Effective Date: May 7, 2024
This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
Please review it carefully.
Introduction
Your privacy is important to us at Core Health Strategies LLC. We are committed to the care and improvement of human life, which includes protecting Personal Information (defined below). We are dedicated to maintaining confidentiality and complying with regulatory requirements by – among other things – limiting access to only those users with a legitimate need to view it and regularly educating employees on information protection.
This privacy policy (“Privacy Policy”) covers our online privacy practices with respect to the use and/or disclosure of information we may collect from you when you access or use our website (“Website”), portals, and any other websites or applications we may provide that link to this Privacy Policy (collectively, our “Services”). This Privacy Policy does not apply to information collected through other means, such as by telephone or in person. Please review our privacy practices and contact us at chs.neindiana@gmail.com if you have questions.
Information Collected through the Website
Our Website may include pages that give you the opportunity to provide us with Personal Information about yourself. As used in this Privacy Policy, “Personal Information” means any information that may be used, either alone or in combination with other information, to personally identify an individual.
We collect certain information, including Personal Information, from and about our Website users in three ways:
- Directly from you
- Directly from our web server logs
- With cookies
Information Provided by You
We and our service providers collect Personal Information through online forms to provide certain features of the Services to you. For example, if applying for a job through the Website, we may request you fill out a form with information such as your name, e-mail address, phone number, and work experience. If you do not provide the required information, we may not be able to provide you with related features and services.
In some cases, you may have the opportunity to enter any content that you choose into our secure forms. You are responsible for such content.
Web Server Logs
When you access or use our Services, we may track information to administer our Services and analyze its usage. Examples of information we may track include:
- Your Internet protocol address
- The kind of browser or computer you use
- Number of links you click within our Services
- State or country from which you accessed our Services
- Date and time of your visit
- Name of your Internet service provider
- Third-party websites you linked to from our Services
- Pages or information you viewed on our Services
We use this information to analyze trends, administer and improve our Services, and monitor traffic and usage patterns for information security purposes and to help make our Services more useful.
Cookies and Web Beacons
A “cookie” is a small text file that may be transferred to your computer’s hard drive to personalize our services for you and to collect aggregate information regarding the usage of our Services by all of our users. Each computer is assigned a different cookie that contains a random, unique number. Our Services use two different types of cookies:
- “Session” cookie: Required to track a user session, which expires shortly after the session ends.
- “Persistent” cookie: Used to track unique visits to our Services, how the user arrived at the site, and the type of user (patient, provider, etc.). This cookie can persist anywhere from six months to two years.
Your browser software can be set to warn you of cookies or reject all cookies. Most browsers offer instructions on how to reset the browser to reject cookies in the “Help” section of the toolbar. If you reject our cookies, this may disable some functionality of our Services, and you may not be able to use certain services.
Cookies cannot be used to run programs or deliver viruses to your computer. One of the primary purposes of cookies is to provide a convenience feature to save you time. For example, if you personalize a web page, or navigate within a website, a cookie helps the website recall your information on subsequent visits. This simplifies the process of delivering relevant content and eases website navigation by providing and saving your preferences and login information, as well as providing personalized functionality.
We use Google Analytics on our Site to help us analyze traffic. For more information on Google Analytics processing of Personal Information, please see http://www.google.com/policies/privacy/partners/. By using a browser plugin provided by Google, you can opt out of Google Analytics.
Some features on our Services (such as social media widgets that allow you to share content) may use cookies or other methods to gather information regarding your use of the Services and may combine the information in these cookies with any Personal Information about you that they may have. The use of such information by a third party depends on the privacy policy of that third party.
A “web beacon,” “clear GIF,” “web bug,” or “pixel tag” is a tiny graphic file with a unique identifier that functions similarly to a cookie. It allows us to count users who have visited certain pages or screens and to help determine the effectiveness of promotional or advertising campaigns. When used in HTML-formatted email messages, web beacons can tell the sender whether and when the email has been opened. Unlike cookies, web beacons are typically embedded invisibly on pages or screens.
