Your Information. Your Rights. Our Responsibilities.
This notice describes how medical information about you may be used and disclosed and how you can get access. Please review it carefully.
You have the right to:
- Get a copy of your paper or electronic medical record
- Correct your paper or electronic medical record
- Request confidential communication
- Ask us to limit the information we share
- Get a list of those with whom we’ve shared your information
- Get a copy of this privacy notice
- Choose someone to act for you
- File a complaint if you believe your privacy rights have been violated
You have some choices in the way that we use and share information as we:
- Tell family and friends about your condition
- Market our services
- Raise funds
Our Uses and Disclosures
We may use and share your information as we:
- Treat you
- Run our organization
- Bill for your services
- Help with public health and safety issues
- Do research
- Comply with the law
- Address workers’ compensation, law enforcement, and other government requests
- Respond to lawsuits and legal actions
When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help.
Get an electronic or paper copy of your medical record
- You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.
- We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.
Ask us to correct your medical record
- You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
- We may say “no” to your request, but we’ll tell you why in writing within 60 days.
Request confidential communications
- You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
- We will say “yes” to all reasonable requests.
Ask us to limit what we use or share
- You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say “no” if it would affect your care.
- If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
Get a list of those with whom we’ve shared information
- You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
- We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
Get a copy of this privacy notice
- You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
Choose someone to act for you
- If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
- We will make sure the person has this authority and can act for you before we take any action.
File a complaint if you feel your rights are violated
- You can complain if you feel we have violated your rights by contacting us using the information on page 1.
- You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting hhs.gov/ocr/privacy/hipaa/complaints/.
- We will not retaliate against you for filing a complaint.
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
In these cases, you have both the right and choice to tell us to:
- Share information with your family, close friends, or others involved in your care
- Share information in a disaster relief situation
If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
In these cases we never share your information unless you give us written permission:
- Marketing purposes
In the case of fundraising:
- We may contact you for fundraising efforts, but you can tell us not to contact you again.
Our Uses and Disclosures
How do we typically use or share your health information?
We typically use or share your health information in the following ways.
Run our organization
We can use and share your health information to run our practice, improve your care, and contact you when necessary.
Example: We use health information about you to manage your treatment and services.
Bill for your services
We can use and share your health information to bill and get payment from health plans or other entities.
Example: We give information about you to your health insurance plan so it will pay for your services.
How else can we use or share your health information?
We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
Help with public health and safety issues
We can share health information about you for certain situations such as:
- Reporting suspected abuse, neglect, or domestic violence
- Preventing or reducing a serious threat to anyone’s health or safety
Comply with the law
We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it
Address workers’ compensation, law enforcement, and other government requests
We can use or share health information about you:
- For workers’ compensation claims
- For law enforcement purposes or with a law enforcement official
- With health oversight agencies for activities authorized by law
- For special government functions such as military, national security, and presidential protective services
Respond to lawsuits and legal actions
We can share health information about you in response to a court or administrative order, or in response to a subpoena.
- We are required by law to maintain the privacy and security of your protected health information.
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
- We must follow the duties and privacy practices described in this notice and give you a copy of it.
- We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
Using our App
- What information does the Application obtain and how is it used? This section is designed to inform Users of the types of data that the app obtains and how that information is used. You’ll find several types of data that are often obtained by apps, but you should provide Users with a clear, illustrative list of the most important data points obtained by your app.
- User Provided Information. The Application obtains the information you provide when you download and register the Application. Registration with us is optional. However, please keep in mind that you may not be able to use some of the features offered by the Application unless you register with us.captures the GPS location of the phone on which it is installed at the time of clock-in, and again at the time of clock-out; the clock-in and clock-out times of the caregiver; the caregiver’s and patient’s pictures and signatures at the time the caregiver’s weekly electronic timesheet is completed, and the patient’s and caregiver’s signatures at the time of clock-out each day. None of this information is stored locally on the phone onto which the Application is installed. Rather, it is transmitted securely to the systems FreedomCare uses to track patient care and caregiver payroll and is not shared with any outside party other than as required by law or contract.
- Alternative language if you don’t allow unregistered users: “Registration with us is mandatory in order to be able to use the basic features of the Application.” (On the other hand, you might want to specify you don’t let user register at all, but still list the information you collect).
- When you register with us and use the Application, you generally provide (a) your name, email address, age, user name, password and other registration information; (b) transaction-related information, such as when you make purchases, respond to any offers, or download or use applications from us; (c) information you provide us when you contact us for help; (d) credit card information for purchase and use of the Application, and; (e) information you enter into our system when using the Application, such as contact information and project management information.
- We may also use the information you provided us to contact your from time to time to provide you with important information, required notices and marketing promotions.
