HIPAA Policy for WaveConcierge.com

Introduction

WaveConcierge.com is committed to maintaining the privacy and security of your protected health information (PHI). This HIPAA policy outlines our practices regarding the collection, use, and disclosure of PHI in compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

Scope

This policy applies to all employees, contractors, and third-party service providers of WaveConcierge.com who have access to PHI.

Definitions

  • Protected Health Information (PHI): Any information that can be used to identify a patient and relates to their past, present, or future physical or mental health condition, the provision of healthcare, or payment for healthcare services.
  • Covered Entity: WaveConcierge.com, as a provider of telehealth services, is considered a covered entity under HIPAA.

Collection of PHI

We collect PHI through:

  • Patient registration forms
  • Medical history forms
  • Consultation records
  • Payment processing systems
  • Any other forms or methods necessary for providing telehealth services

Use of PHI

We use PHI for the following purposes:

  • To provide, coordinate, or manage healthcare services and related services
  • To communicate with patients regarding their healthcare and appointments
  • To process payments for healthcare services
  • For healthcare operations, including quality assessment and improvement activities
  • To comply with legal and regulatory requirements

Disclosure of PHI

We may disclose PHI under the following circumstances:

  • With the patient’s consent for treatment, payment, or healthcare operations
  • To other healthcare providers for treatment purposes
  • To insurance companies for payment purposes
  • To third-party service providers who perform services on our behalf, provided they agree to safeguard PHI
  • As required by law, such as in response to a court order or subpoena

Patient Rights

Patients have the following rights regarding their PHI:

  • The right to access their PHI
  • The right to request amendments to their PHI
  • The right to receive an accounting of disclosures of their PHI
  • The right to request restrictions on the use or disclosure of their PHI
  • The right to request confidential communications
  • The right to file a complaint if they believe their privacy rights have been violated

Safeguards

We implement the following safeguards to protect PHI:

  • Administrative Safeguards: Policies and procedures to manage the selection, development, implementation, and maintenance of security measures.
  • Physical Safeguards: Controls to protect the physical security of our facilities and equipment.
  • Technical Safeguards: Technology and policies to protect PHI and control access to it.

Training

All employees, contractors, and third-party service providers with access to PHI are required to undergo HIPAA training to ensure they understand their responsibilities regarding PHI protection.

Complaints

Patients may file a complaint regarding the handling of their PHI by contacting us at:

WaveConcierge.com HIPAA Compliance Officer
Contact@WaveConcierge.com

Complaints can also be filed with the U.S. Department of Health and Human Services (HHS).

Policy Review

This HIPAA policy will be reviewed annually and updated as necessary to comply with changes in laws and regulations.

Contact Information

For questions or more information about this HIPAA policy, please contact:

WaveConcierge.com HIPAA Compliance Officer

Contact@WaveConcierge.com