Your health, wellness and aesthetics, in one place.
BitCare Technologies Inc. is a management services organization. All clinical services are provided by BitCare affiliated professional corporations. All clinical services are provided by BitCare affiliated professional corporations. In providing testing services though its laboratory partners, BitCare receives, creates and discloses personal health information. This information is private and confidential. There are policies and procedures in place to protect the information against unlawful use and disclosure. This notice describes information we collect, how we use that information, and when and to whom we may disclose it.
II. Protected Health Information and Our Obligations
Protected health information or “PHI” (also called “personal health information”), is current, past or future information created or received by BitCare from physicians about patients for whom testing is ordered from BitCare. It may indicate the physical condition of a patient, the provision of health care to that patient, or payment for the provision of health care to that patient. The term PHI does not generally include publicly available information, or information available or reported in a summarized format.
We are required by law to maintain the privacy and security of your protected health information.
We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
We must follow the duties and privacy practices described in this notice and give you a copy of it (or other notice in effect at the time of the use or disclosure).
We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
III. Information Collected and Created by BitCare
BitCare collects the information that is minimally necessary to provide testing services and to obtain payment for these services. This may include name, address, telephone number, social security number, date of birth, medical history, diagnosis, treatment, provider identification and treatment information, financial responsibility and payment information.
IV. Protection of PHI
Our use and disclosure of PHI must comply not only with federal privacy regulations but also with applicable Texas law. Access to PHI is restricted to only those employees of BitCare who need it in order to provide services to clients and patients. We maintain physical, technical and procedural safeguards to protect PHI against unauthorized use and disclosure. We have a Compliance Officer who is responsible for developing, educating BitCare personnel about, and overseeing the implementation and enforcement of policies and procedures designed to safeguard PHI against inappropriate use and disclosure consistent with the applicable law.
In the following cases we never share your information unless you give us written permission:
- Marketing purposes
- Sale of your information
- Standard Uses and Disclosures of PHI
How else can we use or share your health information?
For more information see:
In the course of providing laboratory services, BitCare uses PHI internally and discloses it to health care providers (providers requesting services, laboratory personnel involved in ordering services and other caregivers), insurers, third party administrators, plan sponsors and other payors (employers, health care provider organizations and others who may be responsible for paying for or administering your health benefits); vendors, consultants, government authorities; and their respective agents. They are required by law to keep PHI confidential. Some examples of what we do with the information we collect and the reasons it might be disclosed to third parties are described below.
We may use or disclose PHI with or without your consent to provide health care services. Examples of these uses and disclosures include:
- Treatment – the fulfillment of requests by physicians to perform laboratory testing services is considered the provision of treatment.
- Payment – BitCare uses and discloses PHI to obtain reimbursement for testing services. Examples of these payment activities include: billing, collections activities, determination of eligibility and obtaining authorization for services. We may use or disclose PHI in connection with payment activities with or without your consent.
- Health care operations – BitCare uses and discloses PHI for our internal purposes. We may use information to contact you when necessary.
- Required by Law – We may use or disclose PHI to the extent such use or disclosure is required by law and it complies with and is limited to the requirements of that law. We use and disclose PHI for certain law enforcement purposes and in response to official subpoenas, court orders, discovery requests, workers’ compensation law and other legal process. In addition, we use and disclose PHI in connection with health oversight activities (e.g., government audits of our compliance with certain laws and regulations; oversight of government-funded health benefits programs, and, the Department of Health and Human Services if it wants to see if we’re complying with federal privacy law).
- Health Research – We use and disclose unidentified PHI in connection with research subject to the oversight of an Institutional Review Board. Sometimes, where permitted under federal law and institutional policy, and approved by an Institutional Review Board or a privacy board, PHI may be used or disclosed. In addition, PHI may be used or disclosed to compile “limited or de-identified data sets” that do not include your name, address, social security number or other direct identifiers. These data sets may, in turn, be used for research purposes.
If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information. We will make sure the person has this authority and can act for you before we take action.
