State of New York	Rev. 133C579
PRIVACY POLICY MDANYWHERE

Version Date: April 24, 2023

GENERAL

The doctors (“Providers”) of Access Medical Associates, PLLC (“Medical Group”) respect the privacy of the users (“user” or “you”) that use the website located at MDAnywhere.com, including other media forms, media channels, mobile website or mobile application related or connected thereto (collectively, the “Website”) in order to obtain medical care from the Medical Group. The following privacy policy (“Privacy Policy”) is designed to supplement the Medical Group’s notice of privacy practices (“NPP”), and inform you, as a user of the Website, about the types of information that the Medical Group may gather about or collect from you in connection with your use of the Website. It also is intended to explain the conditions under which the Medical Group uses and discloses that information, and your rights in relation to that information. Changes to this Privacy Policy are discussed at the end of this document. Each time you use the Website, however, the current version of this Privacy Policy will apply. Accordingly, each time you use the Website you should check the date of this Privacy Policy (which appears at the beginning of this document) and review any changes since the last time you used the Website. In the event of a conflict between this Privacy Policy and the Medical Group’s NPP, the terms of the NPP shall prevail.

The Website is hosted in the United States of America and is subject to U.S. state and federal law. If you are accessing our Website from other jurisdictions, please be advised that you are transferring your personal information to us in the United States, and by using our Website, you consent to that transfer and use of your personal information in accordance with this Privacy Policy. You also agree to abide by the applicable laws of applicable states and U.S. federal law concerning your use of the Website and your agreements with us. Any persons accessing our Website from any jurisdiction with laws or regulations governing the use of the Internet, including personal data collection, use and disclosure, different from those of the jurisdictions mentioned above may only use the Website in a manner lawful in their jurisdiction. If your use of the Website would be unlawful in your jurisdiction, please do not use the Website.

BY USING OR ACCESSING THE WEBSITE, YOU ARE ACCEPTING THE PRACTICES DESCRIBED IN THIS PRIVACY POLICY AND OUR NOTICE OF PRIVACY PRACTICES.

GATHERING, USE AND DISCLOSURE OF NON-PERSONALLY-IDENTIFYING INFORMATION

Users of the Website Generally

“Non-Personally-Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific person. “Personally-Identifying Information,” by contrast, is information such as a name or email address that, without more, can be directly associated with a specific person. Like most website operators, Medical Group gathers from users of the Website Non-Personally-Identifying Information of the sort that Web browsers, depending on their settings, may make available. That information includes the user’s Internet Protocol (IP) address, operating system, browser type and the locations of the websites the user views right before arriving at, while navigating and immediately after leaving the Website. Although such information is not Personally-Identifying Information, it may be possible for Medical Group to determine from an IP address a user’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. Medical Group analyzes Non-Personally-Identifying Information gathered from users of the Website to help Medical Group better understand how the Website is being used. By identifying patterns and trends in usage, Medical Group is able to better design the Website to improve users’ experiences, both in terms of content and ease of use. From time to time, Medical Group may also release the Non-Personally-Identifying Information gathered from Website users in the aggregate, such as by publishing a report on trends in the usage of the Website.

Web Cookies

A “Web Cookie” is a string of information which assigns you a unique identification that a website stores on a user’s computer, and that the user’s browser provides to the website each time the user submits a query to the website. We use cookies on the Website to keep track of services you have used, to record registration information regarding your login name and password, to record your user preferences, to keep you logged into the Website and to facilitate purchase procedures. Medical Group also uses Web Cookies to track the pages that users visit during each Website session, both to help Medical Group improve users’ experiences and to help Medical Group understand how the Website is being used. As with other Non-Personally-Identifying Information gathered from users of the Website, Medical Group analyzes and discloses in aggregated form information gathered using Web Cookies, so as to help Medical Group, its partners and others better understand how the Website is being used. WEBSITE USERS WHO DO NOT WISH TO HAVE WEB COOKIES PLACED ON THEIR COMPUTERS SHOULD SET THEIR BROWSERS TO REFUSE WEB COOKIES BEFORE ACCESSING THE WEBSITE, WITH THE UNDERSTANDING THAT CERTAIN FEATURES OF THE WEBSITE MAY NOT FUNCTION PROPERLY WITHOUT THE AID OF WEB COOKIES. WEBSITE USERS WHO REFUSE WEB COOKIES ASSUME ALL RESPONSIBILITY FOR ANY RESULTING LOSS OF FUNCTIONALITY.

