Doctor On Demand Professionals Notice of Privacy Practices
Effective Date: May 12, 2023
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Included Health offers online telehealth services enabling our Members to report their health history and engage independent healthcare professionals (“Healthcare Professionals”) to obtain medical and healthcare services, as well as provide behavioral health coaching from Coaches (“Coaches”) who do not provide professional or clinical services.
The Healthcare Professionals who deliver Services through Included Health are independent professionals practicing within several groups of independently owned professional practices. The practices that are subject to this Notice include Doctor On Demand Professionals of California, P.C.; Doctor On Demand Professionals of Illinois Basu, Ltd.; Innovative Medical Practice of Massachusetts, P.C.; Doctor On Demand Professionals of Michigan, P.C.; Innovative Medical Practice of North Carolina, P.C.; Doctor On Demand Professionals of New Jersey, P.C.; Innovative Medical Practice of New York, P.C.; and Doctor on Demand Professionals of Texas, P.A. These practices are collectively known as “Doctor On Demand Professionals” (“us”, “we”, “our”).
This Notice of Privacy Practices or “Notice” describes how Doctor On Demand Professionals may use and disclose your health information and how you can access this information. The Doctor on Demand Professionals are part of an organized health care arrangement (OHCA). Your health information may be shared among the Doctor on Demand Professionals as necessary to carry out treatment, payment, and/or health care operations related to the OHCA. All participants in the OHCA arrangement are required to abide by this Notice.
How is patient privacy protected?
We understand that information about you and your health is personal. By “health information,” we mean protected health information as defined under federal law (the Health Insurance Portability and Accountability Act, or HIPAA, and its implementing regulations). Not only is it our legal obligation, but it is our business imperative to ensure the confidentiality of your health information. We continuously seek to safeguard your health information through administrative, physical, and technical means, and otherwise abide by applicable federal and state laws.
How do we use and disclose health information?
We use and disclose your health information for the normal business activities that fall in the categories of treatment, payment and healthcare operations. Generally, we do not need your permission for these disclosures under applicable laws. Below we provide examples of those activities, although not every use or disclosure falling within each category is listed:
- Treatment – We may use and disclose your health information to provide you with medical treatment and services and share it with other professionals who treat you. We may use and disclose your health information to coordinate your care between our doctors, nurses, or other personnel who are involved in your care. We may use and disclose health information to other healthcare providers who may be involved in your care at hospitals, clinics, or other locations to coordinate activities such as filling prescriptions, lab work, imaging, and other treatment activities.
- Payment – We may use and disclose your health information to get payment from health plans and other entities. We document the services and supplies you receive when we are providing you care so that you, your insurance company or another third party can pay us. We may use or disclose your health information to collect payment or to obtain prior approval by your health plan for treatment or services.
- Health Care Operations – Health information is used to improve the services we provide, to train staff, for business management activities, quality assessment and improvement, and for customer service. For example, we may use your health information to review our treatment and services and to evaluate the performance of our staff in caring for you. We may also use and disclose health information to other individuals and organizations who help us with our business activities, such as consultants or attorneys.
- When using the Sites or Services, your information will be shared with Included Health for the purposes stated in the Included Health Privacy Policy.
We may also use and disclose your health information to:
- Comply with federal, state or local laws that require disclosure.
- Assist in public health and safety activities, such as tracking diseases and reporting potential disease exposure, reporting reactions to medications or problems with medical devices or products, and to report or inform government authorities as required to protect victims of abuse, neglect, or domestic violence.
- Comply with requests from the government or law enforcement, such as federal and state health oversight activities, or to respond to law enforcement officials, judicial orders, subpoenas or other processes.
- Inform coroners, medical examiners and funeral directors of information necessary for them to fulfill their duties — for example to identify a deceased person, determine a cause of death, or as authorized by law.
- Facilitate organ and tissue donation or procurement.
- We can use and share your health information to conduct health research following internal review protocols to ensure the balancing of privacy and research needs.
- To avert or lessen a serious and imminent threat to the health or safety of you, the public, or another person.
- Assist in specialized government functions such as national security, intelligence and protective services.
