FIND A PROVIDER
SCHEDULE APPOINTMENT

Notice of Privacy Practices

Overview

This Notice is made pursuant to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). It describes how Forum Health uses and discloses your protected health information (PHI) for treatment, payment, healthcare operations, and other purposes permitted or required by law. It also describes your rights to access and control your PHI.

 

PHI is information about you, including demographic information, that might identify you and that relates to your past, present, or future physical or mental health, your health condition, or related healthcare services.

 

This Notice applies to PHI only. Information we collect via our public websites, apps, marketing technologies, or social media that is not PHI is governed by our Privacy Policy and Terms of Use. When you receive clinical services, PHI is protected by HIPAA and this Notice.

 

We are required by law to:

 

  • Maintain the privacy of your PHI.

  • Provide you with a Notice describing our legal duties and privacy practices related to PHI.

  • Abide by the terms of our Notice.

 

Uses & Disclosures of PHI

Your PHI may be used and disclosed by your physician, our organization, our office staff, and others outside our office who are involved in your care and treatment for the purpose of providing healthcare services to you, obtaining payment for your healthcare bills, supporting the operation of our organization, and for any other use required by law.

Treatment

We will use and disclose your PHI to provide, coordinate, or manage your healthcare and any related services. This includes coordination or management of your healthcare with a third party. For example, we may disclose your PHI to a healthcare agency that provides care to you or to a physician to whom you have been referred to ensure they have the information necessary to diagnose or treat you.

Payment

Your PHI will be used, as needed, to obtain payment for your healthcare services. This may include activities your health insurance plan undertakes before it approves or pays for healthcare services we recommend.

Healthcare Operations

We may use and disclose health information about you in connection with healthcare operations necessary to run our practice. This includes provision and review of treatment and services, training, evaluating staff and healthcare professionals, quality assurance, financial or billing audits, legal matters, and business planning and development.

We may also use a sign-in sheet at the registration desk where you will be asked to sign your name and indicate your physician.

Communications

We will send email and text communications for reasons including providing services to you, sharing diagnosis or treatment information, information on orders, and special offers and deals.

 

PLEASE NOTE: Use of unencrypted email or text can carry privacy risk, and we cannot promise the security of PHI contained in unencrypted messages. We encourage all patients to use the patient portal in their electronic health record (EHR) system to access PHI.

 

We employ administrative, technical, and physical safeguards designed to protect PHI; however, no method of transmission or storage is 100% secure. If you prefer not to receive unencrypted email or text, please tell us and we will use reasonable alternative means.

 

We may call you by name in the waiting room when your physician is ready to see you and may use or disclose your PHI to remind you of appointments.

 

Additional Uses

We may use or disclose your PHI without your authorization in the following situations:

 

  • As required by law

  • Public health activities

  • Disaster relief efforts

  • Lawsuits and legal actions

  • Law enforcement purposes

  • Coroners, medical examiners, and funeral directors

  • Organ, eye, and tissue donation

  • Research

  • Serious threat to health or safety

  • Military activity and national security

  • Workers’ compensation

 

We may also share your PHI with a family member, friend, or other individual you have identified as involved in your care or payment for care, such as an emergency contact or next of kin, or as otherwise permitted by law.

 

Business Associates

We may share your information with third-party business associates that perform services such as billing or transcription. When such arrangements involve PHI, we require a written contract that protects your privacy.

 

Your PHI will be available to other healthcare providers within the Forum Health network on a need-to-know basis to provide continuous care. In most cases, your employer is not considered a business associate.

 

Your Rights With Respect to Your Health Information

You have the following rights with respect to certain health information we maintain about you (information in a Designated Record Set as defined by HIPAA). To exercise any of these rights, you must submit a written request to our Privacy Officer.

 

  • Right to access and review: You may request access to and copies of your health information. We may deny your request under certain circumstances, in which case you may appeal. We will provide the information in the format you request if readily producible, or in another mutually agreeable format. We may charge a reasonable fee as allowed by law.

  • Right to request amendment: You may request correction of health information you believe is incorrect or incomplete. If denied, you may submit a statement of disagreement that will be included in your record.

  • Right to request restricted use and disclosure: You may request restrictions on certain uses or disclosures. We are not required to agree, except when you pay in full out of pocket for a service and request that we not submit the claim to your health insurer.

  • Right to request confidential communications: You may request that we contact you in a specific way or at a specific location. Reasonable requests will be accommodated.

  • Right to an accounting of disclosures: You may request a list of certain disclosures of your PHI made in the six years prior to your request, excluding those for treatment, payment, and healthcare operations.

  • Right to receive a paper copy: You may request a paper copy of this Notice at any time.

  • Right to choose someone to act for you: If you have a medical power of attorney or legal guardian, that person may exercise your rights after we verify their authority.

  • Right to complain without retaliation: You may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights (OCR). We will not retaliate against you.

 

Complaints may be filed:

 

 

Uses and Disclosures That Require Your Written Authorization

We will obtain your written authorization before using or disclosing PHI for purposes not described in this Notice or not otherwise permitted by law. Specifically, we will not:

 

  • Use or disclose psychotherapy notes without authorization, except as permitted by law

  • Use PHI for marketing where we receive financial remuneration without authorization

  • Sell your PHI without authorization

 

You may revoke an authorization at any time in writing. Revocation will not affect actions already taken in reliance on your authorization.

 

Special Situations

  • Minors: A parent or legal guardian generally acts on behalf of minors, subject to state laws that allow minors to consent to certain services.

  • Telehealth: PHI related to telehealth services will be protected in accordance with HIPAA and applicable law.

 

How to Contact Us

If you have questions, wish to exercise a right, or want to file a complaint, contact:

 

Forum Health — Privacy Office
2300 Cabot Drive, Suite 125
Lisle, IL 60532
Email: privacy@forumhealth.com
Phone: (888) 558-6980

 

We are required to abide by the terms of this Notice and may revise it at any time. Any revised Notice will apply to all PHI we maintain.