Notice of Privacy Practices for Protected Health Information
Effective Date: May 19, 2023
This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
If you have any questions or concerns about this notice, please contact: Privacy Officer at 888-308-4703, [email protected] or Legal Department 8525 W. 183rd Street, Suite A1, Tinley Park, Illinois 60487.
We Do Not Use Your Data for Biometric Identification: While Eyelation may use your photo for our services to you, this information is never used for the purposes of biometric identification nor is it sold or shared to third parties for that purpose. Eyelation’s Data Retention Policy outlines that sensitive data will be deleted from the system after a period of 6 years when an account has been rendered inactive or as requested in writing from the owner of that data (you).
Our Responsibilities: The Health Insurance Portability and Accountability Act (HIPAA) of 1996 and its related rules and regulations dictate the privacy practices that health care organizations and their partners are obligated to follow with respect to medical information about you. The law requires us to: (1) keep medical information about you confidential, as provided for by state and federal law; (2) notify you of our legal duties and privacy practices with respect to medical information about you; and (3) abide by the terms of our most current version of this notice.
Uses and Disclosures of Medical Information about You: The following is a list of ways in which we may use and disclose medical information about you. We may:
- Use your medical information to provide you with treatment or services, such as to fill your order and confirm your prescription. We also may use medical information about you for purposes of contacting you for reminders, possible treatment options and alternatives, health-related benefits or services and products that may be of interest to you.
- Use your medical information to receive payment for the services we provide, such as to bill and collect payment from you, from your employer, or any relevant third party payer/provider.
- Use your medical information to support our operational activities such as comparing patient data to improve our operations or assessing the care and outcomes in your case and others like it.
- Use medical information about you to interact with our business associates that we have contracted with to perform specific functions for us and help us do our jobs. Our partners are required by contract and by law to protect medical information about you in the same manner as we do.
- Disclose medical information about you to other organizations, subject to certain requirements, without prior authorization, for public health purposes, research studies, organ donation, emergencies, abuse or neglect reporting, funeral arrangements, workers’ compensation purposes and health oversight audits or inspections.
- Disclose medical information about you when required to do so by law, such as in response to: requests from law enforcement agencies in specific circumstances; valid judicial or administrative orders; the government, if you are in the military or a veteran; national security and intelligence activities; and protective services for the President and others.
- Disclose medical information about you to a friend or family member who is involved in your medical care, someone who helps pay for your care or disaster relief authorities to notify your family of your location and condition. We may disclose medical information about you to a person legally authorized to act on your behalf, such as a parent, legal guardian, administrator or executor of your estate, or other individual authorized under applicable law.
- The image, voice, video or text understanding capabilities of the Eyelation application uses Microsoft Cognitive Services. Microsoft will receive the images, audio, video, and other data that you upload (via this app) for service improvement purposes. To report abuse of the Microsoft Cognitive Services to Microsoft, please visit the Microsoft Cognitive Services website at https://www.microsoft.com/cognitive-services, and use the “Report Abuse” link at the bottom of the page to contact Microsoft. For more information about Microsoft privacy policies please see their privacy statement here:
• Google Terms of Service: https://www.google.com/intl/en/policies/terms/
- Your hearing screening data may be shared with Shoebox Audiometry and HearUSA if it is determined that you have some form of hearing loss. Your name and contact information will only be used to contact you to schedule a free hearing consultation. By using our system, you are also consenting to Shoebox Audiometry and HearUSA’s Terms of Service which can be found here respectively.
• Shoebox Audiometry Terms of Service: https://www.shoebox.md/terms-of-service/
• HearUSA Terms of Service: https://www.hearusa.com/about-us/terms-and-conditions/
In any other situation not covered by this notice, we will ask for your written authorization before using or disclosing your medical information. If you chose to authorize use or disclosure you can later revoke that authorization by notifying us in writing of your decision.
State-Specific Requirements: Some states have separate privacy laws that may apply additional legal requirements regarding uses and disclosures of medical information about you. If the state privacy laws are more stringent than federal privacy laws, the state law preempts the federal law.
Your Consent: By choosing to use our system and related sites and applications, you consent to the following:
- Processing of your image for use within our sites and applications.
- Receiving periodic text messages regarding your benefit and applicable products.
- Store your prescription, and contained information therein, for the purposes of making your eyewear. Eyelation stores your provider’s information and may contact your provider to confirm details about your prescription. Eyelation maintains a database of providers and their contact information and may use that information for other purposes.
Your Rights: To exercise these rights, contact our Privacy Officer to obtain a form or submit a written request to: 8525 W. 183rd Street, Suite A1, Tinley Park, Illinois 60487. You have the right to:
- Inspect and obtain a copy of the medical information that may be used to make decisions about your care. We may deny your request to inspect and copy in certain circumstances. If you are denied access to medical information about you, you may request that the denial be reviewed. We may charge you for the cost of the request.
- Request that we amend the information kept by us if you believe it is incorrect or incomplete. You must provide a reason that supports your request. We may deny your request for an amendment and if this occurs, you will be notified of the reason for the denial and permitted to provide a statement of disagreement that will be attached to your medical record.
- Request an accounting of disclosures. This is a list of certain disclosures we make of medical information about you for purposes other than treatment, payment, or health care operations when an authorization was not required. Your request must specify a period, which may not be longer than six years.
- Request a restriction or limitation on the medical information we use or disclose about you for treatment, payment or health care operations and to limit on the medical information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. We are not required to agree to your request, except in the case of a disclosure to a health plan if it is for payment or certain care operations and relates to an item or service for which you have paid out of pocket in full. If we agree, we will comply with your request except in certain emergency situations or as required by law.
- Request that we communicate with you about medical matters in a certain way or at a certain location. For example, you may ask that we contact you at work instead of home or vice versa. We will grant reasonable requests.
- A paper copy of this notice. You may ask us to give you a copy of this notice at any time. Even if you have agreed to receive this notice electronically, you are still entitled to a paper copy of this notice. Receive notification of breaches of unsecured medical information.
- You reserve the right to have any personal information, files, and images removed from our records.
Changes to this Notice: We reserve the right to change this notice at any time, and the revised or changed notice will be effective for information we already have about you as well as any information we may receive in the future. The current notice will be posted on our website www.eyelation.com or upon request.
Complaints: You have to file a complaint if you believe your privacy rights have been violated. You may register complaints with our Privacy Officer at the location above, who will evaluate the complaints and take appropriate action consistent with our mitigation and disciplinary policies. You will not be retaliated against for filing a complaint. You also have the right to contact the Office for Civil Rights (OCR), who is the federal agency that enforces HIPAA rules and regulations. Information on filing a complaint with OCR is available at http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html.