VI. Requesting Other Disclosures
In any communication with us, please provide your name, address, patient identification number or Social Security number, and a telephone number where we can reach you in case we need to contact you about your request.
VII. Your Rights with Respect to PHI
When it comes to your health information, you have certain rights. This section explains your rights and some of our responsibilities to help you.
Ask us to limit what we use or share: You have a right to ask us in writing to restrict use or disclosure of your PHI related to your treatment, related to your payment or related to routine health care operations. We will honor our agreement except in case of an emergency. Any restriction we agree to is not effective to prevent uses or disclosures of PHI required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with federal privacy regulations adopted under the Health Insurance Portability and Accountability Act of 1996 or for certain activities permitted or required by law (see Section V above).
If you pay for a service out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer.
- We will say “yes” unless a law requires us to share that information.
- Request confidential communications – You may request, in writing, to receive confidential communications containing your PHI from us in ways or at locations that are outside our usual process (for example, home or office phone) or send to a different address. We will make every effort to accommodate reasonable requests.
- You have a right to review and obtain a copy of existing PHI contained in medical and billing records about you maintained by BitCare. You must make your request in writing and this right is limited to existing records that are maintained, collected, used or disseminated by BitCare. This right does not apply to results of clinical testing – this information is specifically excluded by law; or to information we compile in reasonable anticipation of, or for use in, civil, criminal or administrative actions or proceedings. We may charge a fee for any copies you request.
- Ask us to correct your records: You have a right to request that we amend the records described above for as long as we maintain them. You must make the request in writing for information you feel is incorrect or incomplete and give us a reason for the amendment. We may deny your request if: (i) we determine that we did not create the record, unless the originator of the PHI is no longer available to act on the requested amendment; or (ii) if we believe that the existing records are accurate and complete. Note that an amendment may take several forms; for example we may add an explanatory statement to a record rather than changing it.
- We may say “no” to your request, but we’ll tell you why in writing within 60 days.
- Get a list of those whom we’ve shared information: You have a right to ask for an accounting of disclosures made by BitCare to any third party in the six years prior to the date on which the accounting is requested. This right does not apply to certain disclosures, including, but not limited to, disclosures made for the purposes of treatment, payment or health care operations; disclosures made to you or to others involved in your care; disclosures made with your authorization; disclosures made for national security or intelligence purposes or to correctional institutions or law enforcement purposes; or disclosures made prior to April 14, 2003. You must make any request for an accounting in writing and we may charge a fee to fill more than one request in any given year.
- Tell us to share information in a disaster relief situation.
- Get an electronic or paper copy of your medical record: You can ask to see or get an electronic or paper copy of your medical record or other health information we have about you. Ask us how to do this.
We will provide a copy of a summary of your health information, usually within 30 days of your request. We may charge a reasonable, cost-based fee.
VIII. Distribution and Updates of This Notice
IX. Effective Date and Duration of This Notice
X. Communication with BitCare
As a convenience, BitCare may make available email addresses by which you can communicate with us regarding billing issues. Please be advised that email is not a secure means of communication, therefore BitCare cannot guarantee the security of any information that you send to us prior to our receipt of it. This fact may also restrict our use of email in communicating any response to you – we will make every attempt to use alternate means of communicating anything that may be considered sensitive information.
XI. Copy of Notice, Questions or Complaints
File a complaint if you feel your rights are violated. If you have questions about the Notice of Privacy Practices, or believe its terms or any BitCare privacy or confidentiality policy has been violated with respect to information about you, please let us know immediately by contacting us at +1-800-551-3248 and request the Compliance Officer. Please include your name, address, and a telephone number where we can contact you, and a brief description of the complaint. If you prefer, you may lodge an anonymous complaint.
5700 Tennyson Parkway, Suite 300
Plano TX 75024
You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to:
The U.S. Department of Health and Human Services Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
Or, by calling:
Or, visiting www.hhs.gov/ocr/privacy/hipaa/complaints/
We will not retaliate against you for filing a complaint.
Please provide as much information as possible so that the complaint can be properly investigated. BitCare will not retaliate against a person who files a complaint with us or with the Secretary of the Department of Health and Human Services.