During the course of providing services and care to you, Everytable, PBC (“Everytable”) gathers, creates, and retains certain personal information about you that identifies who you are and relates to your past, present, or future physical or mental condition, the provision of health care to you, and payment for your health care services. This personal information is characterized as your “protected health information.” Protected health information consists of any information relating to your physical or mental health, to any health care provided to you, or to payment for such care and that either identifies you or provides information that can be used to identify you. This Notice of Privacy Practices describes how Everytable maintains the confidentiality of your protected health information, and informs you about the possible uses and disclosures of such information. It also informs you about your rights with respect to your protected health information.
Everytable is required by federal and state law to maintain the privacy of your protected health information. Everytable is also required by law to provide you with this Notice of Privacy Practices that describes Everytable’s legal duties and privacy practices with respect to your protected health information. Everytable will abide by the terms of this Notice. Everytable reserves the right to change this or any future Notice and to make the new notice provisions effective for all protected health information that it maintains, including protected health information already in its possession. If the change reflects a material change in its privacy policies and procedures, Everytable will provide the new Notice to you or your legal representative. In all other situations, it will provide you with the new Notice upon request. In addition, the new Notice will be posted in a clear and prominent place in the facility and on Everytable website.
USE AND DISCLOSURE WITH YOUR AUTHORIZATION
Everytable will require a written authorization from you before it uses or discloses your protected health information, unless a particular use or disclosure is expressly permitted or required by law without your authorization. An authorization is generally required for the following uses or disclosures, except in very limited circumstances: (1) uses or disclosures of psychotherapy notes; (2) uses or disclosures of protected health information for marketing purposes; and (3) disclosures of protected health information that constitute its sale.
Everytable has prepared an authorization form for you to use that authorizes Everytable to use or disclose your protected health information for the purposes set forth in the form. You are not required to sign the form as a condition to obtaining treatment or having your care paid for. If you sign an authorization, you may revoke it at any time by written notice. Everytable then will not use or disclose your protected health information, except where it has already relied on your authorization.
HOW EVERYTABLE MAY USE AND DISCLOSE YOUR PROTECTED HEALTH INFORMATION WITHOUT YOUR AUTHORIZATION
Everytable may use or disclose your protected health without your written authorization in the following circumstances:
Everytable may use or disclose your protected health information to provide you with or assist in your treatment, care and services. For example, Everytable may disclose your health information to health care providers who are involved in your care to assist them in your diagnosis and treatment, as necessary.
- Billing and Payment
- Medicare, Medi-Cal and Other Public or Private Health Insurers – Everytable may use or disclose your protected health information to public or private health insurers (including medical insurance carriers, HMOs, Medicare, and Medi-Cal) in order to bill and receive payment for your treatment and services that you receive. For example, the information on or accompanying a bill may include information that identifies you, as well as your diagnosis, procedures, and supplies used.
- Health Care Providers – Everytable may also disclose your protected health information to health care providers in order to allow them to determine if they are owed any reimbursement for care that they have furnished to you and, if so, how much is owed.
- Individuals Involved in Your Care or Payment for Your Care
Unless you specifically object, Everytable may disclose to a family member, other relative, a close personal friend, or to any other person identified by you, all protected health information directly relevant to such person’s involvement with your care or directly relevant to payment related to your care. Everytable may also disclose your protected health information to a family member, personal representative, or other person responsible for your care to assist in notifying them of your location, general condition, or death.
Everytable may use your protected health information for its health care operations. These uses and disclosures are necessary to manage Everytable and to monitor our quality of services and care. For example, we may use your protected health information to review our services and to evaluate the performance of our staff in caring for you.
Everytable will disclose protected health information about a patient who is suspected to be the victim of child, dependent adult, or elder abuse to the extent necessary to complete any oral or written report mandated by law. Under certain circumstances, Everytable may disclose further protected health information about the patient to aid the investigating agency in performing its duties. Everytable will promptly inform the patient about any disclosure unless Everytable believes that informing the patient would place the patient in danger of serious harm, or would be informing the patient’s personal representative, whom Everytable believes to be responsible for the abuse, and believes that informing such person would not be in the patient’s best interest.
Everytable will disclose protected health information in accordance with an order of a court or of an administrative tribunal of a government agency. In addition, Everytable will disclose protected health information in accordance with a valid subpoena issued by a party to adjudication before a court, an administrative tribunal, or a private arbitrator. Reasonable efforts will be made to notify you of the subpoena, or attempts will be made to obtain an order or agreement protecting your protected health information.
Everytable will disclose protected health information to law enforcement agencies in accordance with a search warrant, a court order or court-ordered subpoena, or an investigative subpoena or summons. In addition, it may disclose such information as necessary to assist law enforcement officials investigating crimes involving patients.
- National Security and Intelligence Activities
Everytable will disclose protected health information about a patient to authorized federal officials conducting national security and intelligence activities or as needed to protect federal and foreign officials.
- Licensing and Accreditation
Everytable may disclose your protected health information to any government or private agency, such as to the Medical Board of California, responsible for licensure or accreditation, so that the agency can carry out its oversight activities. These oversight activities include audits; civil, administrative, or criminal investigations; inspections; licensure or disciplinary actions; civil, administrative, or criminal proceedings or actions; or other activities necessary for appropriate oversight.
Everytable may disclose your protected health information to any public health authority that is authorized by law to collect it for purposes of preventing or controlling disease, injury, or disability.
