Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY.
This Privacy Policy also describes the information collected through web site and the online services that we provide (together, the “Service”) and how that information is used and shared.
By accessing or using the Service or by accepting our Terms of Service, you (“you”) agree that you have read and understand this Privacy Policy and that you consent to the collection, use, and sharing of information as discussed below. If you do not agree with this Privacy Policy, do not access or use the Service.
We reserve the right to modify this Privacy Policy at any time. All changes will be effective immediately upon posting to the Service and, by accessing or using the Service after changes are posted, you agree to those changes. Material changes will be conspicuously posted on the Service or otherwise communicated to you.
Your Health Information Rights
Although your health record is the physical property of RapidMD Walkin, the information belongs to you. You have the right to:
• Obtain a paper copy of this notice of information practices upon request,
• Inspect and copy your health record as provided for in 45 CFR 164.524,
• Amend your health record as provided in 45 CFR 164.528,
• Obtain an accounting of disclosures of your health information as provided in 45 CFR 164.528,
• Request communications of your health information by alternative means or at alternative locations,
• Request a restriction on certain uses and disclosures of your information as provided by 45 CFR 164.522, and
• Revoke your authorization to use or disclose health information except to the extent that action has already been taken.
File a complaint if you feel your rights are violated.
• You can complain if you feel we have violated your rights by contacting us. Or
• You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights
• We will not retaliate against you for filing a complaint.
Our Responsibilities
RapidMD Walkin is required to:
• Maintain the privacy of your health information,
• Provide you with this notice as to our legal duties and privacy practices with respect to information we collect and maintain about you,
• Abide by the terms of this notice,
• Notify you if we are unable to agree to a requested restriction, and
• Accommodate reasonable requests you may have to communicate health information by alternative means or at alternative locations.
We will not use or disclose your health information without your authorization, except as described in this notice. We will also discontinue to use or disclose your health information after we have received a written revocation of the authorization according to the procedures included in the authorization.
Information Security
Dream Physicians LLC ( DBA as RapidMD Walkin) does not guarantee that loss, misuse, or alteration of Collected Information will not occur, but we have security measures in place to help protect against the loss, misuse, and alteration of information under our control. Our platform is HIPPA compliant. The storage and communication of information can never be completely secure, so we do not guarantee that communications or other information that you submit or that are otherwise provided to us will be completely secure. If you become aware of any breach of Service security or this Privacy Policy, please notify us immediately. If our security system is breached, we will notify you of the breach only if and to the extent required under applicable law.
We Collect Information that You Submit
How we will collect your Information
Personally Identifiable Information. You can visit the Service without sharing personally identifiable information, but you will be required to provide personally identifiable information in order to use certain Service features. We will collect any personally identifiable information from or about you that you choose to provide to us, which may include your name, email address, mobile telephone number, birthdate, and physical address. Specifically, we collect your personally identifiable information when you use the Service to book appointments with health care providers. If you provide your mobile telephone number to us, you consent to receiving text (SMS) messages from us at that telephone number.
Protected Health Information. The Health Insurance Portability & Accountability Act of 1996 (“HIPAA”) is a federal program that requires that all medical records and other individually identifiable health information used or disclosed by us in any form, whether electronically, on paper, or orally, are kept properly confidential. At LenoyMED, we are committed to treating and using protected health information about you responsibly.
Each time you visit LenoyMED, a record of your visit is made. Typically, this record contains your symptoms, examination and test results, diagnoses, treatment, and a plan for future care or treatment. This information, often referred to as your health or medical record, serves as a:
• Basis for planning your care and treatment,
• Means of communication among the many health professionals who contribute to your care,
• Legal document describing the care you received,
• Means by which you or a third-party payer can verify that services billed were actually provided,
• A tool in educating heath professionals,
• A source of data for our planning and marketing,
• A tool with which we can assess and continually work to improve the care we render and the outcomes we achieve.
Health Care Provider Appointment Information. To book an appointment with an available health care provider, you will need to also submit your name, mobile telephone number, birthdate, gender, email address, and possibly other relevant information required to confirm the appointment.
Billing, Collection and Payment Information. When you make a payment through our Services, your payment card and information is collected and stored by our payment processing partner, such as Square (https://square.com). Our payment processing partner collects your voluntarily provided information necessary to process the payment. Such information is stored and governed by its applicable terms of service and privacy policy.
