Image

Login
Questions? Call (800) 243-4052
Fast & Confidential STD Testing
Nationwide locations. Results in 1-2 days.
Privacy Policy

HIPAA NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Effective Date: 11/08/2024

Summary

This is a summary of how we may use and disclose your protected health information and your rights and choices when it comes to your information. We will explain these in more detail on the following pages.

Purpose

MMS, its subsidiaries, partners, and affiliates with certain Health Professionals and Labs (collectively “Health Care Providers” or “we”) that are independent third-parties that work together to provide you with services. We are legally required to maintain the privacy of your protected health information (“PHI”) under the Health Insurance Portability and Accountability Act (“HIPAA”) and other federal and state laws.

As part of our commitment and legal compliance, we are providing you with this Notice of Privacy Practices (“Notice”). This Notice describes:

  • Our legal duties and privacy practices regarding your PHI, including our duty to notify you following a data breach of your unsecured PHI.
  • Our permitted uses and disclosures of your PHI.
  • Your rights regarding your PHI.
Contact

If you have any questions about this Notice, please contact us at (800) 243-4052

Our Uses and Disclosures

We may use and disclose your PHI for health care operations as we:

  • Treat you.
  • Bill for services.
  • Run our organization.
  • Comply with the law.
  • Address law enforcement, or other government requests.
  • Respond to lawsuits and legal actions.
  • Help with public health and safety issues.
  • Do internal research for product enhancement.
  • Work with a medical examiner or funeral director.
Your Choices

You may limit how we use and disclose your PHI as we:

  • Communicate with you.
  • Share information about your condition with family and friends at your direction.
  • Market our products and services.

For these purposes, you can tell us what elements of your PHI we can share. If you have a clear preference for how we share your PHI in the situations described below, please contact us at service@letsbesafe.com and we will make reasonable efforts to follow your instructions.

You have both the right and the choice to tell us whether and how to:

  • Share information, such as your PHI, general condition, or location, with your family, close friends, or others involved in your care.
  • Share information in a disaster relief situation.

We may share your PHI if we believe it is in your best medical interest, according to our best judgment, and:

  • If you are unable to tell us your preference, for example, if you are unconscious.
  • When needed to lessen a serious and imminent threat to health or safety.

We never share your PHI for marketing purposes unless you authorize us to do so in writing.

Other than a custodian transfer in the context of a merger, acquisition or other corporate reorganization, we do not sell your PHI.

PHI Defined

Your PHI:

  • Is health information about you:
    • which someone may use to identify you; and
    • which we keep or transmit in electronic, oral, or written form.
  • Includes information such as your:
    • name;
    • contact information;
    • past, present, or future physical or medical conditions;
    • payment for health care products or services; or
    • prescriptions.
Scope

We create a record of the care and health services you receive, to provide your care and to comply with certain legal requirements. This Notice applies to all the PHI that we generate or receive.

We and our employees and other workforce members follow the duties and privacy practices that this Notice describes and any changes to this Notice once they take effect.

Changes to this Notice

We can change the terms of this Notice, and the changes will apply to all PHI we have about you. The new Notice will be available on request and on our website.

Data Breach Notification

We will promptly notify you if a data breach occurs that may have compromised the privacy or security of your PHI. We will notify you within the legally required timeframe but no later than 60 days after we discover the breach. Generally, we will notify you in writing, by mail or email if you have provided us with your current email address and you have previously agreed to receive notices electronically. In some circumstances, our business associates may provide the notification. In limited circumstances when we have insufficient or out-of-date contact information, we may provide notice of a breach in a legally acceptable alternative form.

Uses and Disclosures of Your PHI

Applicable law permits or requires us to use or disclose your PHI for various reasons, which we explain in this Notice. We have included some examples, but we have not listed every permissible use or disclosure. When using or disclosing PHI, or requesting your PHI from another source, we will make reasonable efforts to limit our use, disclosure, or request to the minimum amount of your PHI we need to accomplish our intended purpose.

