information for payment.  Payment includes billing, coverage, and claims activities. We document the Services that you receive when We provide care to you so that you (or, if applicable, your orthodontic insurance plan or another third party) can pay Us for the Services. If applicable, We may share information with your orthodontic insurance plan about upcoming treatment or Services that require prior approval by the plan. For example, a bill may be sent to you or your health plan.  The information on or accompanying the bill may include information that identifies you, as well as your diagnosis, procedures, and supplies used.

Health Care Operations: We will use your health information for our regular health care operations. We use PHI to improve the Services and train staff, and for case management, care coordination, business management, quality improvement, performance evaluation, marketing activities permitted under HIPAA, customer service activities, and other internal business purposes. For example, we may use information in your health record to assess the care and outcome in your case and others like it.  This information will then be used in a continued effort to improve the quality and effectiveness of the services we provide.

Business Associates:  We may enter into contracts with persons or entities known as business associates that provide services to or perform functions on our behalf.  Examples include our accountants, consultants, and attorneys.  We may disclose your health information to our business associates so they can perform the job we have asked them to do, once they have agreed in writing to safeguard your information.

Notification: We may use or disclose information to assist in notifying a family member, personal representative, or another person responsible for your care, of your location, and general condition.  If we are unable to reach your family member or personal representative, then we may leave a message for them at the phone number that they have provided to us, e.g., on an answering machine.

Communication with Family:  We may disclose to a family member, other relative, close personal friend or any other person you identify, health information relevant to that person’s involvement in your care or payment related to your care.

Appointment Reminders / Health Benefits:  We may contact you to provide appointment reminders or information about treatment alternatives or other health benefits that may be of interest to you.

Funeral Directors and Coroners:  We may disclose your health information to funeral directors, and to coroners or medical examiners, to carry out their duties consistent with applicable law.

Organ Procurement Organizations:  Consistent with applicable law, we may disclose your health information to organ procurement organizations or other entities engaged in the procurement, banking, or transplantation of organs for the purpose of tissue donation and transplant.

Research:  We may disclose your health information to researchers when their research has been approved by an institutional review board that has reviewed the research proposal and established protocols to ensure the privacy of your health information.  We may also disclose your health information to people preparing to conduct a research project, so long as the health information is not removed from us.  We may also use and disclose your health information to contact you about the possibility of enrolling in a research study.

Fundraising:  We may contact you as part of our fundraising efforts; however, you may opt-out of receiving such communications.

Food and Drug Administration (FDA):  We may disclose to the FDA health information relative to adverse events with respect to food, supplements, product, and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.

Workers’ Compensation:  We may disclose health information to the extent authorized by and to the extent necessary, to comply with laws relating to workers’ compensation or other similar programs established by law.

Public Health Activities:  As required by law, we may disclose your health information to public health, or legal authorities, charged with preventing or controlling disease, injury, or disability.

Health Oversight Activities:  We may disclose your health information to health oversight agencies for purposes of legally authorized health oversight activities, such as audits and investigations necessary for oversight of the health care system and government benefit programs.

Correctional Institution:  Should you be an inmate of a correctional institution, we may disclose to the institution, or agents thereof, health information necessary for your health and the health and safety of other individuals.

Judicial and Administrative Proceedings:  We may disclose your health information in a judicial or administrative proceeding if the request for the information is through an order from a court or administrative tribunal.  Such information may also be disclosed in response to a subpoena or other lawful process if certain assurances regarding notice to the individual or a protective order are provided.

Law Enforcement Purposes / Serious Threat to Health or Safety:  We may disclose your health information to enforcement officials for law enforcement purposes under certain circumstances and subject to certain conditions.  We may also disclose your health information to prevent or lessen a serious and imminent threat to a person or the public (when the disclosure is made to someone we believe can prevent or lessen the threat) or to identify or apprehend an escapee or violent criminal.

Victims of Abuse, Neglect, and Domestic Violence:  In certain circumstances, we may disclose your health information to appropriate government authorities if there are allegations of abuse, neglect, or domestic violence.

