Privacy Policy for Patients

PLEASE REVIEW THIS NOTICE CAREFULLY

Thank you for registering with us. At ABI FI Corp., it is our policy to protect your information. We know that we have a lot of information about you and want to be sure that we use it the right way and that it stays protected.

Collecting and using personal information

When you registered on our website, you provided us with some information about you. From your enrollment, we know your name, address, Medicaid number and more. When you activate your account on our website, much of the information that we collected from you will be used. Don’t worry – only you and ABI FI can see this information. Each member creates a unique username to access their account information through www.abifi.net - only you should use your user name and the password you choose to log into your account. Do not give this user name and password to others. ABI FI also maintains data that has been provided to us or uploaded to ABI FI by you. In some cases, we may request additional consent from you if we think that there is other information that will help you better coordinate your care through CDPAP or better personalize it towards your needs.

You will be able to update the information that you provide to us by logging in to your personal account at www.abifi.net. ABI FI will not sell, license, transmit or disclose this information outside of ABI FI unless (i) expressly authorized by you, (ii) necessary to enable our Business Associates to perform certain functions, or (iii) required or permitted by law. In all cases, we will disclose the information consistent with applicable laws and regulations and we will require the recipient to protect the information and use it only for the purpose it was provided. ABI FI takes HIPAA very seriously and provides appropriate safeguards to your personal health information – this includes your name, address, Medicaid number, e-mail address, telephone number and other data.

We will retain your information for as long as your account is active or as legally needed. We will retain and use your information as necessary to comply with our legal obligations and resolve disputes. For more information about our privacy practices please see our Privacy Policy below.

Security

ABI FI has adopted and adheres to stringent security standards designed to protect non-public personal information at www.abifi.net against accidental or unauthorized access or disclosure. Among the safeguards that ABI FI has developed for this site are administrative, physical and technical barriers that together form a protective firewall around the information stored at this site. We are committed to being HIPAA compliant and ensuring that our Business Associates meet the same standards. We regularly review our security policy and that of our Business Associates.

THIS NOTICE DESCRIBES HOW HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO YOUR PROTECTED HEALTH INFORMATION

OUR COMMITMENT TO YOUR PRIVACY

Our organization is dedicated to maintaining the privacy of your protected health information. In conducting our business, we will create records regarding you and the treatment and services provided to you. We are required by law to maintain the confidentiality of protected health information that identifies you. We are also required by law to provide you with this notice of our legal duties and privacy practices concerning your protected health information. By law, we must follow the terms of the notice of the privacy practices that we have in effect at the time.

To summarize, this notice provides you with the following important information:
  1. How we may use and disclose your protected health information

  2. Your privacy rights in your protected health information

  3. Our obligations concerning the use and disclosure of your identifiable health information

The terms of this notice apply to all records containing your protected health information that are created, received, maintained or transmitted by our practice. We reserve the right to revise or amend our notice of privacy practices. Any revision or amendment to this notice will be effective for all of your records our practice has created, received, maintained or transmitted in the past, and for any of your records we may create, receive, maintain, or transmit in the future.

Our organization will post a copy of our current notice in our offices in a prominent location, and you may request a copy of our most current notice during any office visit.

WE MAY USE AND DISCLOSE YOUR HEALTH INFORMATION IN THE FOLLOWING WAYS

The following categories describe the different ways in which we may disclose your protected health information.

1. Payment

Our organization may use and disclose your protected health information in order to bill and collect payment for the services and items you may receive from us. For example, we may contact your health insurer to certify that you are eligible for benefits (and for what range of benefits), and we may provide your insurer with details regarding your treatment to determine if your insurer will cover, or pay for, your treatment. We also may use and disclose your protected health information to obtain payment from third parties that may be responsible for such costs, such as family members. Also, we may use your protected health information to bill you directly for services and items.

2. Health Care Operations


Our organization may use and disclose your protected health information to operate our business and maintain our license and accreditation. As examples of the ways in which we may use and disclose your information for our operations, our organization may use your health information to evaluate the quality of care you received from us, or to conduct cost-management and business planning activities for our practice. Also, the Department of Health and accrediting bodies may access protected health information as needed. Additionally, in the event of an emergency or disaster situation, necessary medical information could be given to any governmental agency, supplemental provider agency, community volunteer service or any other provider of services.