Analytics. The Service uses third-party analytics tools (e.g., Google Analytics, including its Advertising Features, which are described here: https://support.google.com/analytics/answer/3450482?hl=en,
Social Media. The Service may allow you to connect and share information with various social media platforms, for example, Facebook, Instagram, and Twitter. These features may require us to implement cookies, plug-ins, and application protocol interfaces (APIs) provided by those social media platforms. We may share information that you provide us or that we may collect about your use of the Service with those platforms and that information will be subject to their privacy policies. For further information, we encourage you to review those platforms’ privacy policies: Facebook’s Data Policy athttps://www.facebook.com/full_data_use_policy ; Instagram’s Privacy Policy athttps://www.instagram.com/about/legal/privacy ; and Twitter’s Privacy Policy athttps://twitter.com/privacy
How We Use and Share Collected Information
Purpose Collected.
We may use and disclose your medical records only for each of the following purposes: treatment, payment and health care operations.
Treatment means providing, coordinating, or managing health care and related services by one of more health care providers. An example of this would include a physical examination.
Payment means such activities as obtaining reimbursement for services, confirming coverage, billing or collection activities, and utilization review. An example of this would be sending a bill for your visit to your insurance company for payment.
Health care operations include the business aspects of running our practice, such as conducting quality assessment and improvement activities, auditing functions, cost-management analysis, and customer service. An example would be an internal quality assessment review.
Text Messages: Our team may contact you via text messaging or email to remind you of an appointment and to provide general health/medication/insurance reminders and information. We will ask you to consent to receive messages via text message before you receive any messages. By consenting to receive this information via text message or email. SMS consent and phone numbers will not be shared with third parties or affiliates for marketing purposes. Our team will refrain from sending personal detailed health information via text or email, such as the reason for visit. By the same token, patients are advised not to share personal health information via text message. RapidMd Walkin and health care providers are not responsible for safeguarding information once delivered to the patient. By consenting, you agree to receive insecure text messages at your given phone number or any number forwarded or transferred to that number or insecure emails. The consent to receive text messages or emails will apply to all future appointment reminders/feedback/health/medication information unless you request RapidMD Walkin to stop sending the messages by replying “STOP.” If you are not the intended recipient to any text messages or emails sent by RapidMD Walkin or the healthcare providers, you are hereby notified that any review, dissemination, distribution, or duplication of this communication is strictly prohibited. Also, if you are not the intended recipient to text messages please reply “STOP” to any text messages you receive.
Communication with You. We may use Collected Information to notify you of changes made to the Service (for example, changes to our Terms of Use and this Privacy Policy) and, if you sign up or otherwise opt in to receive promotions from us, to send you promotional materials and other communications as set forth above.
Security and Protection of Rights. We may use Collected Information and share it with third parties to the extent permitted or required by applicable law, including in the event of a subpoena, court order, or law enforcement request. RapidMD Walkin will use Collected Information and share it with third parties if we believe doing so is necessary to operate the Service or to protect our rights or the rights of others, including disclosing information necessary to identify, contact, or bring legal action in the event of a violation of our contracts, terms, or policies, but we will do so only in accordance with applicable federal and state laws and any contracts we have with health care providers and subcontractors.
Sharing Collected Information with Our Suppliers. We may share Collected Information with our Service management and hosting suppliers, payment processors, marketing and public relations service providers, email service suppliers, text message service providers, and other suppliers as necessary for us to provide the Service and our products and services to you and as may otherwise be permitted by applicable law and in accordance with any contractual obligations we have in place with health care providers and subcontractors, which includes suppliers that we may engage to provide services in connection with the Service. We require our suppliers to comply with all applicable data privacy laws and regulations.
Business Transactions. All Collected Information is exclusively the property of RapidMD Walkin but, if RapidMD Walkin undergoes a change in control, acquisition, merger, reorganization, or asset sale, all information owned by or in the control of RapidMd Walkin may be transferred or sold to the successor of the transaction. That successor will be bound by this Privacy Policy as it applies to that information.
Access by Children. The Service is not directed at children under 18 years of age. RapidMD Walkin does not knowingly collect or use information from children under 18 through the Service. If a parent or legal guardian becomes aware that their child has provided RapidMD Walkin with personally identifiable information without his or her consent, the parent or legal guardian should contact us. If we become aware that a child under 13 has provided us with information, we will delete that information from our files.