Dated as of February 4, 2015
Clear Skin Concierge Medical Group Inc. (referred to as "Clear Skin Concierge") is dedicated to providing you with quality health care and to building a relationship based upon confidence, transparency and trust. This Policy describes how health information about you may be used and disclosed — Whether or not you are registered as a patient of our healthcare services — and how you can get access to this information. This Policy takes effect February 4, 2015, and will remain in effect until we replace it. Please review it carefully. The privacy of your health information is critically important to us.
We are required by applicable federal and state law to maintain the privacy of your health information. We are also required to give you this Policy about our privacy practices, our legal duties and your rights concerning your health information.
"Personal Health Information" describes protected health information that may be used to identify you and that relates to your health or medical condition, the provision of health care to you, or your payment for any such care. We do not collect any personal health information about you unless you voluntarily provide it to us.
We carefully limit access to this information to only those employees and authorized agents of Clear Skin Concierge who require this information to provide you quality and safe telemedical care. We may use and disclose health information about you to facilitate your treatment by a physician or other healthcare practitioner, to obtain payment for services we provide you, and to conduct our healthcare operations (which include, but are not limited to, quality assessment and improvement activities, reviewing the competence or qualifications of healthcare professionals, evaluating practitioner and provider performance, conducting training programs, accreditation, certification, licensing or credentialing activities). Employees, agents, and contractors are trained in our privacy policies in order to assist in operating our business. Any who fail to follow our strict guidelines and protocols for safeguarding your personal health information are subject to disciplinary action, including termination. We also disclose certain non-health personal information to other third party sites to deliver specific services. For example, we must release your credit card information to the card-issuing bank to confirm payment for products and services purchased on this site; release your address information to the delivery service to deliver products that you ordered; and provide order information to third parties that help us provide customer service.
We only communicate personal health information to your personal or business email addresses with your permission. Electronic health records are stored in a secure, encrypted fashion. We comply fully with the privacy provisions of the federal Health Insurance Portability and Accountability Act (HIPAA).
Your Discretionary Authorizations. In addition to our use of your health information for treatment, payment or healthcare operations, you may give us written authorization to use your health information or to disclose it to anyone for any purpose. If you give us an authorization, you may revoke it in writing at any time. Your revocation will not affect any use or disclosures permitted by your authorization while it is in effect. Unless you give us a written authorization, we cannot use or disclose your health information for any reason except those described in this Policy.
Your Un-Encrypted E-mail Authorization. In consideration of the unique services that we provide, Clear Skin Concierge requires you to waive your right to the use of secure and encrypted e-mail in the transmission of your protected health information between you and your provider.
THEREFORE, BY USING OUR SERVICE, YOU EXPRESSLY AUTHORIZE CLEAR SKIN CONCIERGE TO COMMUNICATE WITH YOU VIA UNSECURED E-MAIL TO YOUR PERSONAL E-MAIL ACCOUNT REGARDING YOUR MEDICAL TREATMENT, WHICH E-MAILS WILL LIKELY INCLUDE PROTECTED HEALTH INFORMATION.
The potential benefits of this medium include convenient and immediate access to important communications from your provider. However, there are inherent security and privacy risks associated with this medium of communication. These risks include, but are not limited to, the unauthorized intrusion and interception of sensitive and private details regarding your personal and financial information, health history or medical condition. You must fully understand, consider, and accept those risks in order to use the services rendered by Clear Skin Concierge. Please contact us immediately should you have any questions or concerns about this policy.
Your Voluntary Disclosures. When you voluntarily disclose any personally identifiable and/or protected health information by contacting us via an unsecured communication medium, you thereby waive the protections afforded you under state and federal law associated with that communication, along with any information disclosed in your communication.
To Your Family and Friends. We must disclose your health information to you, as described in the Patient Rights section of this Policy. You have the right to request restrictions on disclosure to family members, other relatives, close personal friends, or any other person identified by you.
Required by Law. We may use or disclose your health information to a third party when we are required to do so by law. Examples of legally required disclosures include compliance with a regulation, statute, medical release, search warrant, subpoena or court order. In such an event, and unless prohibited by law, we will attempt to notify you. For the avoidance of doubt, we may disclose personal health information: (i) in the event of an imminent threat to the health or safety of you or others, a threat to national security, or a threat to our system or network; (ii) if we reasonably believe it is necessary to investigate or prevent harm, fraud, abuse, or illegal conduct; (iii) under certain circumstances to correctional institutions or law enforcement officials having lawful custody of protected health information of inmates or patients; or (iv) under certain circumstances to military authorities the health information of Armed Forces personnel.
