top of page

Higher ROC Notice of Privacy Practice

Introduction

This Notice of Privacy Practices ("Notice") describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. It is in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and applicable New York State laws.

Purpose of the Notice

This Notice is provided to you pursuant to the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), as amended, including by the Health Information Technology for Economic and Clinical Health Act. This Notice describes how Higher ROC may use and disclose your protected health information ("PHI") to carry out the services, payment, or operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your PHI.

Higher ROC is required by law to maintain the privacy of your PHI, to provide you with this Notice of the company’s legal duties and privacy practices with respect to your PHI, and to notify you following a breach of unsecured PHI. Higher ROC is committed to protecting your privacy and will abide by the terms of this Notice.

Information Higher ROC Collects

In accordance with the HIPAA, this Notice outlines the types of PHI that Higher ROC, as a Business Owner (“Business Owner”) operating within New York, may collect from its Clients (“Clients’”). The collection of PHI is essential for providing personalized and effective services. The types of information the company may collect include, but are not limited to:

  • Personal identification information (e.g., name, address, contact information)

  • History and current status

  • Information regarding the services received

  • Payment information related to services

This information may be collected through various means, including but not limited to, direct interactions with Higher ROC’s Clients, through the company’s website, or via electronic records systems. It is the company’s commitment to maintain the confidentiality and security of all PHI in compliance with HIPAA regulations and New York state laws.

Use and Disclosure of Information

In accordance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Business Owner may use or disclose PHI for the purposes of the services, payment, and care operations without the need for written consent or authorization from the Client. However, for uses and disclosures beyond the services, payment, and care operations, the Business Owner is required to obtain written authorization from the Client before any PHI is disclosed.

The Business Owner may also use or disclose PHI without the Client's authorization in the following circumstances:

  • When required by law;

  • In the case of a public health emergency;

  • For health oversight activities;

  • To avert a serious threat to health or safety;

  • In response to a court or administrative order;

  • For research purposes, under certain conditions;

  • Duties as required by law;

  • In cases of suspected abuse, neglect, or domestic violence, as required or permitted by law;

  • For workers’ compensation claims.

The Client has the right to request restrictions on certain uses and disclosures of PHI. However, the Business Owner is not required to agree to a requested restriction unless it is for a disclosure to a health plan for purposes of carrying out payment or operations (and is not for purposes of providing services) and the PHI pertains solely to services for which the Business Owner has been paid out of pocket in full.

Your Rights Regarding Your Information

Under the Notice of Privacy Practices, you, as a client of the Business Owner, have various rights regarding your PHI as outlined by the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"). 

 

These rights include, but are not limited to:

  1. The right to access your PHI: You have the right to inspect and obtain a copy of your PHI that is contained in a designated record set for as long as the Business Owner maintains the PHI.

  2. The right to request amendments to your PHI: If you believe that the PHI the Business Owner has about you is incorrect or incomplete, you may ask the Business Owner to amend the information.

  3. The right to an accounting of disclosures: You have the right to request an accounting of certain disclosures of your PHI that the Business Owner has made.

  4. The right to request restrictions on certain uses and disclosures of your PHI: You may request a restriction or limitation on the PHI the Business Owner uses or discloses for the services, payment, or operations. You also have the right to request a limit on the PHI disclosed to someone who is involved in your care or the payment for your care, like a family member or friend.

  5. The right to request confidential communications: You can request that the Business Owner communicates with you about matters in a certain way.

  6. The right to a paper copy of the Notice: You can request a paper copy of the current Notice of Privacy Practices at any time, even if you have agreed to receive the Notice electronically.

 

For any requests or questions regarding these rights or your PHI, please contact the designated privacy officer of the Business Owner as specified in the Notice.

Changes to the Notice

Higher ROC reserves the right to change the terms of this Notice at any time. Any changes will apply to the PHI the company already has about you as well as any information Higher ROC receives in the future. Higher ROC will post a copy of the current notice in the office and on the website, if one is maintained. 
 

Complaints

If you believe your privacy rights have been violated, you may file a complaint with the Business Owner or with the Secretary of the Department of Health and Human Services. To file a complaint with the Business Owner, contact the Privacy Officer at the e-mail address provided in this Notice. All complaints must be submitted in writing.

You will not be penalized or retaliated against for filing a complaint.

Contact Information

To request access to, correct, or delete any personal information that you have provided to Higher ROC, or if you have any questions regarding this Notice, please contact the company at:

 

This contact information is provided to ensure compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requirements for access, amendments, and communications regarding PHI as outlined in this Notice. If you believe your privacy rights have been violated, you may file a complaint with Higher ROC using the contact information provided or with the Secretary of the U.S. Department of Health and Human Services.

bottom of page