We reserve the right to share aggregated site statistics monitored by cookies and web beacons with our affiliates and partner companies. We treat the information of everyone who comes to our Services in accordance with this Privacy Policy, regardless of their Do Not Track setting.
Geolocation Data
We do not collect precise information (e.g., GPS data; latitude and longitude) concerning the location from which you access the Services, but we collect information on your region or postal code to help us gather information useful for improving the relevance of our content and securing our Services.
Third-Party Advertising
We may allow third-party advertising companies to serve ads when you access or use our Services. These companies use non-personally identifiable information regarding your access and use of our Services and other websites, such as the user IP address, pages viewed, date and time of your visit, and number of times you have viewed an ad. In the course of serving advertisements to our Services, our third-party advertiser may place or recognize a unique cookie on your browser. We may also use clear GIFs or pixel tags to help manage our online advertising.
Information Collected through the Portal
As a service to its customers, we may also provide Portals to offer some customers secure, private access to their own records at our facilities. These Portals provide access to internet-based services such as finding a doctor, scheduling appointments, registering for classes, pre-registering for procedures, making payments for medical services rendered, accessing health and patient education materials, and secure messaging.
When you seek to access medical records on the Portal, we need to confirm your identity. Therefore, we may ask for information such as your name, email or physical address, date of birth, and answers to “secret questions.” This information helps administer your account and ensures you are eligible to use the Portal in accordance with the Terms.
The Purposes for Which We Use Personal Information
If you submit or we collect Personal Information through our Services, then such Personal Information may be used in the following ways:
- To provide, analyze, administer, and improve our Services
- To contact you in connection with our Services and appointments, events, or offerings that you may have registered for
- To identify and authenticate your access to parts of our Portal or other password-protected Services that you are authorized to access
- To send you surveys
- For recruiting and human resources administration purposes
- To protect our rights or property and to ensure the technical functionality and security of our Services
- As required to meet our legal and regulatory obligations
How We Disclose Personal Information
We do not sell, lease, rent or otherwise disclose the Personal Information collected from our Site to third parties unless otherwise stated below or with your consent.
Our Third-Party Providers
We may transfer Personal Information to third-party service providers to perform tasks on our behalf and to assist us in providing our Services. For example, we may use third-party service providers for security, website analytics, and payment processing. We use commercially reasonable efforts to only engage or interact with third-party service providers and partners that post a privacy policy governing their processing of Personal Information, requiring our service providers to maintain confidentiality and comply with applicable laws in processing Personal Information
Website Developer
We may share your Personal Information with our website developer for the purpose of improving our website or addressing any issues. This sharing is done under strict confidentiality agreements to ensure the protection of your information.
In the Event of Merger, Sale, or Change of Control
We may transfer or assign Personal Information to a third-party entity that acquires or is merged with us as part of a merger, acquisition, sale, or other change of control.
Other Disclosures
We may disclose Personal Information about you if we have a good-faith belief that disclosure of such information is helpful or reasonably necessary to:
- Comply with any applicable law, regulation, legal process, or governmental request
- Enforce our terms of use, including investigations of potential violation
- Detect, prevent, or otherwise address fraud or security issues
- Protect against harm to our or third parties’ rights, property, or safety
In addition to the uses and disclosures of information outlined above, if you use the Portal, your information may also be used and disclosed as follows:
Authorized Representatives
If another individual is managing your account on your behalf (for example, a parent managing the account of a child), as authorized by you or as a personal representative under applicable law, that person can view all Personal Information about you in the Portal.
Healthcare Providers
Your healthcare providers may have access to Personal Information for administrative and healthcare services. We may also use Personal Information to respond to and fulfill your orders and requests.
Partners
We may share Personal Information with marketing, treatment, or healthcare operations support partners, who are required to protect the confidentiality of your information. This will enable them to send you targeted messages or serve you targeted advertising, in compliance with HIPAA and other applicable laws.
Information Security
No website can guarantee security, but we maintain appropriate physical, electronic, and procedural safeguards to protect your personal information collected via our Services in compliance with applicable law. Please see the Terms of Use available on our Website homepage for more specific information about information security and your responsibilities.
