Swanky Smiles
Notice Of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.


OUR COMMITMENT TO PROTECT YOUR HEALTH INFORMATION

Swanky Smiles, a provider of mobile orthodontic services, is dedicated to protecting your medical information. Swanky Smiles, under the “HIPAA Privacy Rule,” requires that we provide detailed notice in writing of our privacy practices. Your Protected Health Information (“PHI”) is information that identifies you and that relates to your past, present, or future health or condition, the provision of health care to you, or payment for that health care. We are required by law to maintain the privacy of your PHI and to give you this Notice about our privacy practices that explains your rights as our patient and how, when, and why we may use or disclose your PHI.   You will be asked to sign an Acknowledgment that you received this Notice.

We are required by law to follow the privacy practices described in this Notice, though we reserve the right to change our privacy practices and the terms of this Notice at any time and to apply those changes to all PHI in our possession. If we change our privacy practices and the terms of this Notice, we will post a copy on our website, www.swankysmiles.com, in a prominent location.

WHO WILL FOLLOW THIS NOTICE

This notice describes Swanky Smiles practices regarding the use of your medical information and that of:

  • Any health care professional authorized to enter information into your medical chart or medicarecord, including without limitation, Freeman Orthodontics, P.A. and other orthodontic service providers for Swanky Smiles.
  •  All employees, staff and other personnel who may need access to your information.

How We May Use and Disclose Your PHI

1. Treatment, Payment and  Health Care Operations.
As described below, we will use or disclose your PHI for treatment, payment, or health care operations. The examples below do not list every possible use or disclosure in a category.

TreatmentWe may use and disclose PHI about you to provide, coordinate or manage your health care and related services. We may consult with other health care providers regarding your treatment and coordinate and manage your health care with others. For example, we may use and disclose PHI when you need a prescription, lab work, xray or other health care services. We may also use and disclose PHI about you when referring you to another health care provider. For example, if you are referred to a specialist, we may disclose PHI to the specialist regarding your symptoms. We may also disclose PHI about you for the treatment activities of another health care provider. For example, we may send a report about your care from us to another general dentist so that the dentist may treat you.

Payment: We may use and disclose PHI so that we can bill and collect payment for the treatment and services provided to you. For example, we may send your insurance company a bill for services or release certain medical information to your health insurance company so that it can determine whether your treatment is covered under the terms of your health insurance policy. We also may use and disclose PHI for billing, claims management, and collection activitiesWe may also disclose PHI to another health care provider or to a company or health plan required to comply with the HIPAA Privacy Rule for the payment activities of that health care provider, company, or health plan. For example, we may allow a health insurance company to review PHI relating to their enrollees to determine the insurance benefits to be paid for their enrollees care.

Health Care Operations: We may use and disclose PHI in performing certain business activities which are called health care operations. Some examples of these operations include our business, accounting and management activities. These health care operations also may include quality assurance, utilization review, and internal auditing, such as reviewing and evaluating the skills, qualifications, and performance of health care providers taking care of you and our other patients and providing training programs to help students develop or improve their skills. If another health care provider, company, or health plan that is required to comply with the HIPAA Privacy Rule has or once had a relationship with you, we may disclose PHI about you for certain health care operations of that health care provider or companyFor example, such health  care operations may include assisting  with  legal compliance activities of that health care provider or company. Also, AFCN is a member of one or more Clinically Integrated Networks (“CINs), including Arkansas Health Network, LLC, and Baptist Health Physician Partners and is part of one or more Organized Health Care Arrangements (“OHCAs). We share PHI with the CINs and the OHCAs for health care operations purposes that include physician performance evaluations, controlling utilization of health care services, and determinations on whether AFCN is eligible to receive certain shared savings financial incentives.

2. Communications To You From Our Office.
We may use or disclose medical information in order to contact you as a reminder that you have an appointment for treatment or other medical care, to tell you about or recommend possible treatment options or alternatives that may be of interest to you, or to inform you about healthrelated benefits or services that may be of interest to you.

3. Communications To Family, Friends If You Agree Or Do Not Object; Disaster Relief.
We may disclose PHI to your relatives, close friends or any other person identified by you if the PHI is directly related to that persons involvement in your care or payment for your care. Generally, except in emergency situations, we will inform you of our intended action prior to making any such uses and disclosures and will, at that time, offer you the opportunity to object. However, if you are not present or are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment We also may use and disclose your health information for the purpose of locating and notifying your relatives or close personal friends of your location, general condition or death, and to organizations that are involved in those tasks during disaster situations. We will provide you with an opportunity to agree or object to such disclosures whenever it is practical to do in a disaster relief situation.

