HIPAA Policy for Dimini Medical Weight Management and Wellness


NOTICE OF PRIVACY PRACTICES (HIPAA COMPLIANCE)/Effective as of July 27, 2021

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This Notice of Privacy Practices is NOT an authorization. This Notice of Privacy Practices describes how we, our Business Associates, and their subcontractors may use and disclose your protected health information (PHI), verbal, written or electronic, to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health condition and related health care services.

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION:

Your protected health information may be used and disclosed by your physician, our office staff and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to pay your health care bills, to support the operation of the physician’s practice, and any other use required by law. 

Treatment: We may use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to a physician to whom you have been referred, referring physicians, primary care physician, physical therapists, nutritionist/dietician, home health providers, laboratories, worker comp adjusters and nurse case managers, etc. to ensure that the healthcare provider has the necessary information to diagnose or treat you. 

Payment: Your protected health information may be used, as needed, to obtain payment for your health care services. For example, obtaining approval for a hospital stay, surgery, MRI or other diagnostic test, etc., may require that your relevant protected health information be disclosed to the health plan to obtain approval for the procedure and payment for treatment.

Health Care Operations: We may use or disclose, as needed, your protected health information in order to support the business activities of your physician’s practice. These activities include, but are not limited to, quality assessment, employee review, training of medical students, licensing, fundraising, and conducting or arranging for other healthcare operational activities. For example, we may disclose your protected health information to medical school students that see patients at our office. In addition, we may use a sign-in sheet at the registration desk where you will be asked to sign your name and indicate your physician. We may also call you by name in the waiting room when your physician is ready to see you. We may use or disclose your protected health information, as necessary, to contact you to remind you of your appointment, and inform you about treatment alternatives or other health-related benefits and services that may be of interest to you.

We may use or disclose your protected health information in the following situations without your authorization. These situations include: as required by law, public health issues as required by law, communicable diseases, health oversight, abuse or neglect, food and drug administration requirements, legal proceedings, law enforcement, coroners, funeral directors, organ donation, research, criminal activity, military activity and national security, workers’ compensation, inmates, and other required uses and disclosures. Under the law, we must make disclosures to you upon your request. Under the law, we must also disclose your protected health information when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements under Section 164.500. 

USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION:

Other Permitted and Required Uses and Disclosures will be made only with your consent, authorization or opportunity to object unless required by law. Without your authorization, we are expressly prohibited to use or disclose your protected health information for marketing purposes. We may not sell your protected health information without your authorization. We may not use or disclose most psychotherapy notes contained in your protected health information. We will not use or disclose any of your protected health information that contains genetic information that will be used for underwriting purposes. You may revoke the authorization, at any time, in writing, except to the extent that your physician or the physician’s practice has taken an action in reliance on the use or disclosure indicated in the authorization. 

YOUR RIGHTS:

Although all records concerning treatment are the property of Dimini Medical Weight Management and Wellness you have the following rights concerning private health information as provided by the Code of Federal Regulations (CFR). To exercise any of these rights, please contact, in writing:   HIPAA Compliance Officer, Dimini Medical Weight Management and Wellness, 3 Sugar Creek Center Blvd., Suite 100, Sugar Land, TX 77478.

Right to Inspect and Copy: You have the right to inspect or copy your protected health information whether in paper or electronic format as provided by 45 CFR §164.524.

Right to Request Restrictions:  You have the right to request restrictions on certain uses and disclosures of your private health information as provided by 45 CFR §164.522. Dimini Medical Weight Management and Wellness is not required to agree to honor the request.

Right to Confidential Communications:  You have the right to request confidential communication from us by alternative means or at an alternative location as provided by 45 CFR § 164.522.

Right to Request an Amendment to your PHI:  You have the right to amend your private health information as provided by 45 CFR §164.526.

Right to an Accounting:  You have the right to receive an accounting of disclosures of your private health information as provided by 45 CFR §164.528.

Right to Receive Copy of this Notice:  You have the right to obtain a paper copy of this notice from us, upon request.

Right to Revoke Authorization:  You have the right to revoke your authorization to use or disclose your private health information except to the extent that action has already been taken in reliance on your authorization.

Right to Receive Notice of a Breach:  We will notify you if your unsecured protected health information has been breached.

FOR MORE INFORMATION OR TO REPORT A PROBLEM:

If you have questions and would like additional information, you may contact: Our HIPAA Compliance Manager at 346-291-3431 and/or the address above.

If you believe your privacy rights have been violated, you may file a complaint with Dimini Medical Weight Management and Wellness and/or with the Secretary of the U.S. Department of Health and Human Services. To file a complaint with us, you must submit the complaint in writing to HIPAA Compliance Officer, Dimini Medical Weight Management and Wellness, 3 Sugar Creek Center Blvd., Suite 100, Sugar Land, TX  77478. There will be no retaliation for filing a complaint.

CHANGES TO THIS NOTICE:

We are required by law to maintain the privacy of, and provide individuals with, this notice of our legal duties and privacy practices with respect to protected health information. We are also required to abide by the terms of the notice currently in effect.  Dimini Medical Weight Management and Wellness reserves the right to change the terms of its notice and to make the new notice provisions effective for all protected health information that it maintains. Dimini Medical Weight Management and Wellness will post any revised Notice (prior to implementation of same).