What Can I Do to Protect My Privacy?
Where you use a Portal or other secured service with a username and password, you are responsible for taking steps to protect the privacy of your Personal Information.
- Never share your username or password.
- Always sign out when you finish using the Portal.
- Use only secure web browsers.
- Employ common anti-virus and anti-malware tools on your system.
- Use a strong password with a combination of letters and numbers.
- Change your password regularly.
- Notify us immediately if you feel your login and/or password has been compromised at chs.neindiana@gmail.com.
Please note that if you share your Portal username and password with another person, this will allow that person to see your confidential medical record information. We have no responsibility concerning any breach of your confidential medical record information due to your sharing or losing your username or password.
Retention of Information
We will retain Personal Information for the period necessary to fulfill the purposes for which it has been collected, as described in this Privacy Policy, unless a longer retention period is required by law (e.g., laws mandating retention of medical records for a certain period).
Where practical, we dispose of certain categories of information, including Personal Information, on a regular schedule. For example, we dispose of web server logs after 90 days, information submitted through secure forms after 6 months, access and activity logs relating to the Portal after 1 year, and information collected for Website analytics purposes after 2 years.
Third-Party Websites and Payments
If you use the Portal to link to another third-party website, please be aware that in contacting that third-party website, or in providing information on that website, that third party may obtain personal information about you. This Privacy Policy does not apply when you leave the Portal and go to a third-party website. We encourage you to be aware when you leave the Portal and to read the privacy statements of each website that collects personally identifiable information.
Any payments you make for services found on the Portal (such as enrolling in a class) are made exclusively through an affiliated third-party website with a separate privacy policy. We are not responsible for any fees, charges, or actions provided by such a third-party website.
User Communications
Emails sent via the email links on our Services may be shared with a customer service representative, employee, medical expert, or agent able to address your inquiry. We make every effort to respond in a timely fashion once communications are received. Once we have responded to your communication, it is discarded or archived, depending on the nature of the inquiry.
The email functionality on our Services does not provide a completely secure and confidential means of communication. Your email communication may be accessed or viewed by another Internet user while in transit to us. If you wish to keep your communication private, do not use our email.
Your Rights
Personal Information
If you are a Portal user, you may access and amend personal demographic information when logged into the Portal. If you would like to access, amend, erase, export, or object to or restrict the processing of other Personal Information collected via our Services, you may submit a request to chs.neindiana@gmail.com or write to us at:
Core Health Strategies LLC
132 E. Collins Rd., Building 4
Fort Wayne, IN 46825
We will promptly review all such requests in accordance with applicable laws.
Depending on where you live, you may have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning Personal Information about you. We encourage you to first reach out to us at chs.neindiana@gmail.com so we have an opportunity to address your concerns directly before you do so.
Communications Opt-Out
We may send certain messages, including electronic newsletters, notification of account statuses, and marketing communications on a periodic basis. If you wish to be removed from such messages, you may request to discontinue future messages. All such materials will have information on how to opt-out of receiving them, although certain messages (such as a secure message sent by a doctor or an account status update via the Portal) may be required and will not have opt-out capabilities.
Your California Privacy Rights
Under California Law, California residents have the right to request in writing from businesses with whom they have an established business relationship:
– A list of the categories of personal information, such as name, email, and mailing address and the type of services provided to the customer, that a business has disclosed to third parties (including affiliates that are separate legal entities) during the immediately preceding calendar year for the third parties’ direct marketing purposes
– The names and addresses of all such third parties
To request the above information, please contact us at chs.neindiana@gmail.com with a reference to California Disclosure Information. We will endeavor to respond to such requests to information access within 30 days following receipt at the email address stated above. If we receive your request at a different email address, we will respond within a reasonable period, but not to exceed 150 days from the date received. Please note that we are only required to respond to each customer once per calendar year.
HIPAA Policies
If you are one of our patients, your personal information in our possession is protected health information (“PHI”) protected by the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”), and the applicable provisions of the Health Information echnology for Economic and Clinical Health (HITECH) Act. In addition to this Privacy Policy, the HIPAA Notices of Privacy Practices of those Provider facilities apply to your PHI.
