Privacy Policy
HIPAA Privacy Policy:
Effective Date: January 2022
At PlantFull Pleasures Nutrition, we are committed to protecting the privacy and confidentiality of our clients' personal health information (PHI). As a nutrition service provider, we understand the importance of complying with the Health Insurance Portability and Accountability Act (HIPAA) and its regulations regarding the privacy and security of PHI. This HIPAA Privacy Policy outlines our practices and procedures to ensure the protection of your PHI.
- Information Covered by HIPAA: This policy applies to all individually identifiable health information that we create, receive, maintain, or transmit, which is known as Protected Health Information (PHI). PHI includes any information that relates to your past, present, or future health status, treatment, or payment for healthcare services.
- Use and Disclosure of PHI: We will only use and disclose your PHI for purposes that are permitted or required by law, or with your written authorization.
We will use and disclose PHI for treatment, payment, and healthcare operations as outlined in the HIPAA regulations.
We will obtain your written consent before using or disclosing your PHI for purposes not covered by this Privacy Policy or required by law. - Safeguarding PHI: We implement appropriate administrative, technical, and physical safeguards to protect your PHI from unauthorized access, disclosure, alteration, or destruction.
We restrict access to PHI to only authorized personnel who require the information to perform their duties.
We maintain secure electronic systems and employ encryption and firewalls to protect electronic PHI. - Individual Rights: You have the right to request access to your PHI and obtain copies of your health records.
You have the right to request amendments or corrections to your PHI if you believe it is inaccurate or incomplete.
You have the right to request restrictions on certain uses or disclosures of your PHI, although we are not obligated to agree to all requests.
You have the right to receive an accounting of disclosures made of your PHI.
You have the right to request confidential communications of your PHI. - Notice of Privacy Practices: We will provide you with a Notice of Privacy Practices that explains how your PHI may be used and disclosed, as well as your rights and our obligations under HIPAA.
The Notice of Privacy Practices will be provided to you at the time of your initial engagement with our services and will also be available on our website. - Breach Notification: In the event of a breach of your unsecured PHI, we will notify you in accordance with HIPAA requirements.
We will promptly investigate any potential breaches and take appropriate measures to mitigate and address any harm caused. - Business Associates: We may engage the services of third-party Business Associates who may have access to your PHI. We require our Business Associates to protect your PHI and comply with HIPAA regulations.
- Privacy Complaints: If you believe your privacy rights have been violated, you have the right to file a complaint with us or with the Secretary of the Department of Health and Human Services.
We will not retaliate against you for filing a complaint. - Policy Updates: We may update this HIPAA Privacy Policy periodically to reflect changes in our practices, legal requirements, or industry standards.
We will notify you of any material changes to this policy through our website or other means of communication. - HIPAA Compliant EHR:
- Our electronic health records (EHR) platform, Practice Better, is HIPAA compliant. Practice Better is designed to securely store and manage your PHI in accordance with HIPAA regulations.
If you have any questions, concerns, or requests regarding our HIPAA Privacy Policy or the privacy of your PHI, please contact our Privacy Officer at [email protected].
By using our services, you acknowledge that you have read, understood, and agree to the terms of this HIPAA Privacy Policy.
Sincerely,
Claudia DeSantis, MS, CNS, LDN - Clinical Nutritionist