top of page

Privacy Policy -  HIPAA Policy

What type of information do we collect?

We receive, collect and store any information you enter on our website or provide us in any other way. In addition, we collect the Internet protocol (IP) address used to connect your computer to the Internet; login; e-mail address; password; computer and connection information and purchase history. We may use software tools to measure and collect session information, including page response times, length of visits to certain pages, page interaction information, and methods used to browse away from the page. We also collect personally identifiable information (including name, email, password, communications); payment details (including credit card information), comments, feedback, product reviews, recommendations, and personal profile.

 

How do we collect information?

When you conduct a transaction on our website, as part of the process, we collect personal information you give us such as your name, address and email address. Your personal information will be used for the specific reasons stated above only.

 

Why do we collect such personal information?

We collect such Non-personal and Personal Information for the following purposes

  1. To provide and operate the Services;

  2. To provide our Users with ongoing customer assistance and technical support;

  3. To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;

  4. To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services; 

  5. To comply with any applicable laws and regulations.

 

 

How do we store, use, share and disclose our site visitors' personal information?

Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

 

All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

 

 

How do we communicate with our site visitors?

We may contact you to notify you regarding your account, to troubleshoot problems with your account, to resolve a dispute, to collect fees or monies owed, to poll your opinions through surveys or questionnaires, to send updates about our company, or as otherwise necessary to contact you to enforce our User Agreement, applicable national laws, and any agreement we may have with you. For these purposes we may contact you via email, telephone, text messages, and postal mail.

 

 

How can our site visitors withdraw their consent?

If you don’t want us to process your data anymore, please contact us at info@doctalk.health

 

 

Privacy policy updates

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. 

 

 

Questions and your contact information

If you would like to: access, correct, amend or delete any personal information we have about you, you are invited to contact us at  info@doctalk.health

HIPAA PRIVACY NOTICE

PHATAK & LABUZETTA PHYSICIANS, PLLC

THIS NOTICE DESCRIBES HOW YOUR MEDICAL INFORMATION

MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO

THAT INFORMATION.

 

PLEASE REVIEW THIS NOTICE CAREFULLY.

 

**Disclaimer: While the Provider currently does not meet the criteria to be classified as a “Covered Entity” under the federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), the Provider is committed to protecting the privacy and confidentiality of the health information of its patients.  Therefore, the Provider is choosing to voluntarily comply with the HIPAA Privacy Notice requirements as detailed in this Notice.  Notwithstanding its commitment to privacy, the Provider does not guarantee that the Provider will fully comply with all requirements under HIPAA.

 

POLICY STATEMENT

 

Phatak & Labuzetta Physicians, PLLC (“the Provider”) is committed to maintaining the privacy of your protected health information ("PHI"), which includes electronic protected health information, and which includes information about your medical condition and the care and treatment you receive from the Provider and other health care providers, all in accordance with the provisions of the Health Insurance Portability and Accountability Act and the Health Information Technology for Economic and Clinical Health Act, and their regulations (collectively, the “HIPAA Rules”).  This Notice details how your PHI may be used and disclosed to third parties for purposes of your care, payment for your care, health care operations of the Provider, and for other purposes permitted or required by law and the HIPAA Rules. This Notice also details your rights regarding your PHI.



 

HOW WE MAY USE AND DISCLOSURE YOUR MEDICAL INFORMATION

 

The Provider may use and/or disclose your PHI for purposes related to your treatment and health care operations of the Provider. The following are examples of the types of uses and/or disclosures of your PHI that may occur. These examples are not meant to include all possible types of uses and/or disclosures.

 

(a) For Treatment - The Provider will provide your PHI to those health care professionals, whether on the Provider's staff or not, directly involved in your care so that they may understand your medical condition and needs and provide advice or treatment (e.g., a specialist or laboratory). For example, a physician treating you for a condition such as arthritis or diabetes may need to know what medications have been prescribed for you by the medical providers in this Provider.

 

(b) For Health Care Operations - In order for the Provider to operate in accordance with applicable law and insurance requirements and in order for the Provider to provide quality and efficient care, it may be necessary for the Provider to compile, use and/or disclose your PHI. For example, the Provider may use your PHI in order to evaluate the performance of the Provider's personnel in providing treatment to you.

 

WHEN AN AUTHORIZATION IS NOT REQUIRED

 

The Provider may use and/or disclose your PHI, without a written Authorization from you, in the following instances:

 

(a) De-identified Information - Your PHI is altered so that it does not identify you and, even without your name, cannot be used to identify you.

