Shield Diagnostics Notice of Privacy Practices
NOTICE OF PRIVACY PRACTICES UNDER HIPAA
This notice describes how medical information may be used and disclosed. It also describes how you can access your information. Thank you for reviewing it carefully.
Shield Diagnostics Corp (“Shield Dx”) is committed to protecting the privacy and confidentiality of your Protected Health Information, or PHI.
PHI is information that may identify you and relates to your past, present or future health condition, treatment, or payment for services.
Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH), Shield Dx is required to maintain the privacy and security of PHI and to provide you with a notice of our legal duties, our privacy practices, and your patient rights.
We follow the terms of this Notice of Privacy Practices (this “Notice”) which describes how we may use and disclose your PHI to carry out treatment, payment, and health care operations and for other specified purposes that are permitted or required by law.
Shield Dx Uses and Discloses PHI, for the following purposes:
- Healthcare Services: We use and disclose your PHI to perform diagnostic testing services and provide results to your physician and other health providers involved in your treatment and follow up care.
- Payment. We may use or disclose your PHI for purposes of billing and collecting payment for our services, such as disclosing PHI to your health plan or health insurance company in order to obtain payment for our services.
- Healthcare Operations. We may review your PHI internally as part of an audit to confirm the quality of our services and accuracy of our testing, or use or disclose it to manage other aspects of our laboratory operations.
- As Required by Law. We may use or disclose PHI if required to do so by federal or state law.
- Representatives and Individuals Involved in Your Care. We may disclose your PHI unless prohibited by applicable federal or state law, to friends or family members who are involved in your care, including those who are responsible for paying for your care. We may also disclose PHI to your personal representative, as established under applicable law, or to an administrator or authorized individual associated with your estate..
- Disclosures to Business Associates. We may disclose your PHI to companies who provide services to us. These business associates are contractually required to protect the privacy and security of your PHI and notify us of any improper disclosure of information.
- Legal Proceedings. We may disclose your PHI as required to comply with a court or administrative order or in response to a subpoena, discovery request, or other legal process.
- De-Identification of PHI. We may de-identify your PHI by removing identifying features as determined by law to make it extremely unlikely that the information could identify you.
- Research. Under certain circumstances, we may use or disclose your PHI for research purposes within Shield Dx and with research collaborators outside of the company who are under contract and are also obligated to protect PHI.
- Health and Safety. We may disclose your PHI to prevent or reduce the risk of a serious and imminent threat to the health and safety of an individual or the general public.
Shield Dx may also use or disclose your PHI in other ways as permitted or required by law and/or to ensure compliance with state and federal laws, including to:
- Public Health Authorities
- Health Oversight Agencies such as the College of American Pathologists (CAP), the federal or state agencies that oversee Medicaid, MediCal, and Medicare
- The Food and Drug Administration
- Military Command Authorities
- National Security and Intelligence Organizations
- Correctional Institutions
- Organ and Tissue Donation Organizations
- Coroners, Medical Examiners and Funeral Directors
- Law Enforcement or Judicial proceedings, for example in compliance with a search warrant, subpoena or court order
- Social Services or Protective Services Agencies
- Workers Compensation Agents
Uses and disclosures of PHI for purposes other than those described above will not be made without a written authorization signed by you or your personal representative. Once you sign an authorization, you may revoke it by contacting us at any time unless it has already been relied upon to use or disclose PHI.
Your Rights Regarding Your PHI
You have the following rights with respect to your PHI. To exercise any of these rights, please contact us using the contact information provided at the end of this Notice.
- Access PHI and Test Results. You or your authorized representative have the right to inspect and copy your PHI. You may request to retrieve your test results using the “Contact Us” information at the end of this Notice.
- Correct or Update Your Information. If you believe that there is an error in your PHI, you may request that we update it.
- Restriction Requests. You have the right to request restrictions on certain uses and disclosures of your PHI. We are not required to honor such requests unless the requested restriction involves a disclosure to a health plan and you have paid for the applicable services in full and out of pocket.
- Alternate Communications. You may request that we communicate with you about your PHI in a specific means or to an alternative postal mail or email address.
- Accounting of Disclosures. You may request a list, or accounting, of certain disclosures of your PHI made by us or our business associates for purposes other than treatment, payment, healthcare operations and certain other activities. The request must be in writing and the accounting will include disclosures made within the prior six years.
- Copy of Notice. You have the right to obtain a paper or electronic copy of this Notice upon request.
Shield Dx is required by law to notify you following the discovery that there has been a breach of your PHI, unless Shield Dx reasonably determines, after investigating the situation and assessing the risk presented, that there is a low probability that the privacy or security of your PHI has been compromised. You will be notified in a timely fashion, no later than 60 days after discovery of the breach.
Changes to Our Notice
We reserve the right to amend this Notice from time to time. When changes are made, we will promptly post the updated Notice on the Shield Dx website at shielddx.com.
Questions and Complaints
If you have any questions or comments about this Notice, or if you have any complaints about our privacy practices, please contact us using the contact information provided below. You may also file a complaint with the Secretary of the U.S. Department of Health and Human Services. Shield Dx will not retaliate against you for filing a complaint.
Contact us or update your preferences:
Shield Dx attn Privacy officer
2865 Zanker Road
San Jose, CA 95134