3. Appointment Reminders


Our organization may use and disclose your protected health information to contact you and remind you of visits/deliveries.

4. Health-Related Benefits and Services

Our organization may use and disclose your protected health information to inform you of health-related benefits or services that may be of interest to you.

5. Release of Information to Family and Friends


When appropriate our organization may release your protected health information to a friend or family member that is helping you pay for your health care, or who assists in taking care of you.

6. Disclosure Required By Law


Our organization will use and disclose your protected health information when we are required to do so by federal, state or local law.

USE AND DISCLOSURE OF YOUR PROTECTED HEALTH INFORMATION IN CERTAIN SPECIAL CIRCUMSTANCES

The following categories describe unique scenarios in which we may use or disclose your protected health information:

1. Public Health Risks


Our organization may disclose your protected health information to public health authorities that are authorized by law to collect information for the purpose of:

  1. Maintaining vital records such as births and deaths

  2. Reporting child abuse or neglect

  3. Preventing or controlling disease, injury or disability

  4. Notifying a person regarding potential exposure to a communicable disease

  5. Notifying a person regarding a potential risk for spreading or contracting a disease or condition

  6. Reporting reactions to drugs or problems with products or devices

  7. Notifying individuals if a product or device they may be using has been recalled

  8. Notifying appropriate government agency(ies) and authority(ies) regarding the potential abuse or neglect of an adult patient (including domestic violence); however, we will only disclose this information if the patient agrees or we are required or authorized to do so by law to disclose this information

  9. Notifying your employer under limited circumstances related primarily to workplace injury or illness or medical surveillance.

2. Health Oversight Activities

Our organization may disclose your protected health information to a health oversight agency for activities authorized by law. Over sight activities can include, for example, investigations, inspections, audits, surveys, licensure and disciplinary actions; civil, administrative, and criminal procedures or actions; or other activities necessary for the government to monitor government programs, compliance with civil rights laws and the health care system in general.

3. Lawsuits and Similar Proceedings


Our organization may use and disclose your protected health information in response to a court or administrative order, if you are involved in a lawsuit or similar proceeding. We may also disclose your protected health information in response to a discovery request, subpoena, or other lawful process by another party involved in the dispute, but only if we have made an effort to inform you of the request or to obtain an order protecting the information the party has requested.

4. Law Enforcement


We may release protected health information is asked to do so by a law enforcement official:

  1. Regarding a crime victim in certain situations, if we are unable to obtain the person’s agreement

  2. Concerning a death we believe might have resulted from a criminal conduct

  3. Regarding criminal conduct in our offices

  4. In response to a warrant, summons, court order, subpoena or similar legal process

  5. To identify / locate a suspect, material witness, fugitive or missing person

  6. In an emergency, to report a crime (including the location of victim(s) of the crime, or the description, identity or location of the perpetrator)

5. Serious Threats to Health or Safety



Our organization may use and disclose your protected health information when necessary to reduce or prevent a serious threat to your health and safety or the health and safety of another individual or the public. Under these circumstances, we will only make disclosures to a person or organization able to prevent the threat.

6. Military and Veterans



Our organization may disclose your protected health information if you are a member of the U.S. or foreign military forces and if required by the appropriate military command authorities.

7. National Security



Our organization may use and disclose your protected health information to federal officials for intelligence and national security activities authorized by law. We also may disclose your protected health information to federal officials in order to protect the President, other officials or foreign heads of state, or to conduct investigations.

8. Workers’ Compensation


Our organization may release your protected health information for workers’ compensation and similar programs.

9. Business Associates


We may disclose protected health information to our business associates that perform functions on our behalf or provide us with services if the protected health information is necessary for such functions or services. For example, we may use another company to perform billing services on our behalf. All of our business associates are obligated to protect the privacy of your information and are not allowed to use or disclose any information other than as specified in our contract.

10. Organ and Tissue Donation



We may disclose protected health information if you are an organ donor, we may use or release protected health information to organizations that handle organ procurement or other entities engaged in procurement, banking or transportation of organs, eyes or tissues to facilitate organ, eye or tissue donation and transplantation.

