The security of your information is important to us.
Please review this Notice of Electronic Disclosure of Protected Health Information carefully.
Some States' Health and Safety Code requires this notice that describes how Protected Health Information (PHI) of an individual may be used and disclosed electronically by QAnnovate, LLC, and an individual's rights in accordance to such information.
Being business associates with health care providers, primarily with Home Health Agencies (HHA) as our clients, QAnnovate obtains, maintains, uses, and transmits electronic PHI while providing services to you and acting on your behalf. This privacy notice describes the types of information that are normally used and disclosed electronically by us, and an individual's rights on how such information can be used and disclosed.
PHI is individually identifiable health information relating to past, present, or future physical or mental health of an individual; health care provided to an individual; or payment for the health care provided to an individual. PHI does not include summary health information or information that has been de-identified according to the standards for de-identification provided for in the HIPAA Privacy Rule.
Permitted/Required Uses and Disclosures of PHI
QAnnovate will only use or disclose PHI to the extent allowed under business associate agreements entered into with our clients and as allowable under federal and state law. Thus, the uses and disclosures discussed below may be further limited than as described herein under certain circumstances, including when a more restrictive business associate agreement has been entered into or pursuant to specific limitations in your notice of privacy practices that we have notice of and have agreed to abide by.
Our business associate agreements generally authorize us to use your patients’ PHI to perform the services we provide to you. We provide remote clinical documentation review and audit services through your Electronic Medical Record (EMR) software, which we also use to securely and privately communicate regular and other related functions with you and your staff. In performing these activities, PHI is used and disclosed for the purpose of quality assurance.
Uses and Disclosure for Health Care Operations
PHI may be used by, and disclosed for health care operation purposes including, but not limited to: quality review assessments; audits, including fraud and abuse detection and compliance programs; business management and planning; the sale, transfer, merger, or consolidation of a covered entity; legal or administrative services; complaint review; regulatory review; and other legal compliance. In addition, PHI may be used and disclosed for case management and care coordination, contacting health care providers with information about treatment, drug and disease management alternatives, and other related functions that do not include treatment. Further, we may share PHI with third-party subcontractors or other business associates who perform various related health care activities. We require such third parties to sign "downstream" business agreements specifying their compliance with applicable law, the "upstream" business associate agreements we have agreed to with our clients, and our own privacy and security policies.
We have developed policies and procedures in order to ensure the privacy and security of your PHI. These policies and procedures are based on appropriate administrative, technical, and physical safeguards necessary to maintain confidentiality. Access to PHI is limited to those individuals that have a legitimate business need for that information. This protection extends the use of PHI by our subcontractors through our agreements with them.
Other Permitted/Required Uses and Disclosures of PHI
PHI received or created in our capacity as a business associate may be used or disclosed as necessary for the proper management and administration of our business or to carry out our legal responsibilities. We may use or disclose PHI to provide data aggregation services relating to the health care operations of our clients. We may also de-identify PHI under certain circumstances and use such de-identified information for various purposes. We may use and disclose PHI for other permitted reasons, including but not limited to the following reasons: as required by law; in response to a court order or other legal proceeding; in judicial and administrative proceedings for law enforcement purposes; to comply with worker's compensation or other similar laws; for public health activities for health oversight activities; to report abuse, neglect, or domestic violence; to the military if the covered individual is a member of the armed services to correctional institutions if an inmate to coroners, medical examiners, and funeral directors for decedent's information purposes; for organ, eye, or tissue donation purposes; and for national security and intelligence purposes as authorized by law.
We will only use or disclose the minimum amount necessary to perform these functions.
Other Uses and Disclosures of PHI
Uses and disclosures of PHI for purposes other than those described above will be made only with your written authorization. If a customer provides us authorization to use or disclose PHI, that authorization may be revoked in writing at any time. If a customer revokes authorization, we will no longer use or disclose information following the specific purpose contained in the authorization. You understand that we are unable to take back any disclosures already made with your authorization, and that we are required to retain any records we may have containing your PHI.
Also, certain disclosures of PHI may occur incidentally as a result of otherwise authorized uses or disclosures of PHI. We will use our best efforts to limit these disclosures, but from a practical standpoint, incidental disclosures are not likely to be completely avoided.
Your Rights with Respect to PHI
Upon written request, you have the right to:
request restrictions on certain uses and disclosures of your PHI, though we are not always required to agree to a requested restriction;
request communications of PHI by alternative means or at alternative locations access or inspect our records containing your PHI;
request an amendment to your PHI, though we are not always required to agree to a requested amendment; and
receive an accounting of certain disclosures of your PHI.
Except as otherwise authorized under applicable law, we do not use or disclose PHI when specifically protected by more stringent state law. Examples of more stringent state laws include those protecting HIV status, results of genetic testing, and indications of domestic abuse.
We will follow state privacy laws that are more stringent than the federal law.
You may also receive a paper copy of this notice from us upon request.
Our Duties Regarding the Use and Disclosure of PHI
We are committed to maintaining your privacy and abiding by this notice, and we are required by state law to provide this notice to all individuals for whom we create or receive PHI.
We reserve the right to change the terms of this privacy notice.
How to File a Complaint Regarding the Use and Disclosure of PHI
If you believe your privacy rights have been violated, you may file a complaint with us, the United States Secretary of Health and Human Services, or the Michigan Attorney General. All complaints should be in writing. Please be assured that you will not be retaliated against for filing a complaint.
How to Contact Us
You may contact our representative at the following:
Victor Reynolds • victor.reynolds@qannovate.com • 1-844-726-6688