Notice of Privacy Practices Under HIPPAA
Effective Date of Notice: 21 October 2022
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Geneoscopy, Inc. (Geneoscopy) is committed to protecting the privacy and confidentiality of your personal and health information.
The personal and health information that may identify you and relates to your past, present or future health condition, treatment, or payment for services is known as Protected Health Information, or PHI.
Our Responsibilities
Geneoscopy is required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH) to maintain the privacy and security of your PHI and to provide you with a notice of our legal duties, our privacy practices, and your patient rights.
This Notice of Privacy Practices Under HIPAA for US Residents (this “Notice”) describes how we may use and disclose your PHI to carry out treatment, payment, and health care operations and for other specified purposes that are permitted or required by law.
Whenever we use or disclose your PHI we are required to follow the terms of this Notice.
I. Uses and Disclosures of Your Health Information
Geneoscopy may use or disclose your PHI for the following purposes:
- Treatment. We may use or disclose your PHI for purposes of providing your medical treatment. For example, we use and disclose your PHI to perform our diagnostic testing services and provide results to your physician and other health providers involved in your care.
- Payment. We may use or disclose your PHI for purposes of billing and collecting payment for our services. For example, we may disclose PHI to your health plan in order to obtain payment for our services.
- Healthcare Operations. We may use or disclose your PHI to facilitate our laboratory operations. For example, we may review your PHI internally as part of an audit to confirm the quality of our services and accuracy of our testing.
- As Required by Law. We may use or disclose PHI if required to do so by federal or state law.
- Representatives and Individuals Involved in Your Care. We may disclose your PHI to friends or family members who are involved in your care, including those who are responsible for paying for your care. We may also disclose PHI to your personal representative, as established under applicable law, or to an administrator or authorized individual associated with your estate.
- Communication about Products and Services. We may use and disclose your PHI to contact you about other Geneoscopy products and services which we believe may be of interest to you. We do not disclose your PHI to third-parties for marketing purposes without your written authorization.
- Disclosures to Business Associates. We may disclose your PHI to companies who provide services to us. These business associates are required to protect the privacy and security of your PHI and notify us of any improper disclosure of information.
- Legal Proceedings. We may disclose your PHI as required to comply with a court or administrative order or in response to a subpoena, discovery request, or other legal process.
- De-Identification of PHI. We may de-identify your PHI by removing identifying features as determined by law to make it extremely unlikely that the information could identify you or be used in conjunction with other information to identify you.
- Research. Under certain circumstances, we may use or disclose your PHI for research purposes within Geneoscopy and with research collaborators outside of the company who are under contract and are also obligated to protect PHI. Where required, research projects at Geneoscopy are subject to review by a committee responsible for ensuring the protection of individual research subjects, appropriate patient authorization, and an adequate plan to safeguard PHI.
- Health and Safety. We may disclose your PHI to prevent or reduce the risk of a serious and imminent threat to the health and safety of an individual or the general public.
- Public Health Activities. We may disclose your medical information for public health activities. These activities generally include the following:
- To prevent or control disease, injury or disability
- To report child abuse or neglect
- To report reactions to medications or problems with products
- To notify people of recalls of products they may be using
- To notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition
- To notify the appropriate government authority if we believe you have been the victim of abuse, neglect or domestic violence. We will only make this disclosure if you agree or when otherwise required by law to the make the disclosure.
- Health Oversight Activities. We may disclose your medical information to a health oversight agency for activities authorized by law. These oversight activities include, for example, audits; investigations, proceedings or actions; inspections; and disciplinary actions; or other activities necessary for appropriate oversight of the health care system, government programs and compliance with applicable laws.
- Law Enforcement. We may disclose your medical information to law enforcement in very limited circumstances, such as to identify or locate suspects, fugitives, witnesses or victims of a crime, to report deaths from a crime, and to report crimes that occur on our premises.
- Disaster Relief Efforts. We may use or disclose your medical information to an authorized public or private entity to assist in disaster relief efforts. You may have the opportunity to object unless it would impede our ability to respond to emergency circumstances.
- Coroners, Medical Examiners and Funeral Directors. We may disclose medical information consistent with applicable law to coroners, medical examiners and funeral directors only to the extent necessary to assist them in carrying out their duties.
