Toothpic’s Privacy Commitment To You
Description
Toothpic is committed to maintaining the privacy of your protected health information (‘PHI’). PHI is information about you that may be used to identify you (such as your name, social security number or address), and that relates to (a) your past, present or future physical or mental health or condition, (b) the provision of health care to you, or (c) your past, present, or future payment for the provision of health care. Over the course of its business, Toothpic will receive and create records containing your PHI. Toothpic is required by law to maintain the privacy of your PHI and to provide you with notice of its legal duties and privacy practices with respect to your PHI. Toothpic must abide by the terms of this Notice while it is in effect. This Notice takes effect on April 1st, 2015, and will remain in effect until Toothpic replaces it. Toothpic reserves the right to change the terms of this Notice at any time, as long as the changes are in compliance with applicable law. If Toothpic changes the terms of this Notice, the new terms will apply to all PHI that it maintains, including PHI that was created or received before such changes were made. If Toothpic changes this Notice, it will post the new Notice on its Web site and will make the new Notice available upon request.
Uses and Disclosures of PHI
Toothpic may use and disclose your PHI in the following ways: 1) Treatment, Payment and Health Care Operations. Toothpic is permitted to use and disclose your PHI for purposes of (a) treatment, (b) payment and (c) health care operations. Examples include: 1a) Treatment. Toothpic may disclose your PHI to another physician or health care provider for purposes of a consult or in connection with the provision of follow-up treatment. 1b) Payment. Toothpic may use and disclose your PHI to your health insurer or health plan in connection with the processing and payment of claims and other charges. 1c) Health Care Operations. Toothpic may use and disclose your PHI in connection with its health care operations, such as providing customer services and conducting quality review assessments. Toothpic may engage third parties to provide various services for Toothpic. If any such third party must have access to your PHI in order to perform its services, Toothpic will require that third party to enter an agreement that binds the third party to the use and disclosure restrictions outlined in this Notice. 2) Authorization. Toothpic is permitted to use and disclose your PHI upon your written authorization, to the extent such use or disclosure is consistent with your authorization. You may revoke any such authorization at any time. 3) As Required by Law. Toothpic may use and disclose your PHI to the extent required by law.
Unique Circumstances
The following outlines the special circumstances in which Toothpic may use or disclose your PHI: 1) Public Health Activities. Toothpic may disclose your PHI to public health authorities or other governmental authorities for purposes including preventing and controlling disease, reporting child abuse or neglect, reporting domestic violence and reporting to the Food and Drug Administration regarding the quality, safety and effectiveness of a regulated product or activity. Toothpic may, in certain circumstances disclose PHI to persons who have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading a disease or condition. 2) Workers’ Compensation Workers’ Compensation. Toothpic may disclose your PHI as authorized by, and to the extent necessary to comply with, workers’ compensation programs and other similar programs relating to work-related illnesses or injuries. 3) Health Oversight Activities. Toothpic may disclose your PHI to a health oversight agency for authorized activities such as audits, investigations, inspections, licensing and disciplinary actions relating to the health care system or government benefit programs. 4) Judicial and Administrative Proceedings. Toothpic may disclose your PHI, in certain circumstances, as permitted by applicable law, in response to an order from a court or administrative agency, or in response to a subpoena or discovery request. 5) Law Enforcement. Toothpic may, under certain circumstances, disclose your PHI to a law enforcement official, such as for purposes of identifying or locating a suspect, fugitive, material witness or missing person. 6) Decedents. Toothpic may, under certain circumstances, disclose PHI to coroners, medical examiners and funeral directors for purposes such as identification, determining the cause of death and fulfilling duties relating to decedents. 7) Research. Toothpic may, under certain circumstances, use or disclose PHI that is necessary for research purposes. 8) Threat to Health or Safety. Toothpic may, under certain circumstances, use or disclose PHI if necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. 9) Specialized Government Functions. Toothpic, may in certain situations, use and disclose PHI of persons who are, or were, in the Armed Forces for purposes such as ensuring proper execution of a military mission or determining entitlement to benefits. Toothpic may also disclose PHI to federal officials for intelligence and national security purposes.
