THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
While Pierian Biosciences, including prior business and clinical entities, previously collected information that may have included Protected Health Information (PHI), as defined by HIPAA, these collections ceased on March 24, 2016. This Notice of Privacy Practices applies to PHI, in its entirety, that Pierian Biosciences may continue to maintain for legal, regulatory, or contractual reasons. If you have questions as to the applicability of your data, and whether it may have constituted PHI if collected prior to 3/24/16, please contact the Privacy Officer at Pierian Biosciences by calling 615.567.0200.
Pierian Biosciences and its wholly owned subsidiaries (collectively “Pierian”) are committed to protecting the privacy of your individually identifiable health information. This information is known as “protected health information” or “PHI.” PHI includes laboratory test orders and test results, as well as invoices for the healthcare services we provide.
Who will follow this notice?
Pierian facilities provide services to our patients in partnership with other professionals and health care organizations. The information privacy practices in this notice will be followed by:
- Any healthcare professional that utilizes our services to diagnose and/or treat you.
- All members of the Pierian workforce, including employees, medical staff, trainees, students, or volunteers.
Our pledge to you:
We understand that medical information about you is personal. We are committed to protecting medical information about you. We create a record of the services you receive to provide quality care and to comply with legal requirements. This notice applies to all of the records generated by Pierian. We are required by law to:
- Keep medical information about you private;
- Give you this notice of our legal duties and privacy practices with respect to medical information about you; and
- Follow the terms of the notice that are currently in effect.
How we may use and disclose medical information about you:
Pierian may use your PHI for treatment, payment, or healthcare operations and for other purposes permitted or required by law. Not every use or disclosure is listed in this Notice, but all of our uses or disclosures of your health information will fall into one of the categories listed below.
For any purpose not covered by the categories below, Pierian will need your written authorization to use or disclose your health information. You may revoke any authorization you sign at any time. Your revocation must be in writing and submitted to an appropriate member of the Pierian workforce. If you revoke any authorization, Pierian will no longer use or disclose your PHI for the reasons stated in your authorization except to the extent we have already taken action based on your authorization.
The law permits Pierian to use and disclose your PHI for the following purposes:
Pierian provides laboratory testing for physicians and other healthcare professionals, and uses your information in our testing process. We disclose your PHI to authorized healthcare professionals who order tests or need access to test results for treatment purposes. Examples of other treatment related purposes include disclosures to a pathologist to help interpret your test results or use of your information to contact you to obtain another specimen, if necessary.
Pierian will use and disclose your PHI for purposes of billing and payment. For example, Pierian may disclose your PHI to health plans or other payers to determine whether you are enrolled with the payer or eligible for health benefits or to obtain payment for our services. If you are insured under another person’s health insurance policy, we may also send invoices to the subscriber whose policy covers your health services.
Pierian may use and disclose your PHI for activities necessary to support our healthcare operations, such as performing quality checks on our testing, internal audits, attestation, arranging for legal services, or developing reference ranges for our tests.
Pierian may provide your PHI to other companies or individuals that need the information to provide services to Pierian. These other entities, known as “business associates”, are required to maintain the privacy and security of PHI. For example, companies that might assist Pierian with potential billing of our services would be a business associate.
As Required by Law
Pierian may use and disclose your PHI as required by law. Those activities include, but are not limited to:
- Prevention or lessening of a serious threat to your health and safety or that of another person.
- In response to a warrant, investigative demand or similar legal process, or for officials to identify or locate a suspect, fugitive, material witness, or missing person.
- Reasonable belief that an individual is a victim of abuse, neglect, or domestic violence.
- For Compliance with a court of administrative order, subpoena, discovery request, or other legal process in the course of a judicial or administrative proceeding, but only if efforts have been made to tell you about the request or to obtain an order or protection for the requested information.
Pierian may disclose PHI for research purposes when an Institutional Review Board or privacy board has reviewed the research proposal and established protocols to ensure the privacy or your PHI and determined that the researcher does not need to obtain your authorization prior to using your PHI for research purposes. We may also disclose information about decedents to researchers under certain circumstances.
Other Uses and Disclosures
As permitted by HIPAA, Pierian may disclose your PHI to:
- Public Health Authorities
- The Food and Drug Administration (FDA)
- Health Oversight Agencies
- Military Command Authorities
- National Security and Intelligence Organizations
- Correctional Institutions
- Organ and Tissue Donation Organizations
- Coroners, Medical Examiners and Funeral Directors
- Workers Compensation Agents
- Individuals assisting in disaster relief efforts so that others can be notified about your condition, status and location.
- A family member, friend, or anyone else you designate in order for that person to be involved in your care or payment related to your care.
Your Patient Rights:
Receive Test Information
You have a right to request and receive a copy of completed test results that Pierian has created, as well as direct that copies of test reports be transmitted to persons or entities designated by you.
Amend Health Information
You may request amendments to your PHI by making a written request. However, Pierian may deny the request in some cases (such as if we determine the PHI is accurate). If Pierian denies your request to change PHI, we will provide you with a written explanation of the reason for the denial and additional information regarding further actions you may take.
Accounting of Disclosures
You have the right to receive a certain list of disclosures of your PHI made to Pierian in the past six years from the date of your written request. Under the law, this does not include disclosures made for the purposes of treatment, payment, or healthcare operations or certain other purposes.
You may request that Pierian agree to restrictions on certain uses and disclosures of your PHI. We are not required to agree to your request, except for requests to limit disclosures to your health plan for purposes of payment or healthcare operations when you have paid Pierian for the item or service covered by the request out-of-pocket and in full and when the uses or disclosures are not required by law.
Request Confidential Communications
You have the right to request that Pierian send your health information by alternative means or to an alternative address, and we will accommodate reasonable requests.
Copy of this Notice
You have the right to obtain a paper copy of this Notice upon request.
Regarding State Law
When state law is more restrictive than federal law, the more restrictive state law is typically followed. The HIPAA Privacy Rule does not preempt more stringent state laws, even if contrary to the Privacy Rule. However, in the context of individual’s rights to access their health information, “more stringent” means that the state law provides for greater right of access. For example, Tennessee was required to submit completed test results directly to the healthcare professional that ordered the test, requiring the patient to request the results from that professional; federal law now allows patients in the state of Tennessee to receive their reports directly from Pierian.
How to Exercise Your Rights
You may write or send an email to Regulatory@Pierianbio.com with your specific request, including requesting a Patient Requisition Form to complete to obtain a copy of your test results. Pierian will consider your request and provide you a response.
If you believe your privacy rights have been violated, you have the right to file a complaint with Pierian. You also have the right to file a complaint with the Secretary of the U.S. Department of Health and Human Services, Office of Civil Rights. Pierian will not retaliate against any individual for filing a complaint.
To file a complaint with Pierian, request a Patient Requisition Form to obtain your test results, or should you have any questions about this Notice, send an email to Regulatory@Pierianbio.com or contact us at (615) 567-0200.
You may also write to us at the following address:
Attn: Privacy Officer
405 Duke Drive, Suite 240
Franklin, TN 37067
Pierian reserves the right to amend the terms of this Notice to reflect changes in our privacy practices, and to make the new terms and practices applicable to all PHI that we maintain about you, including PHI created or received prior to the effective date of the Notice revision. Our Notice is displayed on our website and a copy is available upon request.
April 21, 2014