HIPAA Compliance Effective Date: February 6th, 2025 At Healing Handz, we are committed to protecting the privacy and security of our patientsโ health information in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and applicable state laws. This HIPAA Compliance Policy explains how we handle Protected Health Information (PHI) and your rights regarding your health data. What is HIPAA? HIPAA is a U.S. federal law that protects the privacy and security of Protected Health Information (PHI). Under HIPAA, PHI includes any health-related information that can be used to identify you, such as: Medical history, diagnoses, and treatment plans Physical therapy session details Health insurance and billing information Patient contact details (name, phone, email, address) We adhere to HIPAAโs Privacy Rule, Security Rule, and Breach Notification Rule to safeguard your health information. How We Protect Your Health Information We take strict measures to ensure the security and confidentiality of your PHI, including: Data Encryption: All electronic patient records are encrypted. Access Control: Only authorized personnel can access PHI. Secure Communications: We use HIPAA-compliant email, messaging, and telehealth systems. Physical Security: Patient records stored physically are kept in locked cabinets. Regular HIPAA Training: Our staff undergoes mandatory HIPAA training to stay updated on compliance. How We Use & Disclose Your PHI We only use and disclose your PHI when necessary and per HIPAA guidelines. Permitted Uses of PHI We may use your PHI for the following purposes without requiring additional consent: Treatment: Sharing information with healthcare providers involved in your care. Payment: Processing insurance claims and payments. Healthcare Operations: Quality control, training, and operational improvements. Public Health & Safety: Reporting diseases or injuries as required by law. Uses Requiring Your Written Consent Certain disclosures require your explicit written authorization, including: Sharing PHI with third-party marketing agencies. Releasing PHI for research purposes. Selling PHI for any reason (which we do not do). You have the right to revoke consent at any time. Your Rights Under HIPAA As a patient, you have the right to: Access & Obtain a Copy of Your PHI: You can request a copy of your medical records at any time. Request Corrections to Your PHI: If you find inaccuracies in your records, you can request corrections. Request Restrictions on Certain Disclosures: You can ask us not to share certain details with specific entities (except where required by law). Receive an Accounting of Disclosures: You have the right to know how and when your PHI has been shared. File a Complaint: If you believe your rights have been violated, you can file a HIPAA complaint with our Privacy Officer or with the U.S. Department of Health & Human Services (HHS). HIPAA Breach Notification Policy In the event of a breach (unauthorized access, loss, or disclosure of PHI), we will: Investigate the incident immediately. Notify affected patients if their data is compromised. Report the breach to the U.S. Department of Health & Human Services, if required. Take corrective action to prevent future breaches. Telehealth & Online Data Security If you use our telehealth services, we ensure that: Your video and audio sessions are fully encrypted. No unauthorized parties can access your virtual appointments. We only use HIPAA-compliant platforms for telemedicine. Contact Information for HIPAA Concerns If you have questions about our HIPAA Compliance Policy or want to exercise your rights, please contact: ๐ย Healing HandZ Physical Therapy๐งย xxxx@healinghandz.com๐ย (732) 902 2700๐ขย 161 Lincoln Hwy. (Rt.27), Unit-A, Edison, NJ 08820 For HIPAA complaints, you can also contact: ๐ U.S. Department of Health & Human Services (HHS)๐ Toll-Free: 1-800-368-1019๐ www.hhs.gov/hipaa