- Automatically Collected Information. If the Application collects information from and/or for social networking platforms (e.g., pulling contact information, friends lists, login information, photos or check-ins) you should ensure that the prior consent of the user is obtained.
- In addition, the Application may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile devices unique device ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browsers you use, and information about the way you use the Application.
- Does the Application collect precise real time location information of the device? Yes, as noted above, the Application obtains captures the GPS location of the phone on which it is installed at the time of clock-in, and again at the time of clock-out; the clock-in and clock-out times of the caregiver; the caregiver’s and patient’s pictures and signatures at the time the caregiver’s weekly electronic timesheet is completed, and the patient’s and caregiver’s signatures at the time of clock-out each day. None of this information is stored locally on the phone onto which the Application is installed. Rather, it is transmitted securely to the systems FreedomCare uses to track patient care and caregiver payroll and is not shared with any outside party other than as required by law or contract.
- If your app uses geolocation, check out the specific branch of this document
- This Application does not collect precise information about the location of your mobile device.
- Do third parties see and/or have access to information obtained by the Application? The following language covers anonymized data that third-party analytics services might collect for you, and a few other standard cases where sharing users’ data is fair and justified. Generally, app developers will want to have the right to transfer information collected by the app under certain circumstances. For example, if the app developer sells the app, the developer may want that information collected by the application transferred as part of the sale. While some of the more common examples of data transfer to third parties are provided, you are encouraged to work with counsel and/or privacy professional to determine if other examples should be included in the policy.
- Only aggregated, anonymized data is periodically transmitted to external services to help us improve the Application and our service. We will share your information with third parties only in the ways that are described in this privacy statement.Generally speaking, no, information obtained by the application is not shared with third parties, except as required by law. For instance, information about caregiver visits, GPS distance relative to the patient’s home at the time of clock-in and clock-out, pictures and signatures for identity verification may be shared with patients’ health plans as part of regular audits, which FreedomCare is required by law or contract. In addition, information obtained regarding caregiver hours worked is shared with HHA Exchange in order to properly bill patient insurance plans and arrange for caregiver payroll.
- We may disclose User Provided and Automatically Collected Information: as required by law, such as to comply with a subpoena, or similar legal process; when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request; with our trusted services providers who work on our behalf, do not have an independent use of the information we disclose to them, and have agreed to adhere to the rules set forth in this privacy statement; if Developer Company NameFreedomCare or the Application is involved in a merger, acquisition, or sale that would materially affect the treatment of personal informationof all or a portion of its assets, you will be notified via email and/or a prominent notice on our Wweb site of any change in ownership or uses of this informationmaterial change in the handling of such information, as well as any choices you may have regarding this information.
- What are my opt-out rights? If your app uses geolocation or taps into advertising services, check the appropriate branches linked above.
- You can stop all collection of information by the Application easily by uninstalling the Application. You may use the standard uninstall processes as may be available as part of your mobile device or via the mobile application marketplace or network. You can also request to opt-out via email, at email@example.com
- Data Retention Policy, Managing Your Information. We will retain User Provided data for as long as you use the Application and for a reasonable time and as long as we are required by law to retain such information thereafter, usually six years. We will retain Automatically Collected information for up to 24 months and thereafter may store it in aggregate. If you’d like us to delete User Provided Data that you have provided via the Application, please contact us at firstname.lastname@example.org and we will respond in a reasonable time. Please note that some or all of the User Provided Data may be required in order for the Application to function properly.
- Children. Your app has to comply with the Children’s Online Privacy Protection Act (COPPA). Developers should pay particular attention to COPPA when creating apps that contain cartoon characters or other features that may cause the app to be perceived as being directed towards children under 13. Consider including language in your Terms of Service that makes users represent they are of age. Application developers creating apps that might be governed under COPPA or similar laws are encouraged to obtain counsel to ensure that their data collection policies are in line with current law in the jurisdiction(s) where the app may be used.
- We do not use the Application to knowingly solicit data from or market to children under the age of 13. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us at email@example.com. We will respond within a reasonable period of time, possibly by deleting such information from our files within a reasonable time.
- Security. Application developers should ensure that their security procedures are reasonable, and should provide an overview of their security procedures below.
- We are concerned about safeguarding the confidentiality of your information. We provide physical, electronic, and procedural safeguards to protect information we process and maintain. For example, we limit access to this information to authorized employees and contractors who need to know that information in order toto operate, develop or improve our Application. Please be aware that, although we endeavor provide reasonable security for information we process and maintain, no security system can prevent all potential security breaches.
Changes to the Terms of this Notice
We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our web site.
- This notice is effective November 2016
- FreedomCare’s privacy officer is Benjamin Wolf, firstname.lastname@example.org, 718-989-9710.