2. Information We Collect
We collect personally identifiable information (PII) to enable us to provide you services. This information may include any or all of the following, depending upon the service requested:
- Contact Information (Name, Email Address, Mailing Address, Telephone Number)
- Demographic Information (Gender, Age and Date of Birth)
- Emergency Contact
- Medical Insurance Carrier, Policy Number, Group Number and Coverage Information
- Passport Number and Expiration Date
- Credit Card Information
- Primary Care Provider Name and Contact Information
- Medical Services that You May View, Inquire About or Request on Our Site or Through our Care Concierge Service
- Medical History / Records
- Copies of your correspondence, if you contact us
- Other Protected Health Information (PHI)
3. PHI Permitted Uses and Disclosures
We can use or disclose your PHI for purposes of treatment, payment and health care operations. For each of these categories of uses and disclosures, we have provided a description and an example below. However, not every use or disclosure in every category will be listed.
- Treatment means the provision, coordination or management of your health care, including consultations between health care providers relating to your care and referrals for health care from one health care provider to another. For example, a doctor treating you for a broken leg may need to know if you have diabetes because diabetes may slow the healing process. In addition, the doctor may need to contact a physical therapist to create the exercise regimen appropriate for your treatment.
- Payment means the activities undertaken to obtain reimbursement for the health care provided to you, including billing, collections, claims management, determinations of eligibility and coverage and other utilization review activities. For example, we may need to provide PHI to your Third Party Payer to determine whether the proposed course of treatment will be covered or if necessary to obtain payment. Federal or state law may require us to obtain a written release from you prior to disclosing certain specially protected PHI for payment purposes, and we will ask you to sign a release when necessary under applicable law.
- Health care operations means the support functions of the Center of Care, related to treatment and payment, such as quality assurance activities, case management, receiving and responding to patient comments and complaints, physician reviews, compliance programs, audits, business planning, development, management and administrative activities. We may also combine PHI about many patients to decide what additional services we should offer, what services are not needed, and whether certain new treatments are effective. We may also disclose PHI for review and learning purposes. In addition, we may remove information that identifies you so that others can use the de-identified information to study health care and health care delivery without learning who you are.
Other Uses and Disclosures of Protected Health Information
- We may contact you to provide appointment reminders for treatment or medical care.
- We may disclose to your family or friends or any other individual identified by you to the extent directly related to such person’s involvement in your care or the payment for your care. We may use or disclose your PHI to notify, or assist in the notification of, a family member, a personal representative, or another person responsible for your care, of your location, general condition or death. If you are able, we will give you an opportunity to object to these disclosures, and we will not make these disclosures if you object. If you are not able, we will determine whether a disclosure to your family or friends is in your best interest, taking into account the circumstances and based upon our professional judgment.
- When permitted by law, we may coordinate our uses and disclosures of PHI with public or private entities authorized by law or by charter to assist in disaster relief efforts.
- We will use or disclose PHI about you when required to do so by applicable law.
Subject to the requirements of applicable law, we will make the following uses and disclosures of your PHI:
- Military and Veterans. If you are a member of the Armed Forces, we may release PHI about you as required by military command authorities. We may also release PHI about foreign military personnel to the appropriate foreign military authority.
- Worker’s Compensation. We may release PHI about you for programs that provide benefits for work-related injuries or illnesses.
- Public Health Activities. We may disclose health information about you for public health activities, including disclosures:
- to prevent or control disease, injury or disability;
- to report births and deaths;
- to report child abuse or neglect;
- to persons subject to the jurisdiction of the Food and Drug Administration (FDA) for activities related to the quality, safety, or effectiveness of FDA-regulated products or services and to report reactions to medications or problems with products;
- to notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition;
- to notify the appropriate government authority if we believe that an adult patient has been the victim of abuse, neglect or domestic violence. We will only make this disclosure if the patient agrees or when required or authorized by law.
- Lawsuits and Disputes. If you are involved in a lawsuit or a dispute, we may disclose PHI subject to certain limitations.
- Law Enforcement. We may release health information if asked to do so by a law enforcement official.
- In response to a court order, subpoena, warrant, summons or similar process;
- To identify or locate a suspect, fugitive, material witness, or missing person;
- About the victim of a crime under certain limited circumstances;
- About a death we believe may be the result of criminal conduct;
- About criminal conduct on our premises; or
- In emergency circumstances, to report a crime, the location of the crime or the victims, or the identity, description or location of the person who committed the crime.
- Serious Threats. As permitted by applicable law and standards of ethical conduct, we may use and disclose PHI if we, in good faith, believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public or is necessary for law enforcement authorities to identify or apprehend an individual.
Other Uses of your Health Information
Certain uses and disclosures of PHI will be made only with your written authorization, including uses and/or disclosures: (a) of psychotherapy notes (where appropriate); (b) for marketing purposes; and (c) that constitute a sale of PHI under the Privacy Rule. Other uses and disclosures of PHI not covered by this notice or the laws that apply to us will be made only with your written authorization. You have the right to revoke that authorization at any time, provided that the revocation is in writing, except to the extent that we already have taken action in reliance on your authorization.
HIV related information, genetic information, alcohol and/or substance abuse records, mental health records and certain special conditions related to minors may enjoy certain special confidentiality protections under applicable State and Federal law. Any disclosures of these types of records will be subject to these special protections.
