NOTICE OF PRIVACY PRACTICES

Effective January 2, 2021
Rev. August 1, 2023

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.

PLEASE READ IT CAREFULLY

Commitment to Privacy
The appropriate collection, use, and disclosure of patients’ personal health information is fundamental to our day-to-day operations and to patient care. Protecting the privacy and the confidentiality of patient personal information is important to the Healthcare Providers and staff at Harmony Healthcare Orlando, Inc (DBA Harmony Healthcare, Inc). We strive to provide our patients with excellent medical care and service. Every member of Harmony Healthcare Orlando, Inc (DBA Harmony Healthcare, Inc) must abide by our commitment to privacy in the handling of personal information. This policy was last modified on the 1st day of August 2023.
Applicability of This Privacy Policy
The following is the privacy policy (“Privacy Policy”) of Harmony Healthcare Orlando, Inc. as described in the Health Insurance Portability and Accountability Act of 1996 and regulations promulgated thereunder, commonly known as HIPAA. HIPAA requires Covered Entity by law to maintain the privacy of your personal health information and to provide you with notice of Covered Entity’s legal duties and privacy policies with respect to your personal health information. We are required by law to abide by the terms of this Privacy Notice.
What is Personal Health Information?
Personal health information means identifying information about an individual relating to their physical or mental health (including medical history), the providing of health care to the individual, payments or eligibility for health care, screening tests, among. Your personal health information that is protected by law broadly includes any information, oral, written or recorded, that is created or received by certain health care entities, including health care providers, such as physicians and hospitals, as well as health insurance companies or plans. The law specifically protects health information that contains data, such as your name, address, social security number, and others, that could be used to identify you as the individual patient who is associated with that health information.
The 10 Principles of Privacy

Our Privacy Policy reflects our compliance with fair information practices, applicable laws and standards of practice.

1. Accountability
We take our commitment to securing patient privacy very seriously. Each healthcare provider and employee associated with the Practice is responsible for the personal information under his/her control. Our employees are informed about the importance of privacy and receive information periodically to update them about our Privacy Policy and related issues.

2. Identifying Purposes: Why We Collect Information
We ask you for information to establish a relationship and serve your medical needs. We obtain most of our information about you directly from you, or from other health practitioners whom you have seen and authorized to disclose to us. You are entitled to know how we use your information, and this is described in the Privacy Statement posted at Harmony Healthcare Orlando, Inc. We will limit the information we collect to what we need for those purposes, and we will use it only for those purposes. We will obtain your consent if we wish to use your information for any other purpose.

Generally, we may not use or disclose your personal health information without your permission. Further, once your permission has been obtained, we must use or disclose your personal health information in accordance with the specific terms that permission.

3. Consent
You have the right to determine how your personal health information is used and disclosed. For most health care purposes, your consent is implied as a result of your consent to treatment, however, in all circumstances express consent must be written.

Without your consent, we may use or disclose your personal health information to provide you with services and the treatment you require or request, or to collect payment for those services, and to conduct other related health care operations otherwise permitted or required by law. Also, we are permitted to disclose your personal health information within and among our workforce to accomplish these same purposes. However, even with your permission, we are still required to limit such uses or disclosures to the minimal amount of personal health information that is reasonably required to provide those services or complete those activities.

4. Limiting Collection
We collect information by fair and lawful means and collect only that information which may be necessary for purposes related to the provision of your medical care.

5. Limiting Use, Disclosure and Retention
The information we request from you is used for the purposes defined. We will seek your consent before using the information for purposes beyond the scope of the posted Privacy Statement.

Under no circumstances do we sell patient lists or other personal information to third parties. There are some types of disclosure of your personal health information that may occur as part of this Practice fulfilling its routine obligations and/or practice management. This includes consultants and suppliers to the Practice, on the understanding that they abide by our Privacy Policy, and only to the extent necessary to allow them to provide business services or support to this Practice. We will retain your information only for the time it is required for the purposes we describe and once your personal information is no longer required, it will be destroyed. However, due to our on-going exposure to potential claims, some information is kept for a longer period.

Patients may be required to sign and date a Consent to Disclose PHI Form and pay a fee based on current OMA rates prior to release of information.

6. Accuracy
We endeavor to ensure that all decisions involving your personal information are based upon accurate and timely information. While we will do our best to base our decisions on accurate information, we rely on you to disclose all material information and to inform us of any relevant changes.

7. Safeguards: Protecting Your Information
We protect your information with appropriate safeguards and security measures. The Practice maintains personal information in secure electronic files. Access to personal information will be authorized only for the healthcare practitioners and employees associated with the Practice, and other agents who require access in the performance of their duties, and to those otherwise authorized by law.

We provide information to health care providers acting on your behalf, on the understanding that they are also bound by law and ethics to safeguard your privacy. Other organizations and agents must agree to abide by our Privacy Policy and may be asked to sign contracts to that effect. We will give them only the information necessary to perform the services for which they are engaged, and will require that they not store, use or disclose the information for purposes other than to carry out those services.

Our computer systems are password-secured and constructed in such a way that only authorized individuals can access secure systems and databases.

If you send us an e-mail message that includes personal information, such as your name included in the "address", we will use that information to respond to your inquiry. Please remember that e-mail is not necessarily secure against interception. If your communication is very sensitive, you should not send it electronically unless the e-mail is encrypted, or your browser indicates that the access is secure.

8. On-going Access to Privacy Policy
We may update this Privacy Policy periodically to reflect changes in legal or operational requirements. Any revisions will be posted on our website with the effective date. For any other requests or for further information regarding the privacy of your personal health information, and for information regarding the filing of a complaint with us, please contact us at the address, telephone number, or e-mail address listed below.

9. Access and Correction
With limited exceptions, we will give you access to the information we retain about you within a reasonable time, upon presentation of a written request and satisfactory identification. We may charge you a fee for this service and if so, we will give you notice in advance of processing your request.

If you find errors of fact in your personal health information, please notify us as soon as possible and we will make the appropriate corrections. We are not required to correct information relating to clinical observations or opinions made in good faith. You have a right to append a short statement of disagreement to your record if we refuse to make a requested change.

If we deny your request for access to your personal information, we will advise you in writing of the reason for the refusal and you may then challenge our decision.

10. Challenging Compliance
We encourage you to contact us with any questions or concerns you might have about your privacy or our Privacy Policy. We will investigate and respond to your concerns about any aspect of our handling of your information. A complaint must be received by us or filed with OCR within 180 days of knowledge of the act. You will not be retaliated against for filing any complaint.

In most cases, an issue is resolved simply by telling us about it and discussing it. You can reach us at:

Harmony Healthcare Orlando, Inc.
189 S. Orange Ave Suite 1830
Orlando, FL 32801
Tel: (407) 777-2022
Fax: (407) 942-8996
Email: contact@myhho.org

If, after contacting us, you feel that your concerns have not been addressed to your satisfaction, you have the right to complain to the Office for Civil Rights (OCR). The OCR- Southeast Region can be reached at:

Office for Civil Rights

U.S. Department of Health & Human Services
Sam Nunn Atlanta Federal Center, Suite 16T70 61

Forsyth Street, S.W.
Atlanta, GA 30303-8909
Tel: 1-800-368-1019
Fax: (202) 619-3818
TDD: (800) 537-7697
Email: OCRMail@hhs.gov

By reviewing the information above and entrusting us with your personal information, you acknowledge and agree to the terms of this Privacy Policy. Maintaining the privacy and trust of our patients are amongst our highest priorities and we thank you for choosing Harmony Healthcare Orlando, Inc as your healthcare provider.