HIPAA Notice of Privacy Practices

Where HIPAA applies, we are required to protect PHI, provide notice of privacy practices, follow the notice currently in effect, and provide breach notification when required by law.

PHI may be used or disclosed for treatment-related activities such as care coordination, referral handling, clinical review, and secure communication among authorized care participants.

PHI may be used or disclosed for billing, payment operations, scheduling, internal quality improvement, workforce operations, audit, and security review as permitted by law.

PHI may also be disclosed for legal requirements, public health activities, abuse or neglect reporting, law enforcement requests, health oversight, or serious threat and safety situations when authorized by law.

Depending on applicable law, you may have the right to inspect or obtain copies of certain records, request amendments, request restrictions, request confidential communications, receive an accounting of certain disclosures, and file a complaint.

ScoliBase and the applicable healthcare organization are responsible for safeguarding PHI, following the terms of the notice in effect, and updating the notice when practices or legal requirements change.

Questions, requests, or complaints about privacy practices should be directed to the designated Privacy Officer or published complaint channel for the applicable organization.