EZ Healthcare Inc. (EZ) Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice of Privacy Practices applies to EZ Healthcare Incorporated and all of its subsidiaries and business units (collectively referred to as “EZ” in this Notice), except for other services that do not involve standard electronic transactions for which the United States Department of Health and Human Services (“HHS”) has adopted standards.
EZ’s Protection of Protected Health Information (PHI)
Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), EZ is required by law to maintain the privacy of health information that identifies you, called protected health information (PHI), and to provide you with notice of our legal duties and privacy practices regarding PHI. EZ is committed to the protection of your PHI and will make reasonable efforts to ensure the confidentiality of your PHI, as required by statute and regulation. We take this commitment seriously and will work with you to comply with your right to receive certain information under HIPAA.
EZ’s Use and Disclosure of PHI
As a software and mobile application vendor EZ does not under normal operating procedure have access to or attempt to access your PHI. EZ will not access your PHI except in regards to the functioning of our software or as required by law. Questions or concerns about your health information should be directed to your health care provider.
As permitted under HIPAA, the following categories explain the types of uses and disclosures of PHI that EZ may make. Some of the uses and disclosures described may be limited or restricted by state laws or other legal requirements. Please contact your healthcare provider for specific information regarding your state.
- For health care operations – EZ may use or disclose PHI for health care operations purposes as necessary for EZ’s operation and management purposes. EZ may also disclose PHI to other health care providers or health plans that are involved in your care for their health care operations only after authorization from you or your provider.
- Appointment reminders and health-related benefits and services – EZ may use and disclose PHI to contact you as a reminder that you have an appointment with your Provider and may use and disclose PHI to tell you about health-related benefits and services that may be of interest to you.
- Individuals involved in your care or payment for your care – EZ may disclose PHI to a person who is involved in your care or helps pay for your care, such as a family member or friend only following authorization from you or through your provider. As allowed by federal and state law, we may disclose the PHI of minors to their parents or legal guardians.
- Disclosure for judicial and administrative proceedings – Under certain circumstances, EZ may disclose your PHI in the course of a judicial or administrative proceeding, including in response to a court or administrative order, subpoena, discovery request, or other lawful process.
- As required by law – EZ must disclose your PHI if required to do so by federal, state, or local law.
- Personal Representative – EZ may disclose PHI to your personal representative, as established under applicable law, or to an administrator, executor, or other authorized individual associated with your estate.
- Serious threat to health or safety – EZ may disclose PHI if necessary to prevent or lessen a serious and/or imminent threat to health or safety to a person or the public or for law enforcement authorities to identify or apprehend an individual.
- Government functions – In certain situations, EZ may disclose the PHI of military personnel and veterans, including Armed Forces personnel, as required by military command authorities. Additionally, we may disclose PHI to authorized officials for national security purposes, such as protecting the President of the United States, conducting intelligence, counter-intelligence, other national security activities, and when requested by foreign military authorities. Disclosures will be made only in compliance with U.S. Law.
Other Uses and Disclosures of PHI
For purposes not described above, including uses and disclosures of PHI for marketing purposes and disclosures that would constitute a sale of PHI, EZ will NOT disclose PHI.
Information Breach Notification
EZ is required to provide patient notification if it discovers a breach of unsecured PHI unless there is a demonstration, based on a risk assessment, that there is a low probability that the PHI has been compromised. You will be notified without unreasonable delay and no later than 60 days after discovery of the breach. Such notification will include information about what happened and what can be done to mitigate any harm.
Patient Rights Regarding PHI
Subject to certain exceptions, HIPAA establishes the following patient rights with respect to PHI:
- Right to Receive a Copy of the EZ Notice of Privacy Practices – You have a right to receive a copy of the EZ Notice of Privacy Practices at any time by contacting us at email@example.com, or by sending a written request to: HIPAA Privacy Officer, EZ Healthcare, Inc. PO Box 436, Washington, UT 84780. This Notice will also be posted on the EZ internet site at www.ezhealthcare.com.
- Right to Request Limits on Uses and Disclosures of your PHI – You have the right to request that we limit: 1) how we use and disclose your PHI for treatment, payment, and health care operations activities; or 2) our disclosure of PHI to individuals involved in your care or payment for your care. EZ will consider your request, but is not required to agree to it unless the requested restriction involves a disclosure that is not required by law to a health plan for payment or health care operations purposes and not for treatment, and you have paid for the service in full out of pocket. If we agree to a restriction on other types of disclosures, we will state the agreed restrictions in writing and will abide by them, except in emergency situations when the disclosure is for purposes of treatment.
- Right to Request Confidential Communications – You have the right to request that EZ communicate with you about your PHI at an alternative address or by an alternative means. EZ will accommodate reasonable requests.
- Right to See and Receive Copies of Your PHI – You and your personal representative have the right to access PHI consisting of your health records maintained by your provider. EZ will not access your PHI. Ask your provider about their policy on receiving a copy of your PHI. You have the right to access and receive your PHI in an electronic format if it is readily producible in such a format. You also have the right to direct your provider to transmit a copy to another person you designate, provided such request is in writing, signed by you, and clearly identifies the designated person and where to send the copy of your PHI. To request a copy of your PHI:
- Ask for a courtesy copy when you visit your provider.
- Ask your provider for information on how to open a EZ patient portal or mobile app account to receive your reports electronically.
- Right to Receive an Accounting of Disclosures – You have a right to receive a list of certain instances in which EZ disclosed your PHI. This list will not include certain disclosures of PHI, such as (but not limited to) those made based on your written authorization or those made prior to the date on which EZ was required to comply. If you request an accounting of disclosures of PHI that were made for purposes other than treatment, payment, or health care operations, the list will include disclosures made in the past six years, unless you request a shorter period of disclosures. If you request an accounting of disclosures of PHI that were made for purposes of treatment, payment, or health care operations, the list will include only those disclosures made in the past three years for which an accounting is required by law, unless you request a shorter period of disclosures.
- Right to Correct or Update your PHI – If you believe that your PHI contains a mistake, you may request, in writing, that your provider correct the information. If your request is denied, they will provide an explanation of the reasoning for their denial.
How to Exercise Your Rights
To exercise any of your rights described in this notice, you must send a written request to your provider by contacting the Patient Billing office using the phone number indicated on your provider’s billing invoice.
Changes to the EZ Notice of Privacy Practices
EZ reserves the right to make changes to this notice and to our privacy policies from time to time. Changes adopted will apply to any PHI we maintain about you. EZ is required to abide by the terms of our notice currently in effect. When changes are made, we will promptly update this notice and post the information on the EZ website at www.ezhealthcare.com. Please review this site periodically to ensure that you are aware of any such updates.
Effective Date of Notice: 05/05/2020
EZ works diligently to provide exceptional, quality service to all of its clients and is committed to implementing the Health Insurance Portability and Accountability Act of 1996 (HIPAA). If you have questions regarding HIPAA – Contact your provider