Notice of Privacy Practices
This Notice of Privacy Practices describes how medical information about you may be used and disclosed, and how you can get access to this information. Please review it carefully.
NxGen MDx is committed to protecting your privacy and is required by the Health Insurance Portability and Accountability Act of 1996 and related regulations (HIPAA) to ensure that your personal health information is protected. This Notice outlines our privacy practices and explains your rights under HIPAA.
Protected Health Information (PHI)
Protected Health Information (PHI) is generally any information that may identify you and relates to your health or to related health care services.
How We Use Your Protected Health Information
We may use and disclose your PHI for treatment, payment, health care operations, and other purposes permitted or required by law, including in the following ways:
Treatment (Genetic Testing)
- We use and disclose your PHI in performing a genetic test and for related purposes and share the results with your health care provider. For example, we may use your personal health information to ensure you receive accurate test results.
- We may use or disclose your PHI for payment purposes, such as billing you or your insurance company. For example, we disclose your PHI to your insurance company when we send them a bill so that they can accurately identify your health plan.
For Health Care Operations
- We may use or disclose your PHI for our health care operations. For example, we may use your PHI to conduct quality control and performance evaluations of our tests.
People Involved in Your Health Care or Payment for Your Care
- We may disclose your PHI to anyone you designate as involved in your care or payment. For example, if your spouse or partner decides to have a test done after you tested positive as a carrier, we may share the results with both of you.
- We may disclose your PHI to business associates that we contract to perform specific services for us that require access to your PHI. These business associates are required by law to protect your PHI. For example, we may contract a third-party billing service that would need access to your information to send you a bill.
As Required by Law
- We may use or disclose your PHI if required by law. For example, we must disclose PHI when required by the Department of Health and Human Services to investigate or determine our compliance with federal privacy law.
Public Health and Safety
- We may disclose your PHI for public health and safety purposes, such as preventing or controlling disease, or reporting suspected abuse, neglect, or domestic violence. In addition, we may disclose your PHI to report negative reactions or problems with medications and notify people of recalls of such products.
Health Oversight Activities
- We may disclose your PHI in response to health agencies authorized to conduct audits, investigations, inspections, licensure, and other activities related to oversight of government regulatory programs or of the health care. For example, we may disclose your PHI if asked by an agency responsible for licensing our laboratory.
Judicial and Legal Actions
- We can share PHI in response to a court or administrative order, a subpoena, or an investigation.
- We may use or disclose your PHI for research in certain circumstances.
You have the following rights with respect to your PHI. To exercise any of these rights, please contact our Privacy Officer using the contact information provided at the end of this Notice.
Right to Receive an Electronic or Paper Copy of Your PHI
- You have the right to inspect and copy your PHI that we maintain.
Right to Correct or Update Your Information
- You can ask us to correct PHI that you think is incorrect or incomplete. We may say “no” to your request, but we’ll tell you why.
Right to Request Confidential Communication
- You have the right to request that we contact you in a specific way, such as at a specific mailing address or phone number, or by alternative means. We will accommodate reasonable requests for confidential communications.
Right to Request Limits on Uses and Disclosures
- You have the right to request restrictions on our use and disclosure of your PHI. We are not required to agree to your request unless you pay for a service or health care item out-of-pocket in full and ask us not to share that information for the purpose of payment or our operations with your health insurer, in which case we will agree to the request unless required by law to share that information. If we agree to a requested restriction, we will let you know in writing.
Right to Accounting of Disclosures
- You may request a list (an accounting) of the times we’ve shared your PHI for any activities not related to payment, treatment, testing, health care operations, and certain other disclosures (such as any you asked us to make) within the past six years from the date of your request. Your request must be in writing. Your first request within every 12-month period will be at no charge to you, and requests beyond that will be at a reasonable cost to you.
Right to a Copy of this Notice
- You have the right to an electronic or paper copy of this Notice. You may request a paper copy of this Notice at any time, even if you have agreed to receive the Notice electronically.
Right to Complain
- You can complain by contacting us using the information on the last page if you feel we have violated your rights.
- You can also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington D.C. 20201, calling 1-877-696-6775, or visiting hhs.gov/ocr/privacy/hipaa/complaints/.
- We will not retaliate against you for filing a complaint.
What NxGen is Responsible for in Regards to Your PHI
- We are responsible for maintaining the privacy and security of your PHI.
- In the event of a breach that compromises the privacy or security of your PHI, we shall notify you of the breach in a timely manner.
- We must follow the duties and privacy practices described in this Notice and give you a copy of it.
- We will not use or share your PHI other than as described in this Notice unless you tell us in writing that we can. If you tell us you can, you may change your mind at any time. Let us know in writing if you change your mind.
Updates to This Policy
NxGen MDx reserves the right to update and revise this Notice at any time. In the event of an update, the new notice will apply to your PHI that we already hold and any new information we may receive about you. The new notice will be available on our website or upon request. Be sure to check this page frequently for updates.
If you want more information about our privacy practices or have any questions, please contact:
801 Broadway Ave NW Suite 203
Grand Rapids, MI 49504
Effective Date: September 25, 2018