- Inform military and veteran authorities if you are an armed forces member (active or reserve).
- If you are an inmate, provide information necessary for the correctional institution or law enforcement to provide you with health care or protect your health and safety, the health and safety of others, or the safety and security of the correctional institution.
- Inform workers’ compensation carriers or your employer if you are injured at work, as authorized by or to the extent necessary to comply with state workers compensation laws.
- To recommend possible treatment options or alternatives.
- Tell you about health-related products and services, such as benefits or medical education classes.
- Provide information to third parties who we do business with, who provide services on our behalf. However, we require these third parties to provide us with assurances that they will safeguard your information.
- Participate in health information exchanges (“HIEs”). HIEs enable organizations participating in your care, such as hospitals, labs, and doctors, to electronically share your health information for treatment, payment, health care operations, and other lawful purposes. In some states, you have the right to opt-in or opt-out of the inclusion of your health information in an HIE. We may provide your health information in accordance with applicable law to the HIEs in which we participate.
In these cases we will not disclose your health information without your authorization:
All other uses and disclosures, not previously described, may only be done with your written authorization.
- Use or disclosure of your health information for marketing purposes.
- Sale of your information.
- Most sharing of psychotherapy notes.
In some cases state law may require that we apply extra protections to some of your health information.
What are the Healthcare Professional’s Responsibilities?
We are required by law to:
- Maintain the privacy of your health information.
- Provide this Notice of our duties and privacy practices.
- Abide by the terms of the Notice currently in effect.
- Tell you if there has been a breach that compromises your health information.
We reserve the right to change the terms of our Notice, and to make new notice provisions effective for all the information we maintain. Revised notices will be posted on the Site.
Who will follow this Notice?
This Notice describes the health care practices of:
- Any Healthcare Professional authorized to access and/or enter information into your health record;
- All departments and units of Doctor On Demand Professionals through which online health services are provided; and
- All affiliates and volunteers.
Your Rights Regarding Your Health Information
You have the right to:
- Obtain or inspect a copy of your health information. We may deny your request under limited circumstances. You may request that we provide your health records to you in an electronic format.
- Request an amendment of your health information, if you feel the health information is incorrect or incomplete. However, under certain circumstances we may deny your request.
- Receive an accounting of certain disclosures of your health information made for the prior six (6) years, although this excludes certain disclosures for treatment, payment, and health care operations. (Fees may apply to this request if more than one accounting is requested within a 12 month time period.)
- Request that we restrict how we use or disclose your health information. However, we are not required to agree with your requests, unless you request that we restrict information provided to a payor, the disclosure would be for the payor’s payment or healthcare operations, and you have paid for the health care services completely out of pocket. If we do agree to your request, we will comply unless the information is needed to provide emergency treatment to you.
- Confidential Communications: Request that we communicate with you in a certain way or at a certain location, such as a specific telephone number or address.
- Obtain a paper copy of this notice even if you receive it electronically.
To make any of these requests, please note the following:
- If you are an existing Member, please submit your request either by calling us, or by submitting via the application (e.g., using the chat service, or via an open case).
- You may alternatively contact us via the information provided below under What if I have a complaint or want to contact you?.
We will not respond to or process any requests prior to verifying your identity. This is done to protect your information and ensure, to the best of our ability, that we only process such requests for the right persons.
What if I have a complaint or want to contact you?
If you believe that your privacy has been violated, you may file a complaint with us or with the Secretary of Health and Human Services in Washington, D.C. We will not retaliate or penalize you for filing a complaint with us or the Secretary.
To file a complaint with us, submit a request, or receive more information:
- You may contact us by mail at:
Included Health, Inc., Privacy Officer
1 California Street, Ste. 2300
San Francisco, CA 94111
- You may email us at privacy@includedhealth.com.
- If you are registered, you may submit a message through the “chat” experience once logged-in.
- Or you may call our general support toll free line at (855) 431-5533.
To file a complaint with Office for Civil Rights U.S. Department of Health and Human Services write to 200 Independence Avenue, S.W., Room 509F, HHH, Washington, D.C. 20201, call 1-800-368-1019, or file an online complaint at https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf.