Policies

Last Updated 5/1/2023

Your HIPAA Privacy Rights (If applicable)

Some of our users may be “covered entities” as defined in and for the purposes of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health of 2009 (“HITECH”) and the regulations adopted thereunder (collectively and as may be amended “Health Privacy Laws”).  If we store, process or transmit individually identifiable health information (as defined under the Health Privacy Laws) on behalf of a covered entity, we may do so as “business associate” and as set forth in a separate business associate or provider agreement.  In such cases, Company is obligated to treat the individually identifiable health information in accordance with the applicable Health Privacy Laws.

If you are not a covered entity and you are registering for the Site for your own personal use and not in connection with a covered entity (e.g., a hospital or physician/physician practice), you understand and agree that the Site is not a healthcare provider or other “covered entity” for the purposes of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and that Personal Information provided by you to us or through the Site will not be subject to HIPAA requirements or deemed Protected Health Information for such purposes provided.  However, if you are registering for the Site in connection with health care services to be provided by a covered entity, as a business associate of such covered entity, we are obligated to treat any individually identifiable health information provided by you to us or through the Site (and any other individually identifiable health information created, received, maintained, or transmitted by us on behalf of a covered entity)  in accordance with the applicable Health Privacy Laws. Under the HIPAA privacy regulations, individuals must be informed about how Covered Entities will use or disclose their PHI and given the opportunity to object to or restrict the use or release of their information. If you are a Patient using the Site in connection with your healthcare services (through your Authorized Provider), your rights under HIPAA are set forth in the Notice of Privacy Practices provided Authorized Provider. The Notice will inform you of the ways your Authorized Provider and we may use your information and the occasions on which we may disclose this information to others.

The Notice will also explain your rights regarding your health information:

• Right to request restriction
• Right to receive confidential communications
• Right to inspect and copy your health information
• Right to amend your health information
• Right to an accounting of disclosures
• Right to a paper copy of the notice
• Right to complain if you feel your privacy has been violated

If you are an Employer Self-Insured Health Plan, Employer On-site Health Clinic or an Employee of an Employer Self-Insured Health Plan or Employer On-site Health Clinic, and have an account with us, we may also qualify as a Business Associate under HIPAA, in which case you may have the following rights regarding your health information that we maintain on behalf of the health plan / employer clinic:

• Right to inspect and copy your health information
• Right to amend your health information in our possession
• Right to an accounting of disclosures
• Right to complain if you feel your privacy has been violated

If you believe your privacy rights have been violated or have questions regarding this Notice, you may contact the Privacy Officer in writing at:

Personix
21223 Hilltop Road
Southfield, Michigan 48033
Attn:   Privacy Administrator (Officer)

You may also file a complaint with your Authorized Provider or the Office of Civil Rights, US Department of Health and Human Services, by sending a letter to: 200 Independence Ave. S.W., Washington, D.C 20201; by calling 1.877.696.6775 or by email to: OCRComplaint@hhs.gov.