11. Data Breach Notification Purposes

We may use or disclose your protected health information to provide legally required notices of unauthorized access to or disclosure of your health information.

12. Coroners, Medical Examiners and Funeral Directors



We may release protected health information to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We also may release protected health information to funeral directors as necessary for their duties.

YOUR WRITTEN AUTHORIZATION IS REQUIRED FOR OTHER USES AND DISCLOSURES


The following uses and disclosures of your protected health information will be made only with your written authorization:

  1. Uses and disclosures of protected health information for marketing purposes;
  2. Most sharing of psychotherapy notes; and
  3. Disclosures that constitute a sale of your protected health information
Other uses and disclosures of protected health information not covered by this Notice or the laws that apply to us will be made only with your written authorization. If you do give us an authorization, you may revoke it at any time by submitting a written revocation to our Privacy Officer and we will no longer disclose protected health information under the authorization. Disclosure that we made in reliance on your authorization before you revoked it will not be affected by the revocation.

USES AND DISCLOSURES THAT REQUIRE US TO GIVE YOU AN OPPORTUNITY TO OBJECT AND OPT OUT

1. Individuals Involved in Your Care or Payment for Your Care


Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your protected health information that directly relates to that person’s involvement in your health care. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment.

2. Disaster Relief


We may disclose your protected health information to disaster relief organizations that seek your protected health information to coordinate your care, or notify family and friends of your location or condition in a disaster. We will provide you with an opportunity to agree or object to such a disclosure whenever we practically can do so. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment.

3. Include Your Information in a Hospital Directory


If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment.

4. Fundraising

We may use your protected health information to contact you for fundraising efforts, but you may request that we not to contact you again.

YOUR RIGHTS REGARDING YOUR PROTECTED HEALTH INFORMATION

You have the following rights regarding the protected health information that we maintain about you:

1. Confidential Communications


You have the right to request that our organization communicate with you about your health and related issues in a particular manner or at a certain location. For instance, you may ask that we contact you at home, rather than at work. In order to request a type of confidential communication, you must make a written request to our Privacy Officer, specifying the requested method of contact, or the location where you wish to be contacted. Our organization will accommodate reasonable requests. You do not need to give a reason for your request.

2. Requesting Restrictions


You have the right to request a restriction in our use or disclosure of your protected health information for treatment, payment or health care operations. Additionally, you have the right to request that we limit our disclosure of your protected health information to individuals involved in your care or the payment for your care, such as family members and friends. In order to request a restriction in our use or disclosure of your protected health information, you must make your request in writing to the Privacy Officer. Your request must describe in a clear and concise fashion: (i) the information you wish restricted; (ii) whether you are requesting to limit our practice’s use, disclosure or both; and (iii) to whom you want the limits to apply. We are not required to agree to your request unless you are asking us to restrict the use and disclosure of your protected health information to a health plan for payment or health care operation purposes and such information you wish to restrict pertains solely to a health care item or service for which you have paid us “out-of-pocket” in full. If we agree, we are bound by our agreement except when otherwise required by law, in emergencies, or when the information is necessary to treat you.

3. Inspection and Copies


You have the right to inspect and obtain a copy of the protected health information that may be used to make decisions about you, including patient medical records and billing records, other than psychotherapy notes. You must submit your request in writing to our Privacy Officer, in order to inspect and/or obtain a copy of your protected health information. We will provide a copy or a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee associated with your request. We may not charge you a fee if you need the information for a claim for benefits under the Social Security Act or any other state of federal needs-based benefit program. Our practice may deny your request to inspect and/or copy in certain limited circumstances; however, you may request a review of our denial. Another licensed health care professional chosen by us will conduct reviews.

4. Right to an Electronic Copy of Electronic Medical Records


If your protected health information is maintained in an electronic format (known as an electronic medical record or an electronic health record), you have the right to request that an electronic copy of your record be given to you or transmitted to another individual or entity. We will make every effort to provide access to your protected health information in the form or format you request, if it is readily producible in such form or format. If the protected health information is not readily producible in the form or format you request your record will be provided in either our standard electronic format or if you do not want this form or format, a readable hard copy form. We may charge you a reasonable, cost-based fee for the labor associated with transmitting the electronic medical record.