Essential Government Functions: We may disclose your health information for certain essential government functions (e.g., military activity and for national security purposes).

The following uses and disclosures will be made only with your authorization:  (i) with limited exceptions, uses and disclosures of your health information for marketing purposes, including subsidized treatment communications; (ii) disclosures that constitute a sale of your health information; and (iii) other uses and disclosures not described in this notice.  You may revoke your authorization at any time in writing, except to the extent that we have taken action in reliance on the use or disclosure indicated in the authorization.

Consistent with HIPAA, We may also use or disclose your PHI to:

  • Comply with requirements of federal, state, or local laws

  • Assist in public health and safety activities, such as tracking diseases or medical devices

  • Inform authorities in order to protect victims of abuse, neglect, or domestic violence

  • Comply with federal and state health oversight activities, audits, inspections and investigations

  • Respond to law enforcement officials, report crimes or emergencies, or pursuant to judicial or administrative orders, subpoenas, or other lawful process (such as lawsuits or legal actions)

  • Work with coroners, medical examiners, and funeral directors of information necessary for them to fulfill their duties or as authorized by law

  • Facilitate organ, eye, or tissue donation or procurement

  • Conduct research or research-related purposes (following internal review protocols to balance privacy and research needs)

  • Prevent or reduce a serious threat to anyone’s health or safety

  • Assist in specialized government functions, such as national security, intelligence, and protective services

  • Perform military and veteran activities, if you are an armed forces member or veteran

  • Inform a correctional institution or in custodial situations, such as if you are an inmate

  • Serve workers’ compensation purposes, such as to carriers or your employer if you are injured at work, as authorized by and as necessary to comply with relevant laws

  • Tell you about health-related products and services

  • Tell you about alternative treatments, therapies, health care providers, or care settings

  • Conduct case management, care coordination, or related functions

  • Send appointment confirmations and reminders

  • Communicate with individuals, such as friends and family, who are involved in your care or involved in the payment for that care

  • Communicate for notice or disaster relief purposes, included regarding decedents

  • Communicate within Our organization for treatment, payment, or healthcare operations.

  • Communicate with other providers, health plans, or their related entities for their treatment, payment, or healthcare operations activities

  • Provide services to affiliated orthodontic practices to assist them in providing Services to you

  • Provide information to other third parties with whom We do business in order to allow those third parties to provide services to Us or on Our behalf (Don’t worry—in these situations, We require third parties to provide Us with assurances that they will safeguard your PHI.)

Any other uses or disclosures not set forth in this Notice may only be performed with your written permission. Consistent with HIPAA, We will also obtain your written permission (also called an “authorization”) before We use or disclose your PHI for purposes which require an authorization, such as for certain types of marketing or sale of PHI. You may revoke your permission, in writing, at any time. If you do so, We will no longer use or disclose your PHI for the reasons covered by your written permission, but note that We are unable to take back any disclosures We have already made with your permission, and that We are required to retain Our records of the care that We’ve provided to you.

Our Responsibilities with Respect to your PHI

We're required by HIPAA to:

  • Maintain the privacy and security of your PHI

  • Provide this Notice setting forth Our legal duties and privacy practices regarding PHI

  • Abide by the terms of the version of this Notice currently in effect

  • Tell you if there has been a security breach that compromises the privacy or security of your PHI

Please note that some states have laws that may require that we apply extra protections to some of your health information.

Your Health Information Rights

Although your health record is the physical property of this office, you have the following rights with respect to your health information:

·                     Restrictions on disclosure. You may request that we not use or disclose your health information for a particular reason related to treatment, payment, our general healthcare operations, and/or to a particular family member, other relatives or close personal friend.  We ask that such requests be made in writing on a form provided by us. We’re not required to comply with such requests, and We may say “no” if it would affect your care. Although we will consider your request, please be aware that we are under no obligation to accept it or to abide by it, except as provided below.