 

Web Beacons

A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. Medical Group may use Web Beacons on the Website and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personally-Identifying Information. They are a technique Medical Group may use to compile aggregated statistics about Website usage. Web Beacons collect only a limited set of information, including a Web Cookie number, time and date of a page or email view and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Web Cookies or modifying your browser setting to notify you each time a Web Cookie is tendered, permitting you to accept or decline Web Cookies on an individual basis.

Analytics

We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics for Display Advertising. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout/) and/or opt out from Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads Settings (www.google.com/settings/ads).

 

Aggregated and Non-Personally-Identifying Information

 

We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on the Website and on websites of third parties. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to the Website and the most popular features or services accessed. This information does not contain any Personally-Identifying Information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.

 

SOCIAL MEDIA 

We may provide you the option to connect your account on the Website to your account on some social networking sites for the purpose of logging in, uploading information or enabling certain features on the Website. When logging in using your social network credentials, we may collect the Personally-Identifying Information you have made publicly available on the social networking site, such as your name, profile picture, cover photo, username, gender, friends network, age range, locale, friend list and any other information you have made public. By connecting your account on the Website to your account on any social networking site, you hereby consent to the continuous release of information about you to us.  We will not send any of your account information to the connected social networking site without first disclosing that to you. We will never send Protected Health Information (PHI) to a social networking site, however the social networking site will record the fact that you visited our site, and we do not have control over how that information will be used. Each social network may further allow you to set privacy controls around your information on their system, and our collection of information will always follow such controls and permissions. This feature is subject to continuous change and improvement by us and each social networking site involved, and therefore the available features and shared information are subject to change without notice to you.  You always have the option of not using your social network login to access our site, and can instead register directly with our site.

We may use hyperlinks on the Website which will redirect you to a social network if you click on the respective links. However, when you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button or the Google+, that particular social network’s plugin will be activated and your browser will directly connect to that provider’s servers. If you do not use these buttons, none of your data will be sent to the respective social network’s plugin provider. So for example, when you click on the Facebook’s “Like” button on the Website, Facebook will receive your IP address, as well as the browser version, screen resolution, and operating system of the device you have used to access the Website. Settings regarding privacy protection can be found on the websites of these social networks and are not within our control.

COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION

Website Registration

As defined above, Personally-Identifying Information is information that can be directly associated with a specific person. Medical Group may collect a range of Personally-Identifying Information from and about Website users. Much of the Personally-Identifying Information collected by Medical Group about users is information provided by users themselves when (1) registering for our service, (2) logging in with social network credentials, (3) participating in surveys or other features of our service, or responding to offers or advertisements, (4) communicating with us, (5) signing up to receive newsletters. That information may include each user’s name, address, email address and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date or other financial information). We also may request information about your gender, age, date of birth, username, and other demographic or relevant information as determined by Medical Group from time to time. Users of the Website are under no obligation to provide Medical Group with Personally-Identifying Information of any kind, with the caveat that a user’s refusal to do so may prevent the user from using certain Website features.

BY REGISTERING WITH OR USING THE WEBSITE, YOU CONSENT TO THE USE AND DISCLOSURE OF YOUR PERSONALLY-IDENTIFYING INFORMATION AS DESCRIBED IN THIS “COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION” SECTION.

Communications with Medical Group

We will use your email address to send you various notifications, including but not limited to notification that a secure message is waiting for you in the Website, or other non-medically related account notifications. We may also send emails asking about a visit you did not complete, or asking for feedback about your experience using our service. We may occasionally use your name and email address to send you notifications regarding new services offered by the Website that we think you may find valuable. We may also send you service-related announcements from time to time through the general operation of the service. Emails we send may contain information including but not limited to your name, email address, medical record number, status of your prescription(s), and the date of service. Generally, you may not opt out of such emails at the time of registration or through your account settings, as they are essential to provide medical care safely and efficiently. We reserve the right to send you notices about your account, such as service announcements and administrative messages. We may share your email and name with third party email platforms that assist us in sending you emails.