In collecting Personal Information, our Services may also collect PHI. Just as we strive to protect Personal Information, we are committed to protecting your PHI. If there is a breach of your PHI, we are required by law to notify you. Your PHI will remain confidential and will only be disclosed to you, your personal representative, or otherwise as required by state or federal law. Unless otherwise required by law, we will obtain your written authorization before using or disclosing your PHI. This protection extends to PHI that is oral, written, or electronic.
Children’s Privacy
We will never ask for or knowingly collect Personal Information from children through the Services or Portal. If you are a child, you are not permitted to use the Portal and should immediately exit our Portal or get an adult. Parents of unemancipated minors may set up accounts for themselves to access their children’s medical records only as permitted according to the Terms governing the Portal. If you think that we have collected personal information from a child through this Portal, please contact us at chs.neindiana@gmail.com and we will dispose of the information as required by applicable law.
Policy Changes
We reserve the right to change the terms of this Privacy Policy at any time by posting changes in revisions to this Privacy Policy, so you are always aware of our processes related to the collection, use, and disclosure of information. We urge you to check here for any updates to this Privacy Policy from time to time. Unless otherwise indicated, any changes to this Privacy Policy will apply immediately upon posting to the Website.
What if I have questions or concerns regarding this Privacy Policy?
If you have any questions or concerns about this Privacy Policy or the information practices of our Services, please contact us at chs.neindiana@gmail.com.
You may also contact us at:
Core Health Strategies LLC
132 E. Collins Rd., Building 4
Fort Wayne, IN 46825
OUR COMMITMENT TO YOU
We understand that medical information about you and your health is personal. We are committed to protecting the medical information about you. We create a record of care and services you receive in our office. We need this record to provide you with quality care and to comply with certain legal requirements. This notice applies to all of the records of your care generated by our practice, whether made by practice staff or your personal doctor. If you are admitted to a hospital under our service, that hospital may have different policies or notices regarding their use and disclosure of your medical information created while you are a patient in their facility.
This notice will tell you about the ways in which we may use and disclose medical information about you. It also describes your rights and certain obligations we have regarding the use and disclosure of medical information.
The Law requires us to
- Make sure that medical information that identifies you is kept private.
- Give you this notice of our legal duties and privacy practices with respect to medical information about you.
- Follow the terms of the notice that is currently in effect.
WE USE AND DISCLOSE MEDICAL INFORMATION ABOUT YOU:
For Treatment:
We provide medical information about you to doctors, nurses, technicians, medical students, or other office or hospital personnel involved in your care. We may also disclose medical information about you to people outside our office or the hospital who may be involved in your medical care, such as other physicians, family members, clergy, or others providing services as part of your care.
For Payment:
We may discuss your medical information with your health insurer to verify your eligibility for benefits, obtain prior authorization, and to bill and receive payment for the treatment and services you receive from us. We may discuss payment history and visit dates with our collection agency if accounts are transferred to them.
For Health Care Operations:
We may use and disclose medical information about you for various practice functions, such as reviewing the quality of care delivered, education, and planning.
Appointment Reminders and Follow-up:
We may use and disclose medical information to contact you as a reminder that you have an appointment with us. We may also use the information to contact you following a procedure to verify your recovery. If we try to contact you by phone and you are not available, we may leave a message with a family member, on email, or on your answering machine. We may try to contact you at your work number if needed.
Business Associates:
We may provide your medical information to outside parties so they can perform certain functions or services on our behalf. Each Business Associate must sign a contract with us before we send them any information. That contract requires them to protect the confidentiality of your medical information.
Treatment Alternatives:
We may use and disclose medical information to tell you about or recommend possible treatment options or alternatives that may be of interest to you.
Health-Related Benefits and Services:
We may use and disclose medical information to tell you about health-related benefits or services that may be of interest to you.
As Required By Law:
We will disclose medical information about you when required to do so by federal, state, or local law.