4. Other Uses And Disclosures Authorized By The HIPAA Privacy Rule.
We may use and disclose PHI about you in the following circumstances, provided that we comply with certain legal conditions set forth in the HIPAA Privacy Rule.

Required By Law. We may use or disclose PHI as required by federal, state, or local law if the disclosure complies with the law and is limited to the requirements of the law.

Public Health Activities. We may disclose PHI to public health authorities or other authorized persons to carry out certain activities related to public health, including to:

  • Prevent or control disease, injury, or disability or report disease, injury, birth, or death;
  • Report child abuse or neglect;
  • Report information regarding the quality, safety, or effectiveness of products or activitieregulated by the federal Food and Drug Administration;
  • Notify a person who may have been exposed to a communicable disease in order to control who may be at risk of contracting or spreading the disease; or
  • Report to employers, under limited circumstances, information related primarily to workplace injuries or illness or workplace medical surveillance.
  • Report to schools, under limited circumstances, proof of immunization.

Abuse, Neglect, or Domestic Violence. We may disclose PHI to proper government authorities if we reasonably believe that a patient has been a victim of domestic violence, abuse, or neglect.

Health Oversight. We may disclose PHI to a health oversight agency for oversight activities including, for example, audits, investigations, inspections, licensure and disciplinary activities and other activities conducted by health oversight agencies to monitor the health care system, government health care programs, and compliance with certain laws.

Legal Proceedings. We may disclose PHI as expressly required by a court or administrative tribunal order or in compliance with state law in response to subpoenas, discovery requests or other legal process when we receive satisfactory assurances that efforts have been made to advise you of the request or to obtain an order protecting the information requested.

Law Enforcement. We may disclose PHI to law enforcement officials under certain specific conditions where the disclosure is:

  • About a suspected crime victim if the person agrees or, under limited circumstances, we are unable to obtain the person’s agreement because of incapacity or emergency;
  • To alert law enforcement of a death that we suspect was the result of criminal conduct;
  • In response to authorized legal process or required by law;
  • To identify or locate a suspect, fugitive, material witness, or missing person;
  • About a crime or suspected crime committed on our premises; or
  • In response to a medical emergency not occurring on our premises, if necessary to report crime.

Coroners, Medical Examiners or Funeral Directors. We may disclose PHI regarding a deceased patient to a coroner, medical examiner or funeral director so that they may carry out their jobs. We also may disclose such information to a funeral director in reasonable anticipation of a patient’s death.

Organ Donation. We may disclose PHI to organizations that help procure, locate, and transplant organs in order to facilitate organ, eye, or tissue donation and transplantation.

Threat to Health or Safety. In limited circumstances, we may disclose PHI when we have a good faith belief that the disclosure is necessary to prevent a serious and imminent threat to the health or safety of a person or to the public.

Specialized Government Functions. We may disclose PHI for certain specialized government functions, such as military and veteran activities, national security and intelligence activities, protective services for the president and others, medical suitability determinations, and for certain correctional institutions or in other law enforcement custodial purposes.

Compliance Review. We are required to disclose PHI to the Secretary of the United States Department of Health and Human Services when requested by the Secretary to review our compliance with the HIPAA Privacy Rule.

Workers Compensation. We may disclose PHI in order to comply with laws relating to workers’ compensation or other similar programs.

Research. For research purposes under certain limited circumstances for research projects that have been evaluated and approved through an approval process that takes into account patients’ need for privacy. We must obtain a written authorization to use and disclose PHI about you for research purposes except in situations where a research project meets specific, detailed criteria established by the HIPAA Privacy Rule to ensure the privacy of PHI.

Data Breach Notification Purposes. We may use or disclose your PHI to provide legally required notices of unauthorized access to or disclosure of your health information, if that happens.

5. Emergencies.
We may use or disclose your PHI in an emergency treatment situation in compliance with applicable laws and regulations.

6. Your Written Authorization is Required for Other Uses and Disclosures.
 The following uses and disclosures of your PHI will be made only with your written authorization:

  • Psychotherapy Notes. Certain uses or disclosures of Psychotherapy Notes;
  •  Marketing. Uses and disclosures of PHI for marketing purposes;
  •  Sale. Uses and disclosures that constitute a sale of your PHI, and
  • All Other Uses; Revocation. All other uses and disclosures of your PHI not covered by this Notice or the laws that apply to us will be made with only with your written authorization. If you have authorized us to use or disclose PHI about you, you may revoke your authorization at any time, except to the extent we have taken action based on the authorization.

