Privacy Policy

This notice describes how medical information and ‘Personally identifiable information’ (PII) about you may be used and disclosed and how you can get access to this information. Please review it carefully.

Medical Information

We respect our legal obligation to keep your personal health information private. We are obligated by law to give you notice of our privacy practices. This notice describes how we protect your health information and what rights you have regarding it. This joint notice describes the privacy practices of our facilities named above, including all physicians on staff, contracted physicians and staff.

Treatment, Payment and Health Care Operations

The most common reason we use or disclose your health information is for treatment, payment or health care operations. Examples of how we use or disclose information for treatment purposes are:

  • Setting up an appointment for you
  • Testing or examining your eyes
  • Prescribing eye medications and faxing them to be filled
  • Performing surgery
  • Referring you to another doctor or clinic
  • Getting copies of your health information from another professional that you may have seen before us

Examples of How We Use or Disclose Your Health Information for Payment Purposes Are:

  • Asking you about your health or vision care plans, or other sources of payment
  • Preparing and sending bills or claims
  • Collecting unpaid amounts (either ourselves or through a collection agency or attorney)

“Health care operations” mean those administrative and managerial functions we must perform run our office. Examples of how we use or disclose your health information for health care operations are:

  • Financial or billing audits
  • Internal quality assurance
  • Participation in managed care plans
  • Defense of legal matters
  • Business planning
  • Outside storage of our records
  • Maintenance of our equipment and computers

We routinely use your health information inside our office for these purposes without any special permission. Your health information may be conveyed to us (e.g. from the ‘Refer a Patient’ form) or by us by means of e-mail, which may or may not be secured. If we need to disclose your health information outside of our office for these reasons, we usually will not ask you for special written permission. We will ask for special written permission when it is required by law.

Uses and Disclosures for Other Reasons Without Permission
In some limited situations, the law allows or requires us to use or disclose your health information without your permission. Not all of these situations will apply to us. Some may never come up at our office at all. Such uses or disclosures are:

  • When a state or Federal law mandates that certain health information be reported for a specific purpose
  • For public health purposes, such as contagious disease reporting, investigation or surveillance; and notices to and from the Federal Food and Drug Administration regarding drugs or medical devices
  • Disclosures to governmental authorities about victims of suspected abuse, neglect or domestic violence
  • Uses and disclosures for health oversight activities, such as for the licensing of doctors; for audits by Medicare or Medicaid; or for investigation of possible violations of health care laws
  • Disclosures for judicial and administrative proceedings, such as in response to subpoenas or orders of courts or administrative agencies
  • Disclosures for law enforcement purposes, such as to provide information about someone who is or is suspected to be a victim of a crime; to provide information about a crime at our office; or to report a crime that happened somewhere else
  • Disclosure to a medical examiner to identify a dead person or to determine the cause of death; or to funeral directors to aid in burial; or to organizations that handle organ or tissue donations
  • Uses or disclosures for health related research
  • Uses and disclosures to prevent a serious threat to health or safety
  • Uses or disclosures for specialized government functions, such as for the protection of the president or high-ranking government officials; for lawful national intelligence activities; for military purposes; or for the evaluation and health of members of the Foreign Service
  • Disclosures of de-identified information
  • Disclosures relating to worker’s compensation programs
  • Disclosures of a “limited data set” for research, public health, or health care operations
  • Incidental disclosures that are an unavoidable by-product of permitted uses or disclosures
  • Disclosures to “business associates” who perform health care operations for us and who commit to respect the privacy of your health information
  • Other uses and disclosures affected by state law

Unless you object, we will also share relevant information about your care with your family or friends who are helping you with your eye care.

Appointment Reminders
We may call or write to remind you of scheduled appointments, or that it is time to make a routine appointment. We may also call or write to notify you of other treatments or services available at our office that might help you. Unless you tell us otherwise, we will mail to you an appointment reminder on a postcard, and/or leave you a reminder message on your home answering machine or with someone who answers your phone if you are not home.

Other Uses and Disclosures
We will not make any other uses or disclosures of your health information unless you sign a written “authorization form.” Federal law determines the content of an “authorization form.” Sometimes, we may initiate the authorization process if the use or disclosure is our idea. Sometimes, you may initiate the process if it’s your idea for us to send your information to someone else. Typically, in this situation you will give us a properly completed authorization form, or you can use one of ours. If we initiate the process and ask you to sign an authorization form, you do not have to sign it. If you do not sign the authorization, we cannot make the use or disclosure. If you do sign one, you may revoke it at any time unless we have already acted in reliance upon it. Revocations must be in writing. Send them to the office contact person named at the end of this Notice.