To Avert a Serious Threat to Health or Safety:
We may use and disclose medical information about you when necessary to prevent a serious threat to your health and safety or that of another person or the public.
Military and Veterans:
If you are a member of the armed forces, we may release medical information about you as required by military command authorities.
Workers’ Compensation:
We may release medical information about you for workers’ compensation or similar programs.
Public Health Risks:
We may disclose medical information about you for public health activities. These activities may include the prevention or control of disease, reporting births and deaths, reporting child abuse or neglect, notifying people of recalls, and reporting reactions to medications.
Health Oversight Activities:
We may disclose medical information to health oversight agencies for activities authorized by law. These activities are necessary for the government to monitor the health care system, government programs, and compliance with civil rights laws.
Judicial Proceedings:
We may disclose medical information about you in response to a court or administrative order. We may also disclose medical information about you in response to a subpoena, discovery request, or other lawful process by someone else, after reasonable efforts to notify you or to obtain a protective order
Law Enforcement:
We may release medical information if asked to do so by a law enforcement official, to identify or locate a suspect, witness, or missing person, or victims of crime (with your consent in some circumstances), to report deaths from criminal conduct, crimes on the premises, or, in emergencies, to report a crime.
YOU HAVE THE FOLLOWING RIGHTS REGARDING MEDICAL INFORMATION ABOUT YOU:
Right to Inspect and Copy:
You have the right to inspect and copy medical information that may be used to make decisions about your care. To inspect and copy medical information that may be used to make decisions about you, you must submit your request in writing to our Privacy Officer. If you request a copy of the information, we may charge a fee for the costs of copying, mailing, or other supplies associated with your request. We may deny your request to inspect and copy in certain limited circumstances. If you are denied access to medical information, you may request that the denial be reviewed. Another licensed health care professional chosen by the Practice will review your request and denial. We will comply with the outcome of the review.
Right to Amend:
If you feel that medical information we have about you is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept by or for the practice. You should contact us at (970) 216-9398 to discuss this process.
Right to an Accounting of Disclosures:
You have the right to request an “accounting of disclosures.” This is a list of the disclosures we made of medical information about you. You should contact us at (970) 216-9398 to discuss this process.
Right to Request Restrictions:
You have the right to request a restriction or limitation on the medical information we use or disclose about you for treatment, payment, or healthcare operations. You also have the right to request we limit the medical information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. We are not required to agree to your request. If we do agree, we will comply with your request unless the information is needed to provide emergency treatment. You must make your request in writing to our Privacy Officer.
Right to Request Confidential Communications:
You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you can ask that we only contact you at work or by mail. You must make your request in writing to our Privacy Officer.
Right to a Paper Copy of This Notice:
You have a right to a paper copy of this notice. You may ask us to give you a copy of this notice at any time. To obtain a paper copy of this notice, ask for it at the front desk.
CHANGES TO THIS NOTICE
We reserve the right to change this notice. We reserve the right to make the revised or changed notice effective for medical information we already have about you as well as any information we receive in the future. We will post a copy of the current notice in the office. The notice will contain, on the first page in the top right-hand corner, the effective date.
COMPLAINTS
If you believe your privacy rights have been violated, you may file a complaint with the Practice or with the Secretary of the Department of Health and Human Services. To file a complaint with the Practice, contact the Privacy Officer at (970) 216-9398. You will not be penalized for filing a complaint.
OTHER USES OF MEDICAL INFORMATION
Other uses and disclosures of medical information not covered by this notice or the laws that apply to us will be made only with your written permission. If you provide us permission to use or disclose medical information about you, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose medical information about you for the reason covered by your written authorization. You understand that we are unable to take back any disclosures we have already made with your permission and that we are required to retain our records of the care that we provided to you.
Contact Information
If you have any questions or concerns about this Privacy Policy, please contact:
Michael Anders, HIPAA Compliance Officer
Core Health Strategies LLC
132 E. Collins Rd., Building 4
Fort Wayne, IN 46825
Email: chs.neindiana@gmail.com
Phone: (970) 216-9398