HIPAA Notice of Privacy Practices

This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. HIPAA, the Health Insurance Portability and Accountability Act, requires us to give it to you and to follow its terms.

Our duties

Dayward Sleep, the clinicians who provide your care through our platform, and the Business Associates that support that care are required by law to: (a) maintain the privacy of your Protected Health Information (PHI); (b) provide you this Notice of our legal duties and privacy practices; (c) follow the terms of the Notice currently in effect; and (d) notify you following a breach of unsecured PHI.

How we may use and disclose your PHI without your authorization

Treatment

We share information among the clinicians and care team members involved in your sleep treatment, and with the compounding pharmacy partner that fulfills any prescription written for you.

Payment

We use your information to bill for services and to process payment, including through our payment processor.

Health care operations

We use your information to operate the practice: quality improvement, clinician training and credentialing, audits, compliance, and similar activities.

Business Associates

We share information with vendors who help us provide the service (hosting, telehealth video, e-prescribing, customer support, analytics) under written agreements that require them to protect your PHI.

Required or permitted by law

We may disclose information when required by law, for public health and safety, to health oversight agencies, in response to court orders or subpoenas, for law enforcement purposes in specified circumstances, to coroners and funeral directors, for organ donation, for workers’ compensation, and to avert a serious threat to health or safety.

Uses and disclosures that require your written authorization

Marketing, sale of PHI, and most uses of psychotherapy notes require your written authorization. You may revoke an authorization at any time, in writing, except to the extent we have already acted on it.

Your rights

• Access. Get a copy of your medical record.
• Amendment. Ask us to correct information you believe is incorrect or incomplete.
• Accounting. Receive a list of certain disclosures we have made.
• Restrictions. Ask us to limit how we use or share information. We will comply with a restriction on disclosure to a health plan for services you paid for in full out of pocket.
• Confidential communications. Ask us to contact you in a specific way or at a specific location.
• Paper copy. Get a paper copy of this Notice, even if you have agreed to receive it electronically.
• Breach notification. Be notified if there is a breach of unsecured PHI.
• Complaint without retaliation. File a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights without fear of retaliation.

How to exercise your rights or file a complaint

Send a written request to the Privacy Officer at the contact address on our site. To file a complaint with the federal government, contact the U.S. Department of Health and Human Services, Office for Civil Rights.

Changes to this Notice

We may change the terms of this Notice at any time. The new Notice will apply to all PHI we maintain. When changes are material, we will post the revised Notice on our site and update the “Last updated” date above.

State law

Where state law gives you greater privacy protection than HIPAA, we follow state law. Specific categories, including mental health, substance use disorder treatment, HIV status, and genetic information, have additional protections in many states.