This privacy policy & practices page also serves to inform individuals how their protected health information’ (PHI) is used and shared by Forward Health. We protect the privacy and security of your substance use disorder patient records in accordance with 42 U.S.C. § 290dd–2 and 42 C.F.R. Part 2, the Confidentiality of Substance Use Disorder Patient Records (“Part 2”), in addition to HIPAA and applicable state law. This Notice of Privacy Practices outlines our legal duties and privacy practices with respect to health information. We are required by law to provide you with a copy of this Notice and to notify you following a breach of your unsecured health information. You have the right to file a complaint if you believe your privacy rights have been violated. If you would like to file a complaint about our privacy practices, you can do so by sending a letter outlining your concerns to: Forward Health , Attn: Compliance, 6020 Groveport Road, Groveport, OH 43125 or by asking to speak to our compliance officer by calling 614-567-6274. You also have the right to complain to the Secretary of the United States Department of Health and Human Services, the United States Attorney for the judicial district in which the violation occurs, and the Substance Abuse and Mental Health Services Administration (SAMHSA) office responsible for opioid treatment program oversight. You will not be penalized or otherwise retaliated against for filing a complaint. When registering or filling out a form on our site, you may be asked to enter your name, email address, phone number, subject matter, or other details to help you with your experience. We collect this information to create a better and more personalized visitor experience and also so that we can help you get the most from our website and our services. We collect information from you when you register on our site, subscribe to a newsletter, fill out a form, or enter information on our site. We do not collect any information outside of your voluntary disclosure using our website forms, phone service, or email. We may use the information we collect from you when you register, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways: Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible. We use regular Malware Scanning. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/insurance information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers. We do use cookies with Google Analytics and Dynamic Number Insertion. We do not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information. We do not include or offer third-party products or services on our website. Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users. https://support.google.com/adwordspolicy/answer/1316548?hl=en Google, as a third-party vendor, uses cookies to serve ads on our site. Google’s use of the DART cookie enables it to serve ads to our users based on previous visits to our site and other sites on the Internet. Users may opt-out of the use of the DART cookie by visiting the Google Ad and Content Network privacy policy. We have implemented the following: Google Display Network Impression Reporting We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions and other ad service functions as they relate to our website. Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising Initiative Opt-Out page or by using the Google Analytics Opt-Out Browser add-on. You will be notified of any changes on our Privacy Policy Page. You can change your personal information: We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place. It’s also important to note that we allow third-party behavioral tracking When it comes to the collection of personal information from children under the age of 13 years old, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States’ consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online. We do not specifically market to children under the age of 13 years old. We uphold the highest standards for protecting your information. To do this, we have both electronic and physical safeguards for information that are implemented to continuously protect your personal data. Our safeguards are according to the industry’s standards and practices. Fair Information Practices The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information. In order to be in line with fair information practices we will take the following responsive action, should a data breach occur: We collect your email address in order to market to our mailing list or continue to send emails to our clients after the original transaction has occurred. CAN-SPAM Act The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. To be in accordance with CAN-SPAM, we agree to the following: If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence. We will obtain your written authorization to use and disclose your protected health information unless we are permitted to use or disclose your information without your authorization under applicable law. The following categories describe the ways that we may use and disclose your health information without your written authorization under Part 2. To the extent applicable state law is even more restrictive than Part 2 on how we use and disclose any of your health information, we comply with more restrictive state law. Within Our Facilities. Forward Health personnel who have a need for your information in connection with their duties that arise out of the provision of diagnosis, treatment, or referral for treatment may use and share your information. In addition, we may share your information with the entity that has direct administrative control over our substance use disorder program. Emergency Treatment. In the event of a medical emergency in which your prior authorization cannot be obtained, we may disclose your identifying information to medical personnel. We will obtain your authorization prior to disclosing your information for non-emergency treatment. Business Associates/Qualified Service Organizations. We may disclose your information to third party “business associates” and “qualified service organizations” that perform various services on our behalf, such as transcription, billing, and collection services, and who agree to protect the privacy of your health information. Audits. We may disclose your health information to entities who are legally permitted to perform audits of our facilities. Those entities are required to maintain the privacy of your information. Legal Proceedings. We may disclose your health information pursuant to court orders that meet the requirements of applicable law. Reporting Crimes on Our Premises or Against Our Personnel. We may disclose a patient’s commission (or threatened commission) of a crime on our premises or against our personnel to a law enforcement agency or official. We are permitted to disclose information regarding the circumstances of such incident, including the suspect’s name, address, last