Día Health, PLLC – Privacy Policy

 NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Our goal is to take appropriate steps to attempt to safeguard any medical or other personal information that is provided to us. The Privacy Rule under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) requires us to: (i) maintain the privacy of medical information provided to us; (ii) provide notice of our legal duties and privacy practices; and (iii) abide by the terms of our Notice of Privacy Practices currently in effect.

WHO WILL FOLLOW THIS NOTICE

We are committed to protecting your privacy. This Internet Privacy Policy governs our data collection, processing and usage practices. By using our website, you consent to the data practices described in ‘this Internet Privacy Policy. You are free to explore the website without providing any information about yourself. If you do not agree with the data practices described in this Internet Privacy Policy, you should not use the website.

INFORMATION COLLECTED ABOUT YOU

In the ordinary course of receiving treatment and health care services from us, you will be providing us with personal information such as:
• Your name, address, and phone number.
• Information relating to your medical history
• Your insurance information and coverage.
• Information concerning your doctor, nurse or other medical providers.
In addition, we will gather certain medical information about you and will create a record of the care provided to you. Some information also may be provided to us by other individuals or organizations that are part of your “circle of care” — such as the referring physician, your other doctors, and close friends or family
members.

HOW WE MAY USE AND DISCLOSE INFORMATION ABOUT YOU

We may use and disclose personal and identifiable health information about you for a variety of purposes. All of the types of uses and disclosures of information are described below, but not every use or disclosure in a category is listed.
• Required Disclosures. We are required to disclose health information about you to the Secretary of Health and Human Services, upon request, to determine our compliance with HIPAA and to you, in accordance with your right to access and right to receive an accounting of disclosures, as described below
• For Treatment. We may use health information about you in your treatment. For example, we may use your medical history, such as any presence or absence of diabetes, to assess the health of your eyes.
• For Health Care Operations. We may use and disclose information about you for the general operation of our business. For example, we sometimes arrange for auditors or other consultants to review our practices, evaluate our operations, and tell us how to improve our services. Or, for example, we may use and disclose your health information to review the quality of services provided to you.
• Public Policy Uses and Disclosures. There are a number of public policy reasons why we may disclose information about you which are described below.
• We may disclose health information about you when we are required to do so by federal, state, or local law.
• We may disclose protected health information about you in connection with certain public health reporting activities.
• We may disclose protected health information about you in connection with certain public health reporting activities. For instance, we may disclose such information to a public health authority authorized to collect or receive PHI for the purpose of preventing or controlling disease, injury or disability, or at the direction of a public health authority, to an official of a foreign government agency that is acting in collaboration with a public health authority, Public health authorities include state health departments, the Center for Disease Control, the Food and Drug Administration, the Occupational Safety and Health Administration, and the A-HIPAA Protection Agency, to name a few.
• We are also permitted to disclose protected health information to a public health authority or other government authority authorized by law to receive reports of child abuse or neglect. Additionally, we may disclose protected health information to a person subject to the Food and Drug Administration’s power for the following activities: to report adverse events, product defects or problems, or biological product deviations; to track products; to enable product recalls; repairs or replacements; to conduct post marketing surveillance. We may also disclose a patient’s health information to a person who may have been exposed to a communicable disease, or to an employer to conduct an evaluation relating to medical surveillance of the workplace or to evaluate whether an individual has a work-related illness or injury.
• We may disclose a patient’s health information where we reasonably believe a patient is a victim of abuse, neglect or domestic violence and the patient authorizes the disclosure, or it is required or authorized by law.
• We may disclose health information about you in connection with certain health oversight activities of licensing and other health oversight agencies which are authorized by law. Health oversight activities include audit investigation, inspection, licensure or disciplinary actions, and civil, criminal, or administrative proceedings or actions, or any activity necessary for the oversight of 1) the health care system, 2) governmental benefit programs for which health information is relevant to determining beneficiary eligibility, 3) entities subject to governmental regulatory programs for which health information is necessary for determining compliance with program standards, or 4) entities subject to civil rights laws for which health information is necessary for determining compliance.
• We may disclose your health information as required by including in response to a warrant, subpoena, or other order of a court or administrative hearing body, or to assist law enforcement to identify or locate a suspect, fugitive, material witness or missing person. Disclosures for law enforcement purposes also permit us to make disclosures about victims of crimes and the death of an individual, among others.
• We may release a patient’s health information (1) to a coroner or medical examiner to identify a deceased person or determine the cause of death, and (2) to funeral directors. We also may release your health information to organ procurement organizations, transplant centers, and eye or tissue banks, if you are an organ donor.
• We may release your health information to workers’ compensation or similar programs, which provide benefits for work-related injuries or illnesses, without regard to fault.
• Health information about you may also be disclosed when necessary to prevent a serious threat to your health and safety or the health and safety of others.
• We may use or disclose certain health information about your condition and treatment for research purposes where an Institutional Review Board or a similar body referred to as a Privacy Board determines that your privacy interests will be adequately protected in the study. We may also use and disclose your health information to prepare or analyze a research protocol and for other research purposes.                                                                                                                                                                 • If you are a member of the Armed Forces, we may release health information about you for activities deemed necessary by military command authorities. We also may release health information about foreign military personnel to their appropriate foreign military authority
• We may disclose your protected health information for legal or administrative proceedings that involve you, We may release such information upon order of a court or administrative tribunal. We may also release protected health information in the absence of such an order and in response to a discovery or other lawful request, if efforts have been made to notify you or secure a protective order.
• If you are an inmate, we may release protected health information about you to a correctional institution where you are incarcerated or to law enforcement officials in certain situations, such as where the information is necessary for your treatment, health or safety, or the health or safety of others.
• Finally, we may disclose protected health information for national security and intelligence activities, and for the provision of protective services to the President of the United Sates and other officials or foreign heads of state
• Our Business Associates. We sometimes work with outside individuals and businesses that help us operate our business successfully. We may disclose your health
information to these business associates so that they can perform the tasks that we hire them to do. Our business associates must promise that they will respect the
confidentiality of your personal and identifiable health information.