- You have the right to request restrictions on our uses and disclosures of PHI for treatment, payment and health care operations. However, we are not required to agree to your request. We are, however, required to comply with your request if it relates to a disclosure to your health plan regarding health care items or services for which you have paid the bill in full. To request a restriction, you may make your request in writing to: Best in Class Care, 30 North Racine Avenue, Suite 300, Chicago, IL 60607.
- You have the right to reasonably request to receive confidential communications of your PHI by alternative means or at alternative locations. To make such a request, you may submit your request in writing to: Best in Class Care, 30 North Racine Avenue, Suite 300, Chicago, IL 60607.
- You have the right to inspect or obtain a copy of the PHI contained in our records, if applicable.
To inspect or obtain a copy of your PHI, you may submit your request in writing to: Best in Class Care, 30 North Racine Avenue, Suite 300, Chicago, IL 60607. If you request a copy, we may charge you a fee for the costs of copying and mailing your records, as well as other costs associated with your request.
We may also deny a request for access to PHI under certain circumstances if there is a potential for harm to yourself or others. If we deny a request for access for this purpose, you have the right to have our denial reviewed in accordance with the requirements of applicable law.
- You have the right to request an amendment to your PHI, but we may deny your request for amendment if we determine that the PHI or record that is the subject of the request:
- was not created by us, unless you provide a reasonable basis to believe that the originator of PHI is no longer available to act on the requested amendment;
- is not part of your medical or billing records or other records used to make decisions about you;
- is not available for inspection as set forth above; or
- is accurate and complete.
In any event, any agreed upon amendment will be included as an addition to, and not a replacement of, already existing records. To request an amendment to your health information, you must submit your request in writing to Best in Class Care, 30 North Racine Avenue, Suite 300, Chicago, IL 60607, along with a description of the reason for your request.
- You have the right to receive an accounting of disclosures of PHI made by us to individuals or entities other than to you for the six years prior to your request, except for disclosures:
- to carry out treatment, payment and health care operations as provided above;
- incidental to a use or disclosure otherwise permitted or required by applicable law;
- pursuant to your written authorization;
- for national security or intelligence purposes as provided by law;
- to correctional institutions or law enforcement officials as provided by law;
- as part of a limited data set as provided by law
To request an accounting of disclosures of your PHI, you must submit your request in writing to: Best in Class Care, 30 North Racine Avenue, Suite 300, Chicago IL 60607. Your request must state a specific time period for the accounting (e.g., the past three months). The first accounting you request within a twelve (12)-month period will be free. For additional accountings, we may charge you for the costs of providing the list. We will notify you of the costs involved, and you may choose to withdraw or modify your request at that time before any costs are incurred.
- You have the right to receive a notification if there is a breach of your unsecured PHI, which requires notification under the Privacy Rule.
We may also collect information:
- That is about you, but does not individually identify you, such as log data and other information collected through automatic data collection technologies and information collected or provided by third party providers
- About your internet connection, the equipment you use to access the site and usage details
In addition, we may use third party service providers that collect, monitor and analyze information and browsing activity over time in order to enhance the site’s functionality. We do not control these third parties, and their use of the information is governed by their own privacy policies.
4. How We Use Your Information
- To respond to your requests and inquiries, such as a request for a consult for medical services
- To facilitate the booking of your medical care and any associated travel and/or accommodations
- To help improve our services, including functionality of the site and support provided by our Care Concierge
- To notify you about changes to the site or the services we offer or provide through it
- In any other way we may describe to you or to which you otherwise consent
5. Measures We Take to Protect Your Information
The security of your information is very important to us; therefore, we implement and maintain the following commercially reasonable security procedures and practices appropriate to the nature of the information, including personal information we store, to protect it from unauthorized access, destruction, use, modification or disclosure:
- Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems and are required to keep information confidential. In addition, all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology
- All financial transactions are processed through a gateway provider and are not stored or processed on our servers
- Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible
However, please be aware that no method of transmission over the internet, or method of electronic storage is 100% secure, and we are unable to guarantee the absolute security of the information, including personal information we have collected from you.
6. Cookies and Web Beacons
We may store “cookies” to your computer. Cookies are files that identify you as a customer and store your personal preferences and technical information. They are primarily intended to enhance your online experience. There are two types of cookies: 1) permanent cookies, which remain on your computer for a period of time or until you manually remove them, and 2) temporary cookies, that last only until you close your browser. We may also use “Web beacons” that monitor your use of our website. Web beacons enable verification of a user’s viewing or receipt of a Web page or message. When we communicate with you via HTML capable email, Web beacons verify with us whether you received and opened our email message. On their own, cookies or Web beacons do not contain or reveal any personally identifiable information; however, if you choose to provide personally identifiable information on the website, it may be linked to the data stored using cookies or Web beacons.
7. Google Analytics
8. Third Party Links
9. Your California Privacy Rights
California Civil Code Section 1798.83 permits users of the site that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please send an e-mail to firstname.lastname@example.org or write to us at Best in Class Care, Inc., 30 N Racine Ave., Suite 300, Chicago, IL 60607.
10. Protecting Privacy of Children
Our site is not designed or intended to attract children under the age of 13. We do not specifically market to children under 13. A parent or guardian may use the site on behalf of a minor. The parent or guardian is solely responsible for supervising the minor’s use of the site. The pare or guardian assumes full responsibility for ensuring that the registration information is kept secure and that the information submitted is accurate. The parent or guardian also assumes full responsibility for the interpretation and use of any information or suggestions provided through the site or our services for the minor.
11. Contact Us
Best in Class Care, Inc.
30 North Racine Avenue
Chicago, IL 60607