Your Rights Regarding Your Health Information
The law gives you many rights regarding your health information. You can:

  • Ask us to restrict our uses and disclosures for purposes of treatment (except emergency treatment), payment or health care operations. We do not have to agree to do this, but if we agree, we must honor the restrictions that you want. To ask for a restriction, send a written request to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice.
  • Ask us to communicate with you in a confidential way, such as by phoning you at work rather than at home, by mailing health information to a different address, or by using E-mail to your personal email address. We will accommodate these requests if they are reasonable, and if you pay us for any extra cost. If you want to ask for confidential communications, send a written request to the office contact person named at the end of this Notice.
  • Ask to see or to get photocopies of your health information. By law, there are a few limited situations in which we can refuse to permit access or copying. For the most part, however, you will be able to review or have a copy of your health information within 30 days of asking us (or sixty days if the information is stored off-site). You may have to pay for photocopies in advance. If we deny your request, we will send you a written explanation, and instructions about how to get an impartial review of our denial if one is legally available. By law, we can have one 30-day extension of the time for us to give you access or photocopies if we send you a written notice of the extension. If you want to review or get photocopies of your health information, send a written request to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice.
  • Ask us to amend your health information if you think that it is incorrect or incomplete. If we agree, we will amend the information within 60 days from when you ask us. We will send the corrected information to persons who we know got the wrong information, and others that you specify. If we do not agree, you can write a statement of your position, and we will include it with your health information along with any rebuttal statement that we may write. Once your statement of position and/or our rebuttal is included in your health information, we will send it along whenever we make a permitted disclosure of your health information. By law, we can have one 30 day extension of time to consider a request for amendment if we notify you in writing of the extension. If you want to ask us to amend your health information, send a written request, including your reasons for the amendment, to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice.
  • Get a list of the disclosures that we have made of your health information within the past six years (or a shorter period if you want). By law, the list will not include: disclosures for purposes of treatment, payment or health care operations; disclosures with your authorization; incidental disclosures; disclosures required by law; and some other limited disclosures. You are entitled to one such list per year without charge. If you want more frequent lists, you will have to pay for them in advance. We will usually respond to your request within 60 days of receiving it, but by law we can have one 30 day extension of time if we notify you of the extension in writing. If you want a list, send a written request to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice.
  • Get additional paper copies of this Notice of Privacy Practices upon request. It does not matter whether you got one electronically or in paper form already. If you want additional paper copies, send a written request to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice.

Personally Identifiable Information

‘Personally identifiable information’ (PII) is used online. In the context of US privacy law and information security, PII is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to understand how we collect, use, protect or otherwise handle your Personally Identifiable Information on our website.

What information do we collect when you visit our website?
When registering on our site, as appropriate, you may be asked to enter your name, date of birth, email address, mailing address, phone number or other details to assist you with your experience.

When is information collected?
Your information is collected when you contact us through our site or register for an appointment.

How do we use your information?
We may use the information we collect from you, when using the website, in the following ways:

  • Personalizing your experience to deliver the content and product you are likely to be interested in.
  • Responding to your customer service requests.
  • Sending emails regarding your order or other products and services.

How do we protect visitor information?
Our website is regularly checked for security threat to make your visit as safe as possible.

Your personal information stored exclusively on secured networks. It is only accessible by people who have special access rights to such systems, and are contracted to keep the information confidential. We use a variety of security protocols to protect your personal information when you enter, submit, or accesses your information. All transactions are processed through a gateway provider and are not stored or processed on our servers.

Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information without providing you with advance notice. Website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you are not included, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.

Non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

Third party links
Occasionally, at our discretion, we may include third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore take no responsibility or liability for the content and activities of these linked sites.

We will continue seek to protect the integrity of our site and welcome any feedback about these sites.

Demographics and Interests Reporting
We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile user interactions with ad impressions data.

Opting out:

The Google Ad Settings page has options for how to opt out of these advertising tools. Alternatively, the Network Advertising Initiative has an opt out page. Finally you can also opt out using the browser add on Google Analytics Opt Out.

California Online Privacy Protection Act
CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law’s reach stretches well beyond California to require a person or company in the United States (and conceivably the world) that operates websites collecting personally identifiable information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals with whom it is being shared, and to comply with this policy. – See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA we agree to the following:

  • Users can visit our site anonymously
  • Once this privacy policy is created, we will add a link to it on our home page, or as a minimum on the first significant page after entering our website.
  • Our Privacy Policy link includes the word ‘Privacy’, and can be easily be found on the page specified above.

Users will be notified of any privacy policy changes:

  • On our Privacy Policy Page

Users are able to change their personal information:

  • By emailing us

How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third party behavioral tracking?
It’s also important to note that we do not allow third party behavioral tracking.

COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.

We do not specifically market to children under 13.

Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify the users via in site notification within 7 business days.

We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.

We collect your email address in order to:
Send information, respond to inquiries, and/or other requests or questions.Market to our mailing list or continue to send emails to our clients after the original transaction has occurred.

To be in accordance with CAN SPAM we agree to the following:

  • NOT use false, or misleading subjects or email addresses
  • Identify the message as an advertisement in some reasonable way
  • Include the physical address of our business or site headquarters
  • Monitor third party email marketing services for compliance, if one is used
  • Honor opt-out/unsubscribe requests quickly
  • Allow users to unsubscribe by using the link at the bottom of each email

If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.

Final Notes

Our Notice of Privacy Practices
By law, we must abide by the terms of this Notice of Privacy Practices until we choose to change it. We reserve the right to change this notice at any time as allowed by law. If we change this Notice, the new privacy practices will apply to your health information that we already have as well as to such information that we may generate in the future. If we change our Notice of Privacy Practices, we will post the new notice in our office, have copies available in our office, and post it on our Website.

Complaints
If you think that we have not properly respected the privacy of your health information, you are free to complain to us or the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you if you make a complaint. If you want to complain to us, send a written complaint to the office contact person named at the end of this Notice. Use the address, fax or email shown at the beginning of this Notice. If you prefer, you can discuss your complaint in person or by phone.

For More Information
If you want more information about our privacy practices, please contact Heather Malvini, Practice Manager, 408.869.3400.

Schedule Appointment