- Organ and Tissue Donation. We may disclose medical information consistent with applicable law to organizations that handle organ, eye or tissue donation or transplantation, only to the extent necessary to help facilitate organ or tissue donation or transplantation.
- Workers’ Compensation. We may disclose your medical information as authorized by law to comply with workers’ compensation laws and other similar programs established by law.
- Military, Veterans, National Security and Other Government Purposes. If you are a member of the armed forces, we may release your medical information as required by military command authorities or to the Department of Veterans Affairs. We may also disclose your medical information to authorized federal officials for intelligence and national security purposes to the extent authorized by law.
- Correctional Institutions. If you are or become an inmate of a correctional institution or are in the custody of a law enforcement official, we may disclose to the institution or law enforcement official information necessary for the provision of health services to you, your health and safety, the health and safety of other individuals and law enforcement on the premises of the institution and the administration and maintenance of the safety, security and good order of the institution.
Geneoscopy may also use or disclose your PHI in other ways as permitted by law including for example to Health Oversight Agencies and The Food and Drug Administration (FDA).
Uses and disclosures of PHI for purposes other than those described above will not be made without a written authorization signed by you or your personal representative.
Specific examples of uses and disclosures of medical information requiring your authorization include: (i) most uses and disclosures of your medical information for marketing purposes; (ii) disclosures of your medical information that constitute the sale of your medical information; and (iii) most uses and disclosures of psychotherapy notes (private notes of a mental health professional kept separately from a medical record).
Once you sign an authorization, you may revoke it by contacting Geneoscopy at any time except to the extent it has already been relied upon to use or disclose PHI.
II. Your Rights Regarding Your PHI
You have the following rights with respect to your PHI. To exercise any of these rights, please contact our Privacy Office using the contact information provided at the end of this Notice.
- Access PHI and Test Results. You or your authorized representative have the right to inspect and copy your PHI. You may retrieve your test results by contacting your physician or contacting Geneoscopy’s Customer Service department.
- Correct or Update Your Information. If you believe that there is an error in your PHI, you may request that we update it.
- Restriction Requests. You have the right to request restrictions on certain uses and disclosures of your PHI. We are not required to honor such requests unless the requested restriction regards disclosure to a health plan for purposes of payment or healthcare operations (but not for treatment) if the information applies solely to a healthcare item or service for which we have been paid out of pocket in full.
- Alternate Communications. You may request that we communicate with you about your PHI in a specific means or to an alternative postal mail or email address.
- Accounting of Disclosures. You may request a list, or accounting, of certain disclosures of your PHI made by us or our business associates for purposes other than treatment, payment, healthcare operations and certain other activities. The request must be in writing and the accounting will include disclosures made within the prior six years.
- Copy of Notice. You have the right to obtain a paper or electronic copy of this Notice upon request.
- Opt Out. If you do not wish for Geneoscopy to use or disclose your PHI for research purposes within Geneoscopy and with research collaborators outside of the company who are under contract and are also obligated to protect PHI, you can opt out by contacting Geneoscopy at the number below.
III. Breach Notification
Geneoscopy is required by law to notify you following the discovery that there has been a breach of your PHI, unless Geneoscopy reasonably determines, after investigating the situation and assessing the risk presented, that there is a low probability that the privacy or security of your PHI has been compromised. You will be notified in a timely fashion, no later than 60 days after discovery of the breach.
IV. Changes to Our Notice
Geneoscopy reserves the right to amend this Notice from time to time. When changes are made, we will promptly post the updated Notice on the Geneoscopy website at Geneoscopy.com.
V. Questions and Complaints
If you have any questions or comments about this Notice, or if you have any complaints about Geneoscopy’s privacy practices, please contact us using the contact information provided below. You may also file a complaint with the Secretary of the U.S. Department of Health and Human Services. Geneoscopy will not retaliate against you for filing a complaint.
VI. Contact Information
When communicating with us regarding this Notice, our privacy practices, or your privacy rights, please contact the Privacy Office using the following contact information:
Geneoscopy, Inc
(314) 887-7777 extension 1005