Your Rights Regarding Your Protected Health Information

The HIPAA Privacy Rule gives you several rights with regard to your PHIThese rights include:

1. Right to Request Restrictions.

Out of Pocket Payments. Unless otherwise required by law, we are required to agree to your request to restrict use and disclosure of your PHI to a health plan for payment or health care operations when the information you wish to restrict pertains solely to a health care item or service for which you have paid us “outofpocket in full. (In other words, you have requested that we not bill your health insurance plan and have paid us yourself.)

Other Requests. You have the right to request a restriction or limitation on the PHI we use or disclose about you for treatment, payment or health care operations, or that we disclose to those who may be involved in your care or  payment for your care. For example, you could  ask  that we not share information about a particular diagnosis or treatment with your spouse. While we will consider your request for a restriction, we are not required to agree to it. If we do agree to your request, we will comply with your request except as required by law or for emergency treatmentTo request restrictions, you must make your request in writing on our Request for Additional Privacy Form to the Clinic Manager at each of the Clinic locations where additional privacy is requested.

2. Right to Receive Confidential Communications.
You have the right to request that you receive communications regarding PHI in a certain manner or at a certain location. For example, you may request that we contact you at home, rather than at work. You must make your request in writing by submitting our Request for Alternative Communication Form specifying how you would like to be contacted (for example, by regular mail to your post office box and not your home) to the Clinic Manager at each of the Clinic locations where alternative communications are requested. We will accommodate all reasonable requests.

3. Right to Inspect and Copy.
You have the right to inspect and receive a copy of your PHI contained in records we maintain that may be used to make decisions about your care. These records usually include your medical and billing records but do not include psychotherapy notes; information gathered or prepared for a civil, criminal, or administrative proceeding; or PHI that is subject to law that prohibits access. To inspect and copy your PHI, please contact our Privacy Officer at the address listed on the last page of this Notice. If you request a copy of PHI about you, we may charge you a reasonable fee for the copying, postage, labor and supplies used in meeting your request. We may deny your request to inspect and copy PHI only under limited circumstances, and in some cases, a denial of access may be reviewable.

4. Right to an Electronic Copy of Electronic Medical Records.
If your PHI is maintained in an electronic format, you have the right to request that an electronic copy of your record be given to you or transmitted to another individual or entity. A request to transmit your record to another individual or entity must be in writing, signed by you, and must clearly identify the designated person and where to send the PHI. We will make every effort to provide access to your PHI in the form or format you request, if it is readily producible in the form or format you request. If not readily producible, your record will be provided in a readable electronic format. We may charge you a reasonable costbased fee for the labor and supplies associated with transmitting or providing an electronic copy of the medical record.

5. Right to Amend.
If you feel that medical information we have about you is incorrect or incomplete, you may ask us to amend the information for as long as such information is kept by or for us. You must submit your request to amend in writing to our Privacy Officer and give us a reason for your request. We may deny your request in certain cases. If your request is denied, you may submit a written statement disagreeing with the denial, which we will keep on file and distribute with all future disclosures of the information to which it relates.

6. Right to Receive an Accounting of Disclosures.
You have the right to request a list of certain disclosures of PHI made by us during a specified period of up to six years prior to the request, except disclosures for treatment, payment or health care operations; made to you; to persons involved in your care or for the purpose of notifying your family or friends of your whereabouts; for national security or intelligence purposes; made pursuant to your written authorization; incidental to another permissible use or disclosure; for certain notification purposes (including national security, intelligence, correctional, and law enforcement purposes); or made before April 14, 2003. If you wish to make such a request, please contact our Privacy Officer. The first accounting that you request in a 12month period will be free, but we may charge you for our reasonable costs of providing additional lists in the same 12month period. We will tell you about these costs, and you may choose to cancel your request at any time before costs are incurred.

7. Right to Get Notice of a Breach.
If there is a breach of any of your unsecured PHI, you have the right to be notified.

8. Right to a Paper Copy of this Notice.
You have a right to receive a paper copy of this Notice at any time. You are entitled to a paper copy of this Notice even if you have previously agreed to receive this Notice electronically. To obtain a paper copy of this Notice, please contact our Privacy Officer.

Complaints

If you believe your privacy rights have been violated, you may file a complaint with us, or the Secretary of the United States, Department of Health and Human Services. To file a complaint with our office, please contact our Privacy Officer. We will not take action against you or retaliate against you in any way for filing a complaint.

Questions

If you have any questions or need additional information about this Notice, please contact our Privacy Officer.

How Company Shares Information About You

You may contact our Privacy Officer at the following address and phone number:

HIPAA Privacy Officer
317 Commercial Street NE, Ste. A # 170
Albuquerque, New Mexico 87102
(888) 901-9901

EFFECTIVE DATE: This notice was published and first became effective on October 01, 2017.