Contact Fill, LLC
HIPAA Notice of Privacy Practices
Your Information. Your Rights. Our Responsibilities.
The Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”) protects your health information and requires us to provide you with notice about our privacy practices and responsibilities. This notice describes how health information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
You have the right to:
• Get a copy of your paper or electronic medical record
• Correct your paper or electronic medical record
• Request confidential communication
• Ask us to limit the information we share
• Get a list of those with whom we’ve shared your information
• Get a copy of this privacy notice
• Choose someone to act for you
• File a complaint if you believe your HIPAA privacy rights have been violated
You have some choices about the way we use and share information as we:
• Tell family and friends about your condition
• Provide disaster relief
• Market our services and sell your information
• Raise funds
OUR USES AND DISCLOSURES
We may use and share your information as we:
• Provide contact lenses to you
• Bill for contact lenses we provide to you
• Run our organization
• Help with public health and safety issues
• Do research
• Comply with the law
• Address workers’ compensation, law enforcement, and other government requests
• Respond to lawsuits and legal actions
When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.
Get an electronic or paper copy of your medical record
- You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.
- We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.
Ask us to correct your medical record
- You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
- We may refuse your request, but we’ll tell you why in writing within 60 days.
Request confidential communications
- You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
- We will accommodate all reasonable requests.
Ask us to limit what we use or share
- You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care.
- If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will agree not to do so unless a law requires us to share that information.
Get a list of those with whom we’ve shared information
- You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
- We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
Get a copy of this privacy notice
You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
Choose someone to act for you
- If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
- We will make sure the person has this authority and can act for you before we take any action.
File a complaint if you feel your rights are violated
- You can complain if you feel we have violated your rights by contacting us using the information provided at the end of this Notice.
- You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting hhs.gov/ocr/privacy/hipaa/complaints/.
- We will not retaliate against you for filing a complaint.
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
In these cases, you have both the right and choice to tell us to:
- Share information with your family, close friends, or others involved in your care
- Share information in a disaster relief situation
If you are not able to communicate your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
In these cases, we never share your information unless you give us written permission:
- Marketing purposes
- Sale of your information (however, please note that we do not sell your information at this time)
Our Uses and Disclosures
How do we typically use or share your health information?
We typically use or share your health information in the following ways.
We can use your health information and share it with other professionals who are treating you.
Example: We may share information about your contact lens prescription records with your treating eye doctor.
Run our organization
We can use and share your health information to run our business, improve your care, and contact you when necessary.
Example: We may use health information about you to let you know when a contact lens prescription is expiring.
Example: We may use health information about you to conduct audit and compliance programs to monitor the quality of our performance and to train our personnel.
Bill for your services
We can use and share your health information to bill and get payment from health plans or other entities.
Example: We may provide information about you to your health insurance plan so it will pay for your contact lenses or to confirm that your contact lenses are covered by the plan.
How else can we use or share your health information?
We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
Help with public health and safety issues
We can share health information about you for certain situations such as:
- Preventing disease
- Helping with product recalls
- Reporting adverse reactions to certain contact lenses
- Preventing or reducing a serious threat to anyone’s health or safety
We can use or share your information for health research.
Comply with the law
We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
Work with a medical examiner or funeral director
We can share health information with a coroner, medical examiner, or funeral director when an individual dies.
Address workers’ compensation, law enforcement, and other government requests
We can use or share health information about you:
- For workers’ compensation claims
- For law enforcement purposes or with a law enforcement official
- With health oversight agencies for activities authorized by law
- For special government functions such as military, national security, and presidential protective services
Respond to lawsuits and legal actions
We can share health information about you in response to a court or administrative order, or in response to a subpoena.
- We are required by law to maintain the privacy and security of your protected health information.
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
- We must follow the duties and privacy practices described in this notice and give you a copy of it.
- We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
Changes to the Terms of this Notice
We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our website.
Please feel free to reach out to Contact Fill’s Compliance Officer for further information or with any questions about Contact Fill’s compliance with HIPAA:
Contact Fill, LLC
Attn: Privacy Officer
5040 Ritter Road
Mechanicsburg, PA 17055
Effective Date of Notice: October 10, 2021