Healing Horizons Privacy Policy

Introduction

Welcome to Healing Horizons We are committed to protecting the privacy and security of our patients' personal data. This privacy policy outlines how we collect, use, share, and protect patient information, as well as the rights patients have regarding their data.

Data Collection

Types of Personal Data Collected

We collect the following types of personal data from our patients:

  • Identification Information: Name, contact details (phone, email, address), and date of birth.

  • Medical Information: Medical history, current health status, health insurance information, records of appointments and services, diagnostic test results, treatment plans, and outcomes.

  • Financial Information: Credit card details, banking information, and billing addresses for payment processing.

  • Voluntary Information: Feedback, testimonials, and participation in surveys provided voluntarily by patients.

Data Usage

How We Use Collected Data

We use the collected personal data for the following purposes:

  • Personalized Medical Care: Provide personalized medical care and treatment plans based on health history and current health status.

  • Administrative Tasks: Schedule appointments, manage billing and insurance claims, and maintain health records.

  • Communication: Communicate with patients regarding appointments, test results, follow-ups, and other health-related information.

  • Service Improvement: Improve service quality through analysis of patient feedback and outcomes, and conduct research for the development of new treatment methods.

  • Compliance: Ensure compliance with legal and regulatory obligations, maintain accurate financial records, and protect against fraud.

  • Promotional Activities: With explicit consent, send promotional materials, newsletters, or surveys related to health and wellness, and facilitate participation in research.

Data Sharing

Circumstances for Data Sharing

Legacy Spine and Pain Management may share personal data with third parties under the following circumstances:

  • Healthcare Professionals: Disclosure to authorized healthcare professionals involved in the direct care of the patient, such as specialists or diagnostic centers.

  • Insurance Companies: Sharing with insurance companies and other payers for processing claims and securing payment for services rendered.

  • Business Associates: Transfer to business associates, including billing companies, legal consultants, and IT support, for necessary support services.

  • Legal Compliance: Compliance with legal and regulatory requirements, including responding to subpoenas, court orders, or other legal processes.

  • Public Health and Safety: In cases of public health and safety concerns, where sharing is necessary to prevent or lessen a serious and imminent threat.

  • Patient Consent: With explicit consent from the patient, for purposes not directly related to their care, such as for research or marketing.

Data Security

Ensuring Data Security

We ensure the security of collected personal data through the following measures:

  • Secure Technology: Utilizes secure, encrypted technology for data storage and transmission, including secure servers and firewalls.

  • Access Controls: Implements strict access controls, ensuring only authorized personnel have access to patient data, with regular access reviews.

  • Security Audits: Conducts regular security audits and risk assessments to identify and address potential vulnerabilities.

  • Staff Training: Trains all staff on privacy and security protocols, including regular updates on new threats and security measures.

  • Legal Compliance: Complies with all legal and regulatory requirements related to data security and privacy protection.

  • Data Breach Response: Maintains a comprehensive data breach response plan, including notification procedures for affected individuals.

Patient Rights

Rights Regarding Personal Data

Patients have the following rights concerning their personal data:

  • Right to Access: Request and obtain a copy of their personal health information, including medical records and billing information.

  • Right to Correction: Request the correction of any inaccurate or incomplete information in their health records.

  • Right to Restrict Processing: Request limitations on how their personal health information is used or shared.

  • Right to Be Informed: Be informed about how their personal health data is used, who it is shared with, and what their rights are.

  • Right to Data Portability: Request to receive their health information in a commonly used, machine-readable format for personal use or transfer to another healthcare provider.

  • Right to Be Forgotten: Request the deletion of their personal health information under certain circumstances, such as when it is no longer necessary for the purposes it was collected.

  • Right to Object: Object to specific uses or sharing of their personal health information, including for research or marketing purposes.

Protecting Patients' Rights

These rights are protected through:

  • Adherence to Data Protection Laws: Compliance with relevant data protection laws and regulations.

  • Staff Training: Regular staff training on patient privacy rights.

  • Secure Data Storage and Processing: Implementation of secure data storage and processing practices.

  • Clear Processes: Establishment of clear processes for patients to exercise their rights.

Conclusion

Healing Horizons is dedicated to protecting patient privacy and ensuring the security of personal data. If you have any questions or concerns about our privacy policy, please contact our customer service team at info@legacypaindocs.com.

Thank you for trusting us with your care.

The Healing Horizons Management Team