Your Rights Regarding Your PHI
You have the following rights regarding the PHI maintained by Toothpic: 1) Confidential Communication. You have the right to receive confidential communications of your PHI. You may request that Toothpic communicate with you through alternate means or at an alternate location, and Toothpic will accommodate your reasonable requests. You must submit your request in writing to Toothpic. 2) Restrictions. You have the right to request restrictions on certain uses and disclosures of PHI for treatment, payment or health care operations. You also have the right to request that Toothpic restrict its disclosures of PHI to only certain individuals involved in your care or the payment of your care. You must submit your request in writing to Toothpic. Toothpic is not required to comply with your request. However, if Toothpic agrees to comply with your request, it will be bound by such agreement, except when otherwise required by law or in the event of an emergency. 3) Amendment. You have a right to request that Toothpic amend your PHI if you believe it is incorrect or incomplete, and you may request an amendment for as long as the information is maintained by Toothpic. You must submit your request in writing to Toothpic and provide a reason to support the requested amendment. Toothpic may, under certain circumstances, deny your request by sending you a written notice of denial. If Toothpic denies your request, you will be permitted to submit a statement of disagreement for inclusion in your records. 4) Copies & Inspections. You have the right to inspect and copy your PHI. You must submit your request in writing to Toothpic. Toothpic may impose a fee for the costs of copying, mailing, labor and supplies associated with your request. Toothpic may deny your request to inspect and/or copy your PHI in certain limited circumstances. If that occurs, Toothpic will inform you of the reason for the denial, and you may request a review of the denial. 5) Accounting of Disclosures. You have a right to receive an accounting of all disclosures Toothpic has made of your PHI. However, that right does not include disclosures made for treatment, payment or health care operations, disclosures made to you about your treatment, disclosures made pursuant to an authorization, and certain other disclosures. You must submit your request in writing to Toothpic and you must specify the time period involved (which must be for a period of time less than six years from the date of the disclosure). Your first accounting will be free of charge. However, Toothpic may charge you for the costs involved in fulfilling any additional request made within a period of 12 months. Toothpic will inform you of such costs in advance, so that you may withdraw or modify your request to save costs. 6) Data Breach Notification. You have the right to be notified in the event that Toothpic (or a Toothpic Business Associate) discovers a breach of unsecured PHI. 7) Hard Copy Notice. You have the right to obtain a paper copy of this Notice from Toothpic at any time upon request. To obtain a paper copy of this notice, please email healthinfo@toothpic.com. 8) Complaint Info. You may complain to Toothpic and to the Secretary of the Department of Health and Human Services if you believe that your privacy rights have been violated. To file a complaint with Toothpic, you must submit a statement in writing to Toothpic to the address listed below. Toothpic will not retaliate against you for filing a complaint. 9) Further Information. If you would like more details about your privacy rights, please contact Toothpic at privacy@toothpic.com. 10) Written Notice. To the extent you are required to send a written request to Toothpic to exercise any right described in this Notice, you must submit your request to Toothpic: Attn: Privacy Officer, 40 Dame Street, Dublin 2, Ireland
Data Security
When Toothpic collects personal information directly from you, Toothpic takes all reasonable measures to protect the personal information submitted to us, both during transmission and once we receive it. No method of transmission over the Internet, or method of electronic storage, is 100% secure, however. Therefore Toothpic cannot guarantee its absolute security. If you have any questions about security on our Web site, you can contact Toothpic at privacy@toothpic.com.
Toothpic Employees
Every employee at Toothpic has a detailed set of industry standard guidelines and job-specific training on how to protect and respect your information. Toothpic has clear policies in place in the event of a privacy issue, so Toothpic can react quickly and resolve the issue appropriately.