 

(b) Business Associate - To a business associate, which is someone who the Provider contracts with to provide a service necessary for your treatment, payment for your treatment and health care operations (e.g., a billing service). The Provider will obtain satisfactory written assurance, in accordance with applicable law and the HIPAA Rules, that the business associate will appropriately safeguard your PHI and that the business associate will ensure its subcontractors, if any, appropriately safeguard your PHI as well.  

 

(c) To You or a Personal Representative - To you, or to a person who, under applicable law, has the authority to represent you in making decisions related to your health care.  

 

(d) Public Health Activities - Such activities include, for example, information collected by a public health authority, as authorized by law, to prevent or control disease, injury or disability. This includes reports of child abuse or neglect.

 

(e) Food and Drug Administration - If required by the Food and Drug Administration to report adverse events, product defects or problems or biological product deviations, or to track products, or to enable product recalls, repairs or replacements, or to conduct post marketing surveillance.

 

(f) Abuse, Neglect or Domestic Violence - To a government authority if the Provider is required by law to make such disclosure. If the Provider is authorized by law to make such a disclosure, it will do so if it believes that the disclosure is necessary to prevent serious harm or if the Provider believes that you have been the victim of abuse, neglect or domestic violence. Any such disclosure will be made in accordance with the requirements of law, which may also involve notice to you of the disclosure.

 

(g) Health Oversight Activities - Such activities, which must be required by law, involve government agencies involved in oversight activities that relate to the health care system, government benefit programs, government regulatory programs and civil rights law. Those activities include, for example, criminal investigations, audits, disciplinary actions, or general oversight activities relating to the community's health care system. 

 

(h) Judicial and Administrative Proceeding - For example, the Provider may be required to disclose your PHI in response to a court order or a lawfully issued subpoena. 

 

(i) Law Enforcement Purposes - In certain instances, your PHI may have to be disclosed to a law enforcement official for law enforcement purposes. Law enforcement purposes include: (1) complying with a legal process (i.e., subpoena) or as required by law; (2) information for identification and location purposes (e.g., suspect or missing person); (3) information regarding a person who is or is suspected to be a crime victim; (4) in situations where the death of an individual may have resulted from criminal conduct; (5) in the event of a crime occurring on the premises of the Provider; and (6) a medical emergency (not on the Provider's premises) has occurred, and it appears that a crime has occurred.

 

(j) Coroner or Medical Examiner - The Provider may disclose your PHI to a coroner or medical examiner for the purpose of identifying you or determining your cause of death, or to a funeral director as permitted by law and as necessary to carry out its duties. 

 

(k) Organ, Eye or Tissue Donation - If you are an organ donor, the Provider may disclose your PHI to the entity to whom you have agreed to donate your organs. 

 

(l) Research - If the Provider is involved in research activities, your PHI may be used, but such use is subject to numerous governmental requirements intended to protect the privacy of your PHI such as approval of the research by an institutional review board and the requirement that protocols must be followed.  

 

(m) Avert a Threat to Health or Safety - The Provider may disclose your PHI if it believes that such disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public and the disclosure is to an individual who is reasonably able to prevent or lessen the threat.

 

(n) Specialized Government Functions - When the appropriate conditions apply, the Provider may use PHI of individuals who are Armed Forces personnel: (1) for activities deemed necessary by appropriate military command authorities; (2) for the purpose of a determination by the Department of Veteran Affairs of eligibility for benefits; or (3) to a foreign military authority if you are a member of that foreign military service. The Provider may also disclose your PHI to authorized federal officials for conducting national security and intelligence activities including the provision of protective services to the President or others legally authorized.

 

(o) Inmates - The Provider may disclose your PHI to a correctional institution or a law enforcement official if you are an inmate of that correctional facility and your PHI is necessary to provide care and treatment to you or is necessary for the health and safety of other individuals or inmates. 

 

(p) Workers' Compensation - If you are involved in a Workers' Compensation claim, the Provider may be required to disclose your PHI to an individual or entity that is part of the Workers' Compensation system. 

 

(q) Disaster Relief Efforts - The Provider may use or disclose your PHI to a public or private entity authorized to assist in disaster relief efforts.

 

(r) Required by Law - If otherwise required by law, but such use or disclosure will be made in compliance with the law and limited to the requirements of the law.

 

AUTHORIZATION

 

Except as described previously, the Provider will not use or disclose information from your record unless you authorize (permit) in writing the Provider to do so. You may revoke your permission in writing, which will be effective only after the date of your written revocation.

 

APPOINTMENT REMINDER

 

The Provider may, from time to time, contact you to provide appointment reminders. The reminder may be in the form of a letter or postcard. The Provider will try to minimize the amount of information contained in the reminder. The Provider may also contact you by phone and, if you are not available, the Provider will leave a message for you.