Other Circumstances. We may share the information with your primary care physician or a specialist for purposes of further treatment; use it within our organization to assess outcomes, improve quality, and decrease risks of our services; notify, or assist in the notification of, your family member, personal representative, or anyone responsible for your care, of your location, general condition, or death if necessary or requested by you; notify emergency medical services or 911 of your location and condition if the circumstances warrant an immediate emergency intervention; or make disclosures to your health insurer or health plan in connection with the processing and payment of claims and other charges. In the event of your incapacity or emergency circumstances, we will disclose health information based on a determination using our professional judgment disclosing only health information that is directly relevant to the person's involvement in your healthcare. We will also use our professional judgment and our experience with common practice to make reasonable inferences of your best interest in allowing a person to access information about prescriptions, medical supplies, or other similar forms of health information.
Marketing Health-Related Services. We will not use your protected health information for marketing communications without your written authorization. However, we may share aggregated, non-personal information in a form that does not identify you, for example statistics on groups of patients such as patient ages, demographics. We may also share your information in such a form with partners in order to plan, market, and deliver new services and tools that can improve our offerings.
Account Activity Tracking. Clear Skin Concierge's personal account system can track the activity of each user of the system and can generate an audit trail of activity. Every time a user accesses his or her personal account, the user's identity is recorded along with a record of the information that was viewed or entered.
Data security. Clear Skin Concierge software and member health records are stored on secure servers. All data is encrypted during storage and transmission. Data, photographs and messages you send in Clear Skin Concierge's secure website are incorporated in your personal health record. Once it is made part of your record, it will be accessible to current and future Clear Skin Concierge staff members who are appropriately involved with your care. If your Clear Skin Concierge physician is unavailable to respond, messages sent may be forwarded to other authorized providers within Clear Skin Concierge in order to facilitate a timely response to your request or question.
Reminders and Surveys. We may contact you to provide you with service reminders via e-mail, telephone, voicemail, postcards, or letters. We may also contact you when we conduct patient surveys. We may analyze information submitted as part of descriptive studies and reports, but in these events, we will remove all personally identifying information.
Non-Personally Identifiable Information. Even if you do not register with or provide any personal information to Clear Skin Concierge, we collect non-personal information about your use of the Clear Skin Concierge web site. "Non-personal information" describes information that does not by itself identify a specific individual. We may also acquire non-personal information about our users from external sources. This information is compiled and analyzed on both an individual and an aggregated basis. This information may include, for example, the Web site's Uniform Resource Locator ("URL") that you just came from, which URL you go to next, what browser you are using, and your Internet Protocol ("IP") address. While you may use some of the functionality of Clear Skin Concierge without registration, many of the specific tools and services on the Clear Skin Concierge web site require that you register with Clear Skin Concierge.
Your Responsibilities. You are responsible for taking all reasonable steps to ensure that no unauthorized person shall have access to your online passwords, account, electronic health record, or protected health information. Please be careful and responsible whenever you are online. You must be at least 18 years old to have our permission to use this site. We do not knowingly collect, use or disclose personally identifiable information about visitors who are under 18 years of age. In order to protect you, we require you to comply with the ClearSkinConcierge.com Terms and Conditions when using our services.
Access. You have the right to look at or get copies of your health information, with limited exceptions. You may request that we provide copies in a format other than electronic documents or photocopies. We will use the format you request unless we cannot practicably do so. You must make a request in writing to obtain access to your health information. You may obtain a form to request access by contacting our office. We will charge you a reasonable cost-based fee for expenses such as copies and staff time. You may also request access by sending us a letter. If you request copies, there may be a charge for time spent. If you request an alternate format, we will charge a cost-based fee for providing your health information in that format. If you prefer, we will prepare a summary or an explanation of your health information for a fee. Contact us for a full explanation of our fee structure.
Disclosure Accounting. You have a right to receive a list of instances in which we disclosed your health information for purposes other than treatment, payment, healthcare operations and certain other activities for the last six years. If you request this accounting more than once in a 12-month period, we may charge you a reasonable cost-based fee for responding to these additional requests.
Restriction. You have the right to request that we place additional restrictions on our use or disclosure of your health information. We are required to agree to these additional restrictions, but if we do, we will abide by our agreement (except in emergency).
Alternative Communication. You have the right to request that we communicate with you about your health information by alternative means or to alternative locations. (You must make your request in writing.) Your request must specify the alternative means or location, and provide satisfactory explanation how payments will be handled under the alternative means or location you request.
Amendment. You have the right to request that we amend your health information. (Your request must be in writing, and it must explain why the information should be amended). We may deny your request under certain circumstances.
Contact person. We strongly recommend contacting our Privacy Officer, Dr. Minh Nguyen, using our private messaging system while logged in as a patient, to maximize security. In urgent cases, you may use the Contact link at the bottom of our homepage: please address privacy concerns to “Privacy Officer”.