Uses and Disclosures for Treatment, Payment, or Health Care Operations
  • Treatment. We may use or disclose your PHI and share it with other health professionals who are treating you, including doctors, nurses, technicians, medical students, or hospital personnel involved in your care. For example, we might disclose information about your overall health condition with physicians who are treating you for a specific injury or condition.
  • Payment. We may use and disclose your PHI to bill and receive payment for services we provide to you.
  • Health Care Operations. We may use and disclose your PHI to run our practice and improve your care. For example, we may use your PHI to manage the services you receive or to monitor the quality of our health care services.
Other Uses and Disclosures

We may share your PHI in other ways, usually for public health or research purposes or to contribute to the public good. For more information on permitted uses and disclosures, see www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html. For example, these other uses and disclosures may involve:

  • Our Business Associates. We may use and disclose your PHI to outside persons or entities that perform services on our behalf, such as auditing, legal, or transcription (Business Associates). HIPAA requires our business associates and their subcontractors to protect your PHI in the same way we do. We also contractually require these parties to use and disclose your PHI only as permitted under this Notice and HIPAA and to appropriately safeguard your PHI.
  • Legal Compliance. For example, we will share your PHI if the U.S. Department of Health and Human Services requires it when investigating our compliance with HIPAA privacy requirements.
  • Public Health and Safety Activities. For example, we may share your PHI to:
    • prevent disease;
    • report suspected child neglect or abuse or domestic violence; or
    • avert a serious threat to public health or safety.
  • Responding to Legal Actions. For example, we may be required to disclose your PHI to respond to:
    • a court or administrative order or subpoena;
    • discovery request; or
    • another lawful process.
  • Law Enforcement, or Other Government Requests. For example, we may be required to disclose your PHI for:
    • health oversight activities by federal or state agencies;
    • law enforcement purposes; or
    • specialized government functions, such as military and veterans’ activities, national security and intelligence, presidential protective services, or medical suitability.
Uses and Disclosures that Require Authorization

In the following cases we will only share your PHI if you give us written authorization:

  • Marketing third-party services.
  • Use or share your information with a third-party for research purposes
  • Other uses and disclosures not described in this Notice.

You may revoke your authorization at any time, but it will not affect PHI that we already used and disclosed prior to receiving your revocation.

Your Rights

When it comes to your PHI, you have certain rights, in addition to your right to receive a copy of this Notice. This section explains your rights and some of our responsibilities to help you.

You have the right to:

  • Inspect and Obtain a Copy of Your PHI. You have the right to see or obtain an electronic or paper copy of the PHI that we maintain about you (right to request access).

Some clarifications about your access rights:

  • we require you to request access in writing by submitting a request to the address above;
  • we may charge a reasonable, cost-based fee for the costs of copying, mailing, or other supplies associated with responding to your request. This fee complies with state/federal laws;
  • you may request that we direct a copy of your PHI to a third party of your choice on a standing, regular basis. We require that you submit these requests in writing to the address above; and
  • if you request a copy of your PHI, we will generally decide to provide or deny access within 30 days, however, if we cannot act within 30 days, we will give you a reason for the denial or delay in writing.
  • Make Amendments. You may ask us to correct or amend PHI that we maintain about you that you think is incorrect or inaccurate.
  • Request Additional Restrictions. You have the right to ask us to limit the PHI we use or share (right to request restrictions). You can contact us and request us not to use or share certain PHI for treatment, payment, or operations or with certain persons involved in your care. We require that you submit this request in writing to the address listed above.
  • Request an Accounting of Disclosures. You have the right to request an accounting of certain PHI disclosures that we have made. For these requests:
    • we will respond no later than 60 days after receiving the request. We may ask for an additional 30 days during this 60-day period, but if we do, we will only do it once, provide a written statement of why, and indicate the date by which we intend to send the response;
    • we will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures, such as any you authorized us to make; and
    • we will provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months. We will notify you about the costs in advance and you may choose to withdraw or modify your request at that time.
  • Choose Someone to Act for You. If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your PHI. We will confirm the person has this authority and can act for you before we take any action.
  • Request Confidential Communications. You have the right to request that we communicate with you about health matters in a certain way or at a certain location. For example, you can ask that we only contact you at work or at a specific address. In addition, you may consent to us communicate with you by e-mail or SMS messaging regarding various aspects of your care, such as test results, prescriptions, appointment reminders, and billing. For these requests:
    • we will not ask for the reason;
    • you must specify how or where you wish to be contacted; and
    • we will accommodate reasonable requests.
  • Make Complaints. You have the right to complain if you feel we have violated your rights. We will not retaliate against you for filing a complaint. You may file a complaint either:
    • directly with us by contacting us at service@letsbesafe.com. All complaints directed to us must be submitted in writing.