Midi

Notice of Privacy Practices

Last Updated: October 28, 2024

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This Notice of Privacy Practices (the “Notice”) describes how Medical Groups, as an affiliated covered entity composed of multiple distinct medical groups including but not limited to Integrative Women’s Care PC. IWC Medical Group, P.A., IWC Medical Group KS, P.A., and Robert G. Aptekar, M.D., P.C. (collectively, “we” or “our”) may use and disclose your protected health information to carry out treatment, payment, or business operations and for other purposes that are permitted or required by law. “Protected health information” or “PHI” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical health or condition, treatment or payment for health care services.

This Notice also describes your rights to access and control your protected health information.

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION:

Your protected health information may be used and disclosed by our health care providers, our staff, and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to support our business operations, to obtain payment for your care, and any other use authorized or required by law. 

TREATMENT:

We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to any other health care provider with whom you have an existing treatment relationship to ensure the necessary information is accessible to diagnose or treat you.  

PAYMENT:

Your protected health information may be used to bill or obtain payment for your health care services. For example, we may use your PHI in connection with processing payments for services provided to you.

HEALTH CARE OPERATIONS:

We may use or disclose, as needed, your protected health information in order to support the business activities of this office. These activities include, but are not limited to, improving quality of care, providing information about treatment alternatives or other health-related benefits and services, development or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste and abuse investigations.  We may de-identify and anonymize your information such that it is no longer considered protected health information or personally identifiable information and as such, will not contain any reference to you. In that instance, we may modify or create derivative works which contain this de-identified and anonymized information and may use that information as may be necessary to enhance the services we are providing. In addition, we may use this de-identified information for non-commercial purposes including but not limited to analytics, research, preparation of case studies and other educational and research related publication and usage. Under no circumstances will we sell or commercially market your information.

USES AND DISCLOSURES THAT DO NOT REQUIRE YOUR AUTHORIZATION

We may use or disclose your protected health information in the following situations without your authorization. These situations include the following uses and disclosures: as required by law; for public health purposes; for health care oversight purposes; for abuse or neglect reporting; pursuant to Food and Drug Administration requirements; in connection with legal proceedings; for law enforcement purposes; to coroners, funeral directors and organ donation agencies; for certain research purposes; for certain criminal activities; for certain military activity and national security purposes; for workers’ compensation reporting; relating to certain inmate reporting; and other required uses and disclosures. Under the law, we must make certain disclosures to you upon your request, and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of the Health Insurance Portability and Accountability Act (“HIPAA”). State laws may further restrict these disclosures.

USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION:

Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless permitted or required by law. In such cases, without your authorization, we shall not use or disclose your protected health information.

You have the right to receive an accounting of certain disclosures of your protected health information that we have made, paper or electronic, except for certain disclosures which were pursuant to an authorization, for purposes of treatment, payment, healthcare operations (unless the information is maintained in an electronic health record), or for certain other purposes.

You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by e-mail.

REVISIONS TO THIS NOTICE:

We reserve the right to revise this Notice and to make the revised Notice effective for protected health information we already have about you as well as any information we receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on the Services. You then have the right to object or withdraw as provided in this Notice.

BREACH OF HEALTH INFORMATION:

We will notify you if a reportable breach of your unsecured protected health information is discovered.

Notification will be made to you no later than 60 days from the breach discovery and will include a brief description of how the breach occurred, the protected health information involved and contact information for you to ask questions.

COMPLAINTS:

Complaints about this Notice or how we handle your protected health information should be directed to our HIPAA Privacy Officer. If you are not satisfied with the manner in which a complaint is handled you may submit a formal complaint to the Department of Health and Human Services, Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.

We must follow the duties and privacy practices described in this Notice. If you have any questions about this Notice, please contact us at operations@joinmidi.com.