Effective Date: 5 September 2019
TeloPoint is committed to protecting the privacy of patient personal information and other protected health information in accordance with the United States Department of Health and Human Services (HHS) regulations designed to protect the confidentiality and integrity of Protected Health Information (PHI) pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA).
Protection of PHI
We retain your personal information that you voluntarily provide to us in your correspondence or feedback on our general Website. We never ask you to provide your social security number, username, password, payment information, or health information as part of such correspondence.
Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), TeloPoint is required by law to maintain the privacy of PHI and to provide you with notice of our legal duties and privacy practices regarding PHI. We will make reasonable efforts to ensure the confidentiality of your PHI, as required by statute and regulation.
TeloPoint MobileCare is a platform consisting of online services and mobile applications to accommodate scheduling of mobile phlebotomy services. We collect and maintain limited information necessary to fulfill your orders. We never collect or store your lab test results or treatment information related to your health condition. Information accessed through this platform, including PHI, is secured using administrative, physical, and technical safeguards.
In the course of providing mobile phlebotomy services, TeloPoint obtains, uses, and discloses PHI. Examples of PHI include but are not limited to:
- Patient name, address, date of birth, and phone numbers
- Health insurance and other payment information
- Your physician’s reason for lab prescription including diagnosis
- Your physician’s name and address
Uses and Disclosure of PHI
PHI will be used or disclosed for treatment, payment or healthcare operation purposes and for other purposed permitted or required by law. If we want to use or disclose PHI for purposes that do not fall into these categories, we must first obtain written authorization. According to law, we do not need authorization or permission to use or disclose a patient’s PHI for the following purposes, even after your death:
- Treatment – We may disclose PHI to physicians and other healthcare professionals who need access to treat the patient. We may also disclose a patient’s PHI to a testing laboratory to perform the needed test.
- Payment – We may use and disclose PHI to certain insurance companies, hospitals, physicians, and health plans for payment purposes or to a third party to assist us in creating bills or getting paid for our services. There may be instances when we may have to contact the patient to obtain billing information or for other billing purposes.
- Healthcare Operations – We may disclose PHI to healthcare providers or payers for their healthcare operations, but only if they already have a relationship with the patient and the purpose is for quality assurance activities, detecting fraud or for other limited purposes.
- Disclosures to Business Associates – We may disclose a patient’s PHI to other companies or individuals who, on behalf of TeloPoint, need PHI to provide specific services to us. These other entities, known as “business associates”, generally must comply with the terms of a contract designed to ensure that they will maintain the privacy and security of PHI in the same manner that we do. For example, PHI may be disclosed to couriers we use to transport specimens.
- By Law – To comply with international, federal or state laws, court orders, subpoenas, or governmental agency orders.
- Public Health –We may disclose PHI to the Food and Drug Association for purposes related to quality safety or effectiveness of FDA regulated products; to prevent or control diseases; to report child abuse or neglect; drug reactions to medications; product recalls that we may be using.
- Law Enforcement – to law enforcement officials relating to crimes and other law enforcement purposes.
- Specialized Government Functions – to military command authorities, veteran’s administration, and national security and intelligence officials for activities deemed necessary to carry out their respective missions or to law enforcement officials having custody of an inmate.
- Worker’s Compensation – to the extent authorized by and to the extent necessary to comply with laws relating to worker’s compensation or similar programs established by law.
- Minors – We may disclose minor children’s PHI to the parents or legal guardians unless prohibited by law.
- Data Breach – to provide legally required notices in the event of a data breach.
- Coroners, Medical Examiners, Funeral Directors – for them to perform their duties.
Uses and Disclosures That Require Your Authorization
Unless you object in writing, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your PHI that directly relates to that person’s involvement in your health care. If you are unable to agree or object, we may disclose such information as necessary if we determine it is in your best interest based on our professional judgment.
For purposes not described above, TeloPoint will obtain patient authorization before using or disclosing PHI. If you signed an authorization form, you may revoke it, in writing, at any time, except to the extent that action has been taken in reliance on the authorization.
Your Rights Regarding Your PHI
Right to Access your PHI – A patient or personal representative (family member, power of attorney or legal guardian) may request access to their PHI. We require written documentation of the request. The patient or their legal representative shall complete the following document and submit it to us via mail along with a copy of their photo ID. No verbal requests will be accommodated. You must include the following information in your request:
- Patient’s name
- Date of Birth
- Specimen Type
- Date of Service
- Patient’s Address
- Ordering Physician
- Valid photo ID (Driver’s License, Passport, Other Government-Issued ID)
Right to Amend – If there is a mistake or missing information in our records of your PHI, you may ask us to make the corrections. The request must be in writing and you must provide a reason that supports your request. We reserve the right to deny the request. Any denial will state the reason for the denial.
Right to Request Restrictions – You have the right to ask us to limit how your PHI is used or disclosed. The request must be made in writing, describe the restrictions, and to whom those restrictions apply. You have the right to restrict disclosures to health plans for services which you paid for out of pocket.
Right to Confidential Communication – You have the right to ask us to communicate with you in a certain way or at a certain address. For example, you may want your information sent to your workplace instead of home.
In case we discover a breach of unsecured PHI, you will be notified without unreasonable delay and no later than 60 days after discovery of the breach. Such notification will include information about what happened and what can be done to mitigate any harm.
Changes to the Notice of Privacy Practices
We reserve the right to make changes to this notice and to our privacy policies from time to time. These changes will be effective immediately upon posting on our website www.telopoint.com
. To ensure that you are aware of any updates, please check this website frequently. We will abide by the terms of our notice currently in effect.
If you have questions, comments, inquiries, requests, or complaints regarding our Privacy Practices, please contact us:
85 Broad Street, 28th Floor
New York, NY 10004
Phone: (646) 952-8558
You also may file a complaint with the Secretary of the U.S. Department of Health and Human Services.