5. Amendment


You may ask us to amend your health information if you believe it is incorrect or incomplete, and you may request an amendment for as long as the information is kept by or for our organization. To request an amendment, your request must be made in writing and submitted to our Privacy Officer. You must provide us with a reason that supports your request for amendment. Our organization will deny your request if you fail to submit your request (and the reason supporting your request) in writing. Also, we may deny your request if you ask us to amend information that is: (i) accurate and complete; (ii) not part of the protected health information kept by or for the organization; (iii) not part of the protected health information which you would be permitted to inspect and copy; or (iv) not created by our organization, unless the individual or entity that created the information is not available to amend the information. You will receive notification of the denial within 60 days of the request. You may appeal, in writing, a decision by us not to amend a record.

6. Right to Get Notice of a Breach


You have the right to be notified promptly upon a breach of any of your unsecured protected health information.

7. Accounting of Disclosures


All of our patients have the right to request an “accounting of disclosures.” An “accounting of disclosures” is a list of the disclosures we made of health information about you, other than for treatment, payment, health operations, and certain other disclosures (such as where you specifically authorized a disclosure). In order to obtain an accounting of disclosures, you must submit your request in writing to our Privacy Officer. All requests for an “accounting of disclosures” must state a time period which may be no longer than six years prior to the date you request an accounting of disclosures. You may request to receive the list in paper or electronic form. The first list you request within a 12-month period will be free. Additional lists will be charged a reasonable, cost-based fee. We will inform you of the cost before it is incurred and you may withdraw your request before you incur any costs.

8. Right to Request Restrictions

You have the right to request a restriction or limitation on the protected health information we use or disclose for treatment, payment, or health care operations. You also have the right to request a limit on the protected health information we disclose to someone involved in your care or the payment for your care, like a family member or friend. For example, you could ask that we not share information about a particular diagnosis or treatment with your spouse. To request a restriction, you must make your request, in writing, to our Privacy Officer. We are not required to agree to your request unless you are asking us to restrict the use and disclosure of your protected health information to a health plan for payment or health care operation purposes and such information you wish to restrict pertains solely to a health care item or service for which you have paid us “out-of-pocket” in full. If we agree, we will comply with your request unless the information is needed to provide you with emergency treatment.

9. Right to Request Confidential Communications


You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you can ask that we only contact you by mail or at work. To request confidential communications, you must make your request, in writing, to our Privacy Officer. Your request must specify how or where you wish to be contacted. We will accommodate reasonable requests.

10. The right to authorize someone to act on your behalf


If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information. We will verify the person has this authority and can act for you before we take any action.


11. Right to a Paper Copy of This Notice


You are entitled to receive a paper copy of our notice of privacy practices. You may ask us to give you a copy of this notice at any time. To obtain a paper copy of this notice, contact the Privacy Officer at (718) 661-3303.

12. Right to File a Complaint


If you believe your privacy rights have been violated, you may file a complaint with our organization or with the Secretary of the Department of Health and Human Services. To file a complaint with our organization, contact our Privacy Officer. All complaints must be submitted in writing. You will not be penalized for filing a complaint.

13. Right to provide an Authorization for Other Uses and Disclosures


Our organization will obtain your written authorization for uses and disclosures that are not identified by this notice or permitted by applicable law. Any authorization you provide to us regarding the use and disclosure of your protected health information may be revoked at any time in writing. After you revoke your authorization, we will no longer use or disclose your protected health information for the reasons described in the authorization. Please note, we are required to retain records of your care.

CHANGES TO THIS NOTICE


We reserve the right to change this notice and make the new notice apply to protected health information we already have as well as any information we receive in the future. We encourage you to periodically reread this policy to see if there are any changes that may affect you. A user is bound by any changes to the Privacy Policy when he or she uses the site or services after such changes have been first posted. This statement is not intended to and does not create any contractual or other legal rights in or on behalf of any party.

IF YOU HAVE QUESTIONS ABOUT THIS NOTICE, PLEASE CONTACT:
HIPPA Privacy Officer
ABI FI Corp.
41-60 Main Street, Suite 305
Flushing, NY 11355
(718) 762-0600
info@abifi.net