Everytable may contract with certain individuals or entities, called "business associates," to provide services on its behalf. Examples include data processing, quality assurance, legal, or accounting services. Everytable may disclose your protected health information to a business associate, as necessary, to allow the business associate to perform its functions. Everytable will have a contract with each business associate that obligate the business associate to maintain the confidentiality of your protected health information.
Everytable may disclose your protected health information for research purposes, provided that an outside Institutional Review Board overseeing the research approves the disclosure of the information without a written authorization.
Everytable will disclose protected health information to a coroner where the coroner requests the information to identify a decedent; to notify next of kin; or to investigate deaths that may involve public health concerns, suspicious circumstances, elder abuse, or organ or tissue donation. In other cases, Everytable may disclose protected health information to the coroner to allow the coroner to perform its duties.
If you are an organ donor, Everytable may disclose your protected health information following your death to an organ procurement agency or tissue bank in order to aid in using your organs or tissues in transplant.
Everytable may disclose your protected health information to hospital medical staffs to aid in the credentialing of applicants and in the peer review of members.
Everytable may disclose your protected health information in order to comply with California workers’ compensation laws.
- Preventing Danger to Identified Persons
Everytable may disclose your protected health information to prevent an immediate, serious threat to the safety of an identified person.
Everytable may disclose your protected health information to a public or private entity authorized to assist in disaster relief efforts.
Everytable may use protected health information or disclose it to business associates in certain limited circumstances in order to encourage you to use a service or product. This includes, for example, making face-to-face communications with you about the service or product, providing you with a promotional gift of nominal value, or communicating about drug refills. Otherwise, it will obtain a specific written authorization from you before using or disclosing protected health information for marketing purposes.
Everytable may use certain protected health information to contact you in an effort to raise money for Everytable and its operations. Everytable may disclose the protected health information to business associates or to related foundations that it uses to raise funds for its own benefit. The information to be used or disclosed for these purposes will be limited to certain demographic information, the dates of treatment, the department where services were provided, the treating physician, outcome information, and health insurance status. Each fundraising communication will provide a means by which you can opt out of receiving further such communications.
- Sale of Protected Health Information
Everytable may disclose your protected health information for remuneration in certain very narrow circumstances such as where a governmental agency reimburses it for its expenses in providing information for public health purposes. Otherwise, it will obtain a specific written authorization from you or your personal representative before receiving reimbursement for using or disclosing your protected health information.
- Disclosures Otherwise Required by Law
Everytable will disclose protected health information about a patient when otherwise required by law.
YOUR RIGHTS REGARDING PROTECTED HEALTH INFORMATION
You have the following rights with respect to your protected health information. To exercise these rights, contact Everytable at 1101 West 23rd Street, Los Angeles, CA 90007, Attention: Customer Service or [email protected].
- Right to Receive a Copy of the Notice of Privacy Practices
You have the right to request and receive a copy of Everytable’s Notice of Privacy Practices for Protected Health Information in written or electronic form.
- Right to Request Special Privacy Protections
You have the right to request restrictions on the use and disclosure of your protected health information for treatment, payment or health care operations, or providing notifications regarding your identity and status to persons inquiring about or involved in your care. Everytableis not required to grant your request except where you ask it not disclose information to your health plan regarding care paid for by you or someone else out of pocket. Whenever Everytable agrees to comply with your request, it will do so, unless there is an emergency or until Everytable or you terminate the restriction. You also have the right to request that Everytable communicate protected health information to you or another recipient by alternative means or at alternative locations.
You have the right to inspect and copy your health records maintained by Everytable. This includes the right to have electronic records made available in electronic format to you or to someone whom you designate. In certain limited circumstances, Everytable may deny your request as permitted by law. However, you may be given an opportunity to have such denial reviewed by an independent licensed health care professional.
- Right to Request Amendment
You have the right to request an amendment to your health records maintained by Everytable. If your request for an amendment is denied, you will receive a written denial, including the reasons for such denial, and an opportunity to submit a written statement disagreeing with the denial.
You have the right to receive an accounting of disclosures of your protected health information created and maintained by Everytable over the six (6) years prior to the date of your request or for a lesser period of time. Everytable is not required to provide an accounting of certain routine disclosures or of disclosures of which you already are aware.
NOTIFICATION OF SECURITY BREACHES
Everytable will provide you with written notification in the event of a security breach involving your protected health information. The notification will describe what happened, the types of information involved, the steps that Everytable is taking to deal with the situation, what you should do to protect yourself against any harmful consequences, and contacts for obtaining further information.
If you believe that your privacy rights have been violated, you may file a complaint with Everytable at 1101 West 23rd Street, Los Angeles, CA 90007, ATTN: Customer Service or [email protected]. You also have the right to submit a complaint to the Secretary of the U.S. Department of Health and Human Services, 90 7th Street, Suite 4-100, San Francisco, CA 94103, Telephone: (415) 437-8310, Fax: (415)437-8329, TDD: (415) 437-8311, Attention OCR Regional Manager. Everytable will not retaliate against you if you file a complaint.
If you have questions about this Notice of Privacy Practices or would like further information about your privacy rights, contact Everytable at 1101 West 23rd Street, Los Angeles, CA 90007, ATTN: Customer Service or [email protected].
The effective date of this Notice of Privacy Practices is May 5, 2022.