 

TREATMENT ALTERNATIVE/BENEFITS

 

The Provider may, from time to time, contact you about treatment alternatives, or other health benefits or services that may be of interest to you.

 

FAMILY AND FRIENDS INVOLVED IN YOUR CARE

 

The Provider may disclose to your family member, other relative, a close personal friend, or any other person identified by you, your PHI directly relevant to such person's involvement with your care or the payment for your care. The Provider may also use or disclose your PHI to notify or assist in the notification (including identifying or locating) of a family member, a personal representative, or another person responsible for your care, of your location, general condition or death.  However, in both cases, the following conditions will apply:

 

(a) The Provider may use or disclose your PHI if you agree, or if the Provider provides you with opportunity to object and you do not object, or if the Provider can reasonably infer from the circumstances, based on the exercise of its judgment, that you do not object to the use or disclosure.

 

(b) If you are not present, the Provider will, in the exercise of its judgment, determine whether the use or disclosure is in your best interests and, if so, disclose only the PHI that is directly relevant to the person's involvement with your care.

 

YOUR RIGHTS

 

You have the right to:

 

(a) Revoke any Authorization, in writing, at any time. To request a revocation, you must submit a written request to the Provider's Privacy Officer.

 

(b) Request restrictions on certain uses and/or disclosures of your PHI as provided by law and the HIPAA Rules.  However, the Provider is not obligated to agree to every requested restriction, except to the extent required by law. To request restrictions, you must submit a written request to the Provider's Privacy Officer. In your written request, you must inform the Provider of what information you want to limit, whether you want to limit the Provider's use or disclosure, or both, and to whom you want the limits to apply. If the Provider agrees to your request, the Provider will comply with your request unless the information is needed in order to provide you with emergency treatment. 

 

(c) Restrict certain disclosures of PHI about you to a health plan where you pay out of pocket in full for the health care item or service.

 

(d) Receive confidential communications of PHI by alternative means or at alternative locations. You must make your request in writing to the Provider's Privacy Officer. The Provider will accommodate all reasonable requests. 

 

(e) Inspect and copy your PHI as provided by law. To inspect and copy your PHI, you must submit a written request to the Provider's Privacy Officer. In certain situations that are defined by law, the Provider may deny your request, but you will have the right to have the denial reviewed. The Provider can charge you a fee for the cost of copying, mailing or other supplies associated with your request, all in accordance with applicable law.

 

(f) Request an amendment of your PHI as provided by law. To request an amendment, you must submit a written request to the Provider's Privacy Officer. You must provide a reason that supports your request. The Provider may deny your request if it is not in writing, if you do not provide a reason and support of your request, if the information to be amended was not created by the Provider (unless the individual or entity that created the information is no longer available), if the information is not part of your PHI maintained by the Provider, if the information is not part of the information you would be permitted to inspect and copy, and/or if the information is accurate and complete. If you disagree with the Provider's denial, you have the right to submit a written statement of disagreement.

 

(g) Receive an accounting of disclosures of your PHI as provided by law.  To request an accounting, you must submit a written request to the Provider's Privacy Officer which must comply with the applicable HIPAA Rules. The request should indicate in what form you want the list (such as a paper or electronic copy). The first list you request within a 12 month period will be free, but the Provider may charge you for the cost of providing additional lists in that same 12 month period. The Provider will notify you of the costs involved and you can decide to withdraw or modify your request before any costs are incurred.  The request must state a time period which may not be longer than 6 years and may not include dates before April 14, 2003.

 

(h) Receive a paper copy of this Privacy Notice from the Provider upon request to the Provider's Privacy Officer.

 

  1.  Be notified following a breach of your Unsecured PHI (as such term is defined by the HIPAA Rules).

 

(k) To obtain more information to file a complaint with the Provider if you believe your Privacy Rights have been violated, or have your questions about your rights answered, you may contact the Provider's Privacy Officer, at info@doctalk.health.

 

PROVIDER'S OBLIGATIONS

 

The Provider is providing you with this Notice that governs the Provider’s privacy practices. The Provider may change its privacy policies or procedures. When changes occur, the changes will be effective for PHI the Provider has about you as well as any information received in the future.  The Provider will maintain the Privacy of your PHI and provide you with this Notice of the Provider’s privacy practices with respect to your PHI.  The Provider will make a good faith effort to obtain from you an acknowledgment of receipt of this Notice.  Any time you come into the Provider facilities for an appointment, you may ask for and receive a copy of the Notice that is in effect at the time. The Provider will provide this Notice to you by email if you so request.  This Notice is also available on the Provider’s website.  You can contact the Provider’s office to obtain more information.


 

EFFECTIVE DATE

 

The Original Notice was originally in effect as of November 1, 2023. 

bottom of page