known whereabouts, and status as a patient in our program. Reporting Child Abuse or Neglect. We may report incidents of suspected child abuse and neglect to the appropriate state or local authorities. Deceased Persons. We may disclose information relating to the cause of death of a patient under laws requiring the collection of death or other vital statistics or permitting inquiry into the cause of death. Research. Under certain circumstances, we may disclose your health information to researchers who are conducting a specific research project. Your identifying information will never be published without your written authorization. FDA Reporting. We may disclose patient identifying information to medical personnel of the Food and Drug Administration (“FDA”) who assert a reason to believe that the health of any individual may be threatened by an error in the manufacture, labeling, or sale of a product under FDA jurisdiction, and that the information will be used for the exclusive purpose of notifying patients or their physicians of potential dangers. OTHER USES AND DISCLOSURES: Use or disclosure of your health information for any purpose other than those listed above requires your written authorization. Some examples include: If you change your mind after authorizing a use or disclosure of your health information, you may withdraw your permission by revoking the authorization. However, your decision to revoke the authorization will not affect or undo any use or disclosure of your health information that occurred before you notified us of your decision, or any actions that we have taken based upon your authorization. To revoke an authorization, please notify us by mail at Forward Health, Attn: Compliance, 6020 Groveport Road, Groveport OH 43125 or by contacting our Compliance Officer by telephone at 614-567-6274. YOUR RIGHTS REGARDING YOUR HEALTH INFORMATION: This section describes your rights regarding the health information we maintain about you. All requests or communications to exercise your rights discussed below must be submitted in writing to Forward Health, Attn: Compliance, 6020 Groveport Road, Groveport OH 43125. Right to Inspect and Copy. You have the right to inspect and receive a copy of your health information, excluding your psychotherapy notes. We may charge you a fee as authorized by law to meet your request. You may request access to your health information in a certain electronic form and format, if readily producible, or, if not readily producible, in a mutually agreeable electronic form and format. Further, you may request in writing that we transmit such a copy to any person or entity you designate. Your written, signed request must clearly identify such designated person or entity and where you would like us to send the copy. We may deny your request to inspect and copy in limited circumstances. If you are denied access to your health information, you may request that the denial be reviewed by a licensed health care professional chosen by us. The person conducting the review will not be the person who denied your request. We will comply with the outcome of the review. Right to Request Confidential Communications. You have the right to request that we communicate your health information to you in a certain manner or at a certain location. For example, you may wish to receive information through a written letter sent to a private address. We will grant reasonable requests. We will not ask you the reason for your request. Right to Amend. You have a right to request that we amend or correct your health information that you believe is incorrect or incomplete. For example, if your date of birth is incorrect, you may request that the information be corrected. To request a correction or amendment to your health information, you must make your request in writing and provide a reason for your request. You have the right to request an amendment for as long as the information is kept by or for us. Under certain circumstances we may deny your request. If your request is denied, we will provide you with information about our denial and how you can file a written statement of disagreement with us that will become part of your medical record. Right to an Accounting of Disclosures. You have the right to request an accounting of disclosures we make of your health information. Please note that certain disclosures need not be included in the accounting we provide to you, including most disclosures we make pursuant to your authorization. Your request must state a time period which may not go back further than six years. You will not be charged for this accounting, unless you request more than one accounting per year, in which case we may charge you a reasonable cost-based fee for providing the additional accounting(s). We will notify you of the costs involved and give you an opportunity to withdraw or modify your request before any costs have been incurred. Right to Request Restrictions. HIPAA provides that you have the right to request restrictions on how your health information is used or disclosed for treatment, payment, or health care operations activities but that we are not required to agree to your requested restriction, unless that restriction is regarding disclosure of health information to your health insurance company and: (1) the disclosure is for the purpose of carrying out payment or health care operations and is not otherwise required by law; and (2) the health information pertains solely to a health care item or service for which you or another person (other than your health insurance company) paid for in full. Note, however, that Part 2 requires that we obtain your written authorization for most disclosures, except as expressly outlined above. Right to a Paper Copy of This Notice. You have the right to receive a paper copy of this Notice at any time, even if you previously agreed to receive this Notice electronically. Please contact us if you would like a paper copy. If there are any questions regarding this privacy policy, you may contact us using the information below. Forward Health Attn: Webmaster 6020 Groveport Road, Groveport OH 43125PII Privacy Policy
What Personal Information Do We Collect From The People That Visit Our
Website?
When Do We Collect Information?
How Do We Use Your Information?
How Do We Protect Your Information?
Do We Use ‘Cookies’?
Third-Party Disclosure
Third-Party Links
Google
Opting Out:
Privacy Policy Changes:
How Does Our Site Handle Do Not Track Signals?
Does Our Site Allow Third-Party Behavioral Tracking?
COPPA (Children Online Privacy Protection Act)
Online Security
Email Address
Protected Health Information (PHI) Privacy Practices
Contacting Us
This privacy policy has been compiled to better serve those who are concerned with how their ‘Personally Identifiable Information’ (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect, or otherwise handle your Personally Identifiable Information in accordance with our website.