When you create an account on the Website, you are asked to provide an email address. If you give us an incorrect email address, we will unknowingly send an email to that incorrect address, which may contain Personally-Identifying Information.

We will use your telephone number to call you with any questions, leave voice messages, and in certain cases ask if the condition you were treated for is improving, or ask for feedback on your experience using our service. We will also send you text/SMS messages informing you that a prescription is ready or other notifications regarding the progress of your visit. It will be clear that the text/SMS is from Medical Group. No Protected Health Information (PHI) will be sent via email or text/SMS, as these modes of communication are not encrypted. Any emails containing PHI sent to our administrative email addresses will be immediately deleted and notification will be sent to you that your message was deleted. You should only contact the Provider directly using the secure messaging system on the Website.

Medical Group Disclosures

Medical Group will disclose Personally-Identifying Information under the following circumstances:

•   By Law or to Protect Rights. When we believe disclosure is appropriate, we may disclose Personally-Identifying Information in connection with efforts to investigate, prevent or take other action regarding illegal activity, suspected fraud or other wrongdoing; to protect and defend the rights, property or safety of Medical Group, our users, our employees or others; to comply with applicable law or cooperate with law enforcement; to enforce our Terms of Use or other agreements or policies, in response to a subpoena or similar investigative demand, a court order or a request for cooperation from a law enforcement or other government agency; to establish or exercise our legal rights; to defend against legal claims; or as otherwise required by law. In such cases, we may raise or waive any legal objection or right available to us.

•  Marketing Communications.Unless users opt-out from receiving Medical Group marketing materials upon registration, Medical Group may email users about products and services that Medical Group believes may be of interest to them. If you wish to opt-out of receiving marketing materials from Medical Group, you may do so by following the unsubscribe link in the email communications, by going to your account settings (if applicable) or contacting us using the contact information below.

•  Third-Party Service Providers. We may share your Personally-Identifying Information, which may include your name and contact information (including email address) and your Protected Health Information (PHI) with our authorized service providers that perform certain services on our behalf. These services may include but are not limited to filling prescriptions, providing customer service, supporting the Website’s functionality and supporting other features offered through the Website. We may also share your name, contact information and credit card information with our authorized service providers who process credit card payments. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purpose.

•  Business Transfers; Bankruptcy. Medical Group reserves the right to transfer all Personally-Identifying Information and Protected Health Information (PHI) in its possession to a successor organization in the event of a merger, acquisition, bankruptcy or other sale of all or a portion of Medical Group’s assets. Other than to the extent ordered by a bankruptcy or other court, the use and disclosure of all transferred Personally-Identifying Information will be subject to this Privacy Policy, or to a new privacy policy if you are given notice of that new privacy policy and are given an opportunity to affirmatively opt-out of it. Personally-Identifying Information submitted or collected after a transfer, however, may be subject to a new privacy policy adopted by the successor organization.

How We Use and Disclose Your Protected Health Information (PHI):

Some of the health data the Website collects is protected by the Health Insurance Portability and Accountability Act (HIPAA). State and United States Federal law dictate the rights you have over your PHI. Please refer to the Notice of Privacy Practices for further information on how we use and disclose your PHI.  We collect, use, and disclose your PHI to run health care operations and allow our Providers to render safe and effective care, improve our current services, collect payment, and comply with state and US federal regulations. We use multiple safeguards to protect your PHI.  The website and all data contained within is encrypted and stored on a secure server, and all data is encrypted while being transmitted. We encrypt data on your device when necessary, however there is always a risk that some of your PHI data could be stored unencrypted on your device. We do take steps to prevent your PHI from being stored unencrypted on your device, but we cannot guarantee that these safeguards will be effective.

Only the minimum necessary Protected Health Information (PHI) will be sent via email or text/SMS, as these modes of communication are not encrypted. The information we send may include your name, date of birth and/or medical record number, date of using our Service, notification that a visit with us was completed and a prescription was sent and/or is ready, and a link to discharge instructions that can only be accessed by logging in to your MDAnywhere.com portal. Information that identifies the condition that was treated or the specific medications prescribed will not be sent. By using the Website, you consent to the transmission of this information to you via these means. Emails or text/SMS messages you send to the Medical Group through MDAnywhere.com staff are also not secure or encrypted, and there is a possibility that other people may gain access to these emails or text/SMS messages and thus any PHI, Personally-Identifying Information, or photos contained within them.

In order to provide treatment and support healthcare operations, we share your PHI with the Providers and certain select organizations that provide us with services, including but not limited to the online prescribing service that allows us to send your prescription electronically to your pharmacy and the pharmacy that will fill your prescription. We may also share your PHI with our staff to help  provide you safe, appropriate and efficient care. It is also possible that PHI may be accessible by the staff who maintain the Website (i.e. programmers, technical support staff), which, due to the nature of online medical care, is sometimes necessary.

We share your Personally-Identifying Information and PHI (which includes payment information details), with our payment processor(s), who if you choose, may store your information to make future transactions faster and more convenient for you.

We use a company to help us communicate with you via text/SMS messages, and we will share your telephone number with them. We also share your telephone number with the telecommunication provider we use to communicate with you.

Any information you provide is stored in your medical record, and this applies to visits you have completed, or visits you have started and not completed. This includes any photos. All data is protected.

When possible, we enter into agreements with any third parties with whom we share your PHI that ensure they are legally bound by the restrictions of our Privacy Policy and Notice of Privacy Practices.

Rights You Have to Your Protected Health Information (PHI)

Please refer to the Notice of Privacy Practices for further information on your rights to your PHI.

Changing Personally-Identifying Information; Account Termination

Federal and state law prevents us from deleting information from your medical record.  You may at any time review or change your Personally-Identifying Information by going to your account settings (if applicable) or contacting us using the contact information below.  Upon your request, we will deactivate or delete your account and contact information from our active databases. Such information will be deactivated or deleted as soon as practicable based on your account activity and accordance with our deactivation policy and applicable law. To make this request, either go to your account settings (if applicable) or contact us as provided below. We will retain in our files some Personally-Identifying Information and Protected Health Information (PHI) to prevent fraud, to troubleshoot problems, to assist with any investigations, to enforce our Terms of Use and to comply with legal requirements as is permitted by law. Therefore, you should not expect that all your Personally-Identifying Information and PHI will be completely removed from our databases in response to your requests. Additionally, we keep a history of changed information to investigate suspected fraud with your account.

General Use

Medical Group uses the Personally-Identifying Information in the file we maintain about you, and other information we obtain from your current and past activities on the Website (1) to deliver the products and services that you have requested; (2) to manage your account and provide you with customer support; (3) to communicate with you by email, postal mail, telephone and/or mobile devices about products or services that may be of interest to you from us; (4) to develop and display content and advertising tailored to your interests on the Website and other sites; (5) to resolve disputes and troubleshoot problems; (6) to measure consumer interest in our services; (7) to inform you of updates; (8) to customize your experience; (9) to detect and protect us against error, fraud and other criminal activity; (10) to enforce our Terms of Use; and (11) to do as otherwise described to you at the time of collection. At times, we may look across multiple users to identify problems. In particular, we may examine your Personally-Identifying Information to identify users using multiple user IDs or aliases. We may compare and review your Personally-Identifying Information for accuracy and to detect errors and omissions. We may use financial information or payment method to process payment for any purchases made on the Website, enroll you in the discount, rebate, and other programs in which you elect to participate, to protect against or identify possible fraudulent transactions and otherwise as needed to manage our business.

COLLECTION AND USE OF INFORMATION BY THIRD PARTIES GENERALLY

Medical Group contractually prohibits its contractors, affiliates, vendors and suppliers from disclosing Personally-Identifying Information received from Medical Group, other than in accordance with this Privacy Policy. However, third parties are under no obligation to comply with this Privacy Policy with respect to Personally-Identifying Information that users provide directly to those third parties, or that those third parties collect for themselves. These third parties include advertisers, providers of games, utilities, widgets and a variety of other third-party applications accessible through the Website. Medical Group neither owns nor controls the third-party websites and applications accessible through the Website. Thus, this Privacy Policy does not apply to information provided to or gathered by the third parties that operate them. Before visiting a third party, or using a third-party application, whether by means of a link on the Website, directly through the Website or otherwise, and before providing any Personally-Identifying Information to any such third party, users should inform themselves of the privacy policies and practices (if any) of the third party responsible for that website or application, and should take those steps necessary to, in those users’ discretion, protect their privacy.

SECURITY

We take the security of your Personally-Identifying Information and Protected Health Information (PHI) seriously and use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse.  However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third-party circumvention of any privacy settings or security measures. If we believe your Personally-Identifying Information or PHI has been improperly disclosed we will notify you by email.

We are dedicated to protect all information on the Website as is necessary. However, you are responsible for maintaining the confidentiality of your Personally-Identifying Information and PHI by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, it is your responsibility to notify us immediately.

 

PRIVACY POLICY CHANGES

Medical Group may, in its sole discretion, change this Privacy Policy from time to time. Any and all changes to Medical Group’s Privacy Policy will be reflected on this page and the date new versions are posted will be stated at the top of this Privacy Policy. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you and your account. Users should regularly check this page for any changes to this Privacy Policy. Medical Group will always post new versions of the Privacy Policy on the Website. However, Medical Group may, as determined in its discretion, decide to notify users of changes made to this Privacy Policy via email or otherwise. Accordingly, it is important that users always maintain and update their contact information.

CHILDREN

 

The Children's Online Privacy Protection Act ("COPPA") protects the online privacy of children under 13 years of age. We do not provide care to patients under the age of 18, so we do not knowingly collect or maintain Personally-Identifying Information or Protected Health Information (PHI) from anyone under the age of 18. Any person who provides Personally-Identifying Information or PHI through the Website represents to us that he or she is 18 years of age or older. If we learn that Personally-Identifying Information or PHI has been collected from a user under 18 years of age on or through the Website, then we will take the appropriate steps to cause this information to be deleted. If you are the parent or legal guardian of a child under 18 who has become a member of the Website or has otherwise transferred Personally-Identifying Information to the Website, please contact Medical Group using our contact information below to have that child's account terminated and information deleted.

 

CALIFORNIA PRIVACY RIGHTS

 

California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about the Personally-Identifying Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personally-Identifying Information that was shared and the names and addresses of all third parties with which we shared Personally-Identifying Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed below.

DO-NOT-TRACK POLICY 

Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Because there is not yet a common understanding of how to interpret the DNT signal, the Website currently does not respond to DNT browser signals or mechanisms.

COVID-19 ADDENDUM:  MDAnywhere is not a publicly available contact tracing or status app and was not created specifically for the COVID-19 response. 

CONTACT

If you have any questions regarding our Privacy Policy, would like to submit a complaint, or would like to exercise your rights to your PHI, please contact our Privacy Officer at:

Access Medical Associates, PLLC

Attn: Privacy Officer

P.O Box 397

Miller Place, NY 11764

Email: [email protected]

Phone: 800-632-4981

You can also complain to the Office for Civil Rights (OCR).

The OCR office for New York is located at:

Office for Civil Rights
U.S. Department of Education
32 Old Slip, 26th Floor
New York, NY 10005-2500

Telephone: 646-428-3900
FAX: 646-428-3843; TDD: 800-877-8339
Email: [email protected]

To file a complaint in Texas:

Submit your complaint by calling the Complaint Hotline 1-800-201-9353 and follow the automated prompts to request a complaint form.

Click here for more information on the Texas Medical Board Enforcement Process.  

To file a complaint in California:

1. Call to have a Complaint Form mailed to you either through the toll-free line (1-800-633-2322) or by calling (916) 263-2424, OR
2. Use the On-line Complaint Form, OR
3. Download and Print a Complaint Form

We will not retaliate against anyone who files a complaint.

