HIPAA Privacy Statement

Privacy Officer: Sarah Sparks, AuD

Contact: drsparks(at)audiologyoutsidethebox.com


Effective Date: August 28, 2020

This Notice of Privacy Practices describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

As a “covered entity” under the Health Insurance Portability and Accountability Act (“HIPAA”), we understand the importance of your privacy and are committed to maintaining the confidentiality of your protected health information (“PHI”), which is certain information that identifies you and that relates to your health condition. This Notice of Privacy Practices (“Notice”) describes how we may use and disclose your PHI, in addition to describing your rights and our legal obligations with respect to your PHI.

Our Responsibilities:

Under HIPAA, we are required to provide you with this Notice regarding our legal duties and privacy practices with respect to your PHI. Your PHI will not be used or disclosed, except as described in this Notice or as otherwise permitted or required by law. We must abide by the terms of this Notice. We reserve the right to change the terms of this Notice at any time and without notice in accordance with applicable law. If the terms of this Notice change, the revised Notice will be posted on our website.

Permitted Disclosures of PHI:

We may disclose your PHI for the following reasons:

  1. Treatment. We may disclose your PHI to another health care provider providing treatment to you. For example, we may disclose medical information about you to other audiologists, physicians, or personnel who are involved with the administration of your care.
  2. Payment. We may disclose your PHI to bill and collect payment for the services we provide to you. For example, we may send a bill to you or a third party payer (such as an insurance company) for the rendering of services by us, or to establish the eligibility of insurance benefits for you.
  3. Health Care Operations. We may disclose your PHI in connection with our healthcare operations.  For example, we may use your PHI to evaluate the performance of healthcare services you received, and we may also provide your PHI to accountants, attorneys, consultants, and other business associates to make sure we comply with the laws that govern us.
  4. Family and Friends. We may disclose your PHI to a family member, friend, or any other person who you identify as being involved with your care or payment for care, unless you object.
  5. Direct Contact with You. We may use your PHI to contact you to remind you that you have an appointment, or to inform you about treatment alternatives or other health-related benefits and services that may be of interest to you.
  6. As Otherwise Required by Law. We may disclose your PHI for law enforcement purposes and as required by federal or state law. For example, we may be required to provide PHI to comply with an order in a legal or administrative proceeding, or to respond to a subpoena.

Disclosures Requiring Written Authorization:

In any other situation not described above, we may not disclose your PHI without your written authorization.

Your Rights:

The information in your electronic health record is your health record, this record is the property of this

company, but the information in the health record belongs to you. You have the right to:

  1. Receive a copy of this Notice of Privacy Practices from us upon request. For your convenience, it may also be posted on our website.
  2. Request restrictions on our uses and disclosures of your PHI for treatment, payment and health care operations, except in the case of an emergency. However, we reserve the right not to agree to the requested restriction.
  3. Request to receive communications of PHI in confidence. You may request that we communicate with you about your PHI only by certain means or at certain locations. You must make a written request, specifying how and where we may contact you.
  4. Inspect and obtain a copy of your PHI contained in your medical and billing records and in any other company records used by us to make decisions about you. A reasonable cost for copying may apply pursuant to D.C. Mun. Regs. Tit 17, § 4612.
  5. Request an amendment to your PHI. However, we may deny your request for an amendment, if we determine that the PHI that is the subject of the request:
  • was not created by us, unless you provide a reasonable basis to believe that the originator of your PHI is no longer available to act on the requested amendment;
  • is not part of your medical or billing records;
  • is not available for inspection as set forth above; or
  • is accurate and complete.

Any agreed upon amendment will be included as an addition to, and not a replacement of, already existing records.

  1. Receive an accounting of disclosures of your PHI made by us other than to you during the six years prior to the date of your request, except for disclosures to carry out treatment, payment and health care operations or as otherwise permitted or required to be withheld by law.
  2. Revoke your authorization to use or disclose PHI except to the extent that we have already acted in reliance on your authorization, or if the authorization was obtained as a condition of obtaining insurance coverage, or to the extent such revocation is otherwise prohibited by law.
  3. Breach Notification. In the case of a breach of unsecured PHI, you have the right to be notified if we or our business associates become aware of such a breach. If you have provided us with a current e-mail address, we may use e-mail to communicate information related to the breach.

For More Information or To Report A Problem

If you have questions or need additional information about this Notice of Privacy Practices, please contact our HIPAA Privacy Officer, whose contact information is listed at the top of this Notice of Privacy Practices.