·                     If you have paid for services or health care item out-of-pocket in full, you may request that we not disclose information related solely to those services to your health plan.  We ask that such requests be made in writing on a form provided by us.  We will say “yes” unless a law requires us to share that information, such as in certain emergency situations. We are not required to inform other providers of such a request, so you should notify any other providers regarding such a request.

·                     Confidential Communication. You have the right to request to receive confidential communications from us by alternative means or at an alternative location, such as at a specific telephone number, or to send mail to a different address. Such a request must be made in writing, and submitted to the Privacy Officer.  We will attempt to accommodate all reasonable requests.

·                     Inspect and copy. You may request to inspect and/or obtain copies of health information about you, whether electronic or in paper, which will be provided to you in the time frames established by law.  If we maintain your health information electronically in a designated record set, you may obtain an electronic copy of the information.  If you request a copy (paper or electronic), We will provide a copy or a summary of your PHI, usually within 30 days of receiving your request. If you request a copy (paper or electronic), we will charge you a reasonable, cost-based fee. We may, in certain limited circumstances, deny your request to inspect or copy your PHI. If We do so, We will inform you of the reason for the denial.

·                     Amend. If you believe that any health information in your record is incorrect, or if you believe that important information is missing, you may request that we correct the existing information or add the missing information.  Such requests must be made in writing, and must provide a reason to support the amendment.  We ask that you use the form provided by us to make such requests.  For a request form, please contact the Privacy Officer. We may, in certain limited circumstances, deny your request to amend your PHI. If We do so, we will tell you why in writing within 60 days and about your right to submit a statement of disagreement for inclusion in your records.

  • Accounting of disclosures. You may request that we provide you with a written accounting of all disclosures made by us during the time period for which you request (not to exceed six years), as required by law.  We ask that such requests be made in writing on a form provided by us.  Please note that accounting does not include all disclosures, e.g., disclosures to carry out treatment, payment, or healthcare operations and disclosures made to you or your legal representative or pursuant to an authorization (disclosures you asked Us to make); and certain other disclosures.  You will not be charged for your first accounting request in any 12-month period.  However, for any requests that you make thereafter within 12 months, you will be charged a reasonable, cost-based fee.  

·Choose someone to act for you. If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your HIPAA rights and make choices about your PHI. We will make sure the person has this authority and can act for you before We take any action.

·You have the right to be notified following a breach of your unsecured protected health information.

·Paper copy. You have the right to obtain a paper copy of our Notice of Privacy Practices upon request.

Changes to this Notice

We occasionally review this Notice to make sure it complies with applicable laws and conforms to changes in Our business. We may need to update this Notice, and we reserve the right to do so at any time. If We change the terms of this Notice, the new terms will apply to all PHI that We maintain about you, including PHI that was created or received before such changes were made. We will post the new Notice on Our websites and mobile applications, and will update the “Effective Date” at the top of this page so you can tell if it has changed since your last visit. We will make the new Notice available upon request. Your continued use of the Services constitutes your acceptance of the terms of such revised Notice.

For More Information or to Report a Problem

For more information see:
https://www.hhs.gov/hipaa/for-individuals/guidance-materials-for-consumers/index.html.

You have the right to complain to us and to the Secretary of the U.S.  Department of Health and Human Services (HHS) if you believe we have violated your privacy rights.  We will not retaliate against you for filing a complaint. 

For more information or to file a complaint with us, contact our Privacy Officer by phone at 414-269-8108 or mail as follows: 2323 S 109th St #275, West Allis, WI 53227-1912.  To file a complaint with the Secretary of Health and Human Services, call 877-696-6775 or send your complaint to: 200 Independence Avenue S.W., Washington, D.C. 20201 or visit www.hhs.gov/ocr/privacy/hipaa/complaints.

If you have any questions or want more information about this Notice of Privacy Practices, please contact our Privacy Officer.

Contacting TT Orthodontics

To exercise any of your rights set forth in this Notice, or for more information about Our privacy practices, email info@ttorthodontics.com or write to Attn: Privacy & Compliance, 2323 S 109th St #275, West Allis, WI 53227 or call 414-269-8108 and ask to speak to the HIPAA officer.