Notice of Privacy Practices

Access Medical Associates, PLLC

 

Your Information. Your Rights. Our Responsibilities.

This notice describes how medical information about you may be used and disclosed and how you can get access to this information.

Please review it carefully.

 

---

Your Rights

When it comes to your health information, you have certain rights.

This section explains your rights and some of our responsibilities to help you.

Get an electronic or paper copy of your medical record

• You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.
• We will provide a copy or a summary of your health information, usually within 30 days of your We may charge a reasonable, cost-based fee.

Ask us to correct your medical record

• You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
• We may say “no” to your request, but we’ll tell you why in writing within 60 days.

Request confidential communications

• You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
• We will say “yes” to all reasonable requests.

Ask us to limit what we use or share

• You can ask us not to use or share certain health information for treatment, payment, or our operations.
  • We are not required to agree to your request, and we may say “no” if it would affect your care.
• If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer.
  • We will say “yes” unless a law requires us to share that information.

Get a list of those with whom we’ve shared information

• You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
• We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.

Get a copy of this privacy notice

• You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.

Choose someone to act for you

• If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
• We will make sure the person has this authority and can act for you before we take any action.

File a complaint if you feel your rights are violated

• You can complain if you feel we have violated your rights by contacting us using the information on the back page.
• You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/.
• We will not retaliate against you for filing a complaint.

---

Your Choices

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.

In these cases, you have both the right and choice to tell us to:

• Share information with your family, close friends, or others involved in your care
• Share information in a disaster relief situation
• Include your information in a hospital directory

If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety. 

In these cases we never share your information unless you give us written permission:

• Marketing purposes
• Sale of your information
• Most sharing of psychotherapy notes

In the case of fundraising:

• We may contact you for fundraising efforts, but you can tell us not to contact you again.

---

Our Uses and Disclosures

How do we typically use or share your health information?

We typically use or share your health information in the following ways.

Treat you             

• We can use your health information and share it with other professionals who are treating you.

Example: A doctor treating you for an injury asks another doctor about your overall health condition. 

Run our organization

• We can use and share your health information to run our practice, improve your care, and contact you when necessary.

Example: We use health information about you to manage your treatment and services. 

Bill for your services

• We can use and share your health information to bill and get payment from health plans or other entities.

Example: We give information about you to your health insurance plan so it will pay for your services.

---

How else can we use or share your health information?

We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.

Help with public health and safety issues

• We can share health information about you for certain situations such as:
  • Preventing disease
  • Helping with product recalls
  • Reporting adverse reactions to medications
  • Reporting suspected abuse, neglect, or domestic violence
  • Preventing or reducing a serious threat to anyone’s health or safety

Do research             

• We can use or share your information for health research.

Comply with the law

• We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.

Respond to organ and tissue donation requests

• We can share health information about you with organ procurement organizations.

Work with a medical examiner or funeral director

• We can share health information with a coroner, medical examiner, or funeral director when an individual dies.

Address workers’ compensation, law enforcement, and other government requests

• We can use or share health information about you:
  • For workers’ compensation claims
  • For law enforcement purposes or with a law enforcement official
  • With health oversight agencies for activities authorized by law
  • For special government functions such as military, national security, and presidential protective services

Respond to lawsuits and legal actions

• We can share health information about you in response to a court or administrative order, or in response to a subpoena.

If your state or other laws require greater limits on disclosure of your health information, we will comply with these laws.

---

Our Responsibilities

• We are required by law to maintain the privacy and security of your protected health information.
• We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
• We must follow the duties and privacy practices described in this notice and give you a copy of it.
• We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.

For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html. 

Changes to the Terms of This Notice

We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our web site.

This Notice of Privacy Practices applies to the following organizations:

MDAnywhere.com, LLC

P.O. Box 397

Miller Place, NY 11764

Email: [email protected]

---

Access Medical Associates, PLLC

131 Gary Way

Suite 2

Ronkonkoma, NY 11779

Email: [email protected]

Phone: 800-632-4981

 

Effective date of this notice: 10/31/19