This notice describes how medical information and ‘Personally identifiable information’ (PII) about you may be used and disclosed and how you can get access to this information. Please review it carefully.
We respect our legal obligation to keep your personal health information private. We are obligated by law to give you notice of our privacy practices. This notice describes how we protect your health information and what rights you have regarding it. This joint notice describes the privacy practices of our facilities named above, including all physicians on staff, contracted physicians and staff.
Treatment, Payment and Health Care Operations
The most common reason we use or disclose your health information is for treatment, payment or health care operations. Examples of how we use or disclose information for treatment purposes are:
Examples of How We Use or Disclose Your Health Information for Payment Purposes Are:
“Health care operations” mean those administrative and managerial functions we must perform run our office. Examples of how we use or disclose your health information for health care operations are:
We routinely use your health information inside our office for these purposes without any special permission. Your health information may be conveyed to us (e.g. from the ‘Refer a Patient’ form) or by us by means of e-mail, which may or may not be secured. If we need to disclose your health information outside of our office for these reasons, we usually will not ask you for special written permission. We will ask for special written permission when it is required by law.
Uses and Disclosures for Other Reasons Without Permission
In some limited situations, the law allows or requires us to use or disclose your health information without your permission. Not all of these situations will apply to us. Some may never come up at our office at all. Such uses or disclosures are:
Unless you object, we will also share relevant information about your care with your family or friends who are helping you with your eye care.
We may call or write to remind you of scheduled appointments, or that it is time to make a routine appointment. We may also call or write to notify you of other treatments or services available at our office that might help you. Unless you tell us otherwise, we will mail to you an appointment reminder on a postcard, and/or leave you a reminder message on your home answering machine or with someone who answers your phone if you are not home.
Other Uses and Disclosures
We will not make any other uses or disclosures of your health information unless you sign a written “authorization form.” Federal law determines the content of an “authorization form.” Sometimes, we may initiate the authorization process if the use or disclosure is our idea. Sometimes, you may initiate the process if it’s your idea for us to send your information to someone else. Typically, in this situation you will give us a properly completed authorization form, or you can use one of ours. If we initiate the process and ask you to sign an authorization form, you do not have to sign it. If you do not sign the authorization, we cannot make the use or disclosure. If you do sign one, you may revoke it at any time unless we have already acted in reliance upon it. Revocations must be in writing. Send them to the office contact person named at the end of this Notice.
Your Rights Regarding Your Health Information
The law gives you many rights regarding your health information. You can:
What information do we collect when you visit our website?
When registering on our site, as appropriate, you may be asked to enter your name, date of birth, email address, mailing address, phone number or other details to assist you with your experience.
When is information collected?
Your information is collected when you contact us through our site or register for an appointment.
How do we use your information?
We may use the information we collect from you, when using the website, in the following ways:
How do we protect visitor information?
Our website is regularly checked for security threat to make your visit as safe as possible.
Your personal information stored exclusively on secured networks. It is only accessible by people who have special access rights to such systems, and are contracted to keep the information confidential. We use a variety of security protocols to protect your personal information when you enter, submit, or accesses your information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information without providing you with advance notice. Website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you are not included, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third party links
Occasionally, at our discretion, we may include third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore take no responsibility or liability for the content and activities of these linked sites.
We will continue seek to protect the integrity of our site and welcome any feedback about these sites.
Demographics and Interests Reporting
We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile user interactions with ad impressions data.
The Google Ad Settings page has options for how to opt out of these advertising tools. Alternatively, the Network Advertising Initiative has an opt out page. Finally you can also opt out using the browser add on Google Analytics Opt Out.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
Users are able to change their personal information:
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third party behavioral tracking?
It’s also important to note that we do not allow third party behavioral tracking.
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
We will notify the users via in site notification within 7 business days.
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions.Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.
To be in accordance with CAN SPAM we agree to the following:
If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
Our Notice of Privacy Practices
By law, we must abide by the terms of this Notice of Privacy Practices until we choose to change it. We reserve the right to change this notice at any time as allowed by law. If we change this Notice, the new privacy practices will apply to your health information that we already have as well as to such information that we may generate in the future. If we change our Notice of Privacy Practices, we will post the new notice in our office, have copies available in our office, and post it on our Website.
If you think that we have not properly respected the privacy of your health information, you are free to complain to us or the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you if you make a complaint. If you want to complain to us, send a written complaint to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice. If you prefer, you can discuss your complaint in person or by phone.
For More Information
If you want more information about our privacy practices, please contact Heather Malvini, Practice Manager, 408.869.3400.