A-HIPAA

• Disclosures to Persons Assisting in Your Care or Payment for Your Care. We may disclose information to individuals involved in your care or in the payment for your
care. This includes people and organizations that are part of your “circle of care” — such as your spouse, your other doctors, or an aide who may be providing services to you. We may also use and disclose health information about a patient for disaster relief efforts, and to notify persons responsible for a patient’s care about a patient’s location, general condition, or death. Generally, we will obtain your verbal agreement before using or disclosing health information in this way. However, under certain circumstances, such as in an emergency, we may make these uses and disclosures without your agreement.                                                            • To the extent another state or federal law restricts the ability of the practice to use or disclose protected health information as discussed above, the descriptions above must reflect the more stringent law
• Appointment reminders. We may use and disclose medical information to contact you as a reminder that you have an appointment or that you should
schedule an appointment. SMS opt-in consent or phone numbers for SMS purposes will NOT be shared.
• Treatment alternatives. We may use and disclose medical information to tell you about or recommend possible treatment options, alternatives, or health-related services that may be of interest to you.

SMS Communication and Consent

We may use SMS (text messaging) to send patients notifications related to their healthcare, such as appointment reminders, health information, and follow-up care instructions. By providing your mobile number and consenting to SMS communication, you agree to receive text messages from Día Health in compliance with HIPAA and carrier regulations. SMS opt-in or phone numbers for the purpose of SMS are not being shared with any third party or affiliate companies for marketing purposes.

How We Obtain SMS Consent

  • In-Person or Written Consent: When visiting our clinic, you may be asked to sign our annual consent forms to confirm consent to receive SMS messages.
  • Online or Portal Registration: You may also opt in for SMS communication through our website or patient portal.
  • Verbal Consent: In certain cases, such as over-the-phone appointment scheduling, our staff may ask for verbal consent to send SMS communications. 
  • Opting Out: Patients can opt out of SMS communications at any time by replying “STOP” to any text or contacting us directly.

OTHER USES AND DISCLOSURES OF PERSONAL INFORMATION

We are required to obtain written authorization from you for any other uses and disclosures of medical information other than those described above. If you provide us with such permission, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose personal information about you for the reasons covered by your written authorization, except to the extent we have already relied on your original permission.

INDIVIDUAL RIGHTS

• You have the right to ask for restrictions on the ways we use and disclose your health information for treatment, payment and health care operation purposes. You may request that we limit our disclosures to persons assisting your care or payment for your care. We will consider your request, but we are not required to accept it.
• You have the right to request that you receive communications containing your protected health information from us by alternative means or at alternative locations. For example, you may ask that we only contact you at home or by mail.
• Except under certain circumstances, you have the right to inspect and copy medical, billing and other records used to make decisions about you. If you ask for copies of this information, we may charge you a fee for copying and mailing.                                                                                                                                                                • If you believe that information in your records is incorrect or incomplete, you have the right to ask us to correct the existing information or add missing information. Under certain circumstances, we may deny your request, such as when the information is accurate and complete.
• You have a right to receive a list of certain instances when we have used or disclosed your medical information. We are not required to include the list uses and disclosures for your treatment, payment for services furnished to you, our health care operations, disclosures to you, disclosures you give us authorization to make, and uses and disclosures before January 1st, 2020, among others. If you ask for this information from us more than once every twelve months, we may charge you a fee.
• You have a right to a copy of this notice in paper form. You may ask for a copy at any time. You may also obtain a copy of this form at our web site, https://diahealth.net/ To exercise any of your rights, please contact us in writing, attention: Privacy Officer, Dia Health, PLLC, 2515 Castroville Rd, Suite 1 San Antonio, TX 78237. When making a request for amendment, you must state a reason for making the request.

CHANGES TO THIS NOTICE

We reserve the right to make changes to this notice at any time. We reserve the right to make the revised notice effective for personal health information we have about you as well as any information we receive in the future. In the event there is a material change to this notice, the revised notice will be posted. In addition, you may request a copy of the revised notice at any time.

COMPLAINTS/COMMENTS

If you have any complaints concerning our privacy practices, you may contact the Office Manager.
Dia Health, PLLC, 2515 Castroville Rd, Suite 1 San Antonio, TX 78237.
YOU WILL NOT BE RETALIATED AGAINST OR PENALIZED BY US FOR FILING A COMPLAINT.
This notice is effective as of September 9, 2024.