Notice of Privacy Practices
Effective Date: August 1, 2022
THIS NOTICE DESCRIBES HOW YOUR HEALTH INFORMATION MAY BE USED AND DISCLOSED, AND HOW YOU CAN ACCESS THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
Rio Ray Optics, Inc. (Rio Ray), takes the confidentiality of your health information very seriously. We are required by law to provide you with this Notice of Privacy Practices (“Notice”) and follow the terms of this Notice while it is in effect. This Notice is a summary of your privacy rights, and your use of Rio Ray’s Services evidences your acceptance of the terms of this Notice. “Services” means any of the services we offer, including services through our riorayoptics.com website and/or any other service, and the prescribing and dispensing of prescription sunglasses. In this Notice, “health information”, “protected health information”, and “PHI” refer to individually identifiable health information that we obtain from you in connection with the Services.
Rio Ray’s use and disclosure of PHI
Generally, Rio Ray uses and discloses your PHI for the normal business activities that fall in the categories of treatment, payment, and healthcare operations, in accordance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). Below are a few examples of those activities (but note that not every use or disclosure that falls within each category is included!).
Treatment Rio Ray keeps a record of the PHI you provide to us in the course of using the Services. This record may include the results of your eye exam, information we receive in connection with your use of riorayoptics.com, your prescription information, the prescription products that you purchase, information related to your vision insurance plan, and other information we learn about your health or vision through our provision of the Services. We may disclose this information so that doctors, nurses, other optical dispensers, and other entities like laboratories can meet your healthcare needs.
Payment Rio Ray documents the Services that you receive when we provide care to you so that you (or, if applicable, your vision insurance plan or another third party) can pay us for the Services. If applicable, we may share information with your vision insurance plan about upcoming treatment or Services that require prior approval by the plan.
Healthcare Operations Rio Ray uses PHI to improve the Services and train staff, and for business management, quality improvement, performance evaluation, marketing activities permitted under HIPAA, customer service activities, and other internal business purposes.
Rio Ray may also use or disclose your PHI to:
- Comply with federal, state, or local laws.
- Assist in public health activities, such as tracking diseases or medical devices.
- Inform authorities in order to protect victims of abuse or neglect.
- Comply with federal and state health oversight activities, such as fraud investigations.
- Respond to law enforcement officials or to judicial orders, subpoenas, or other process.
- Inform coroners, medical examiners, and funeral directors of information necessary for them to fulfill their duties.
- Facilitate organ and tissue donation or procurement.
- Conduct research (following internal review protocols to ensure the balancing of privacy and research needs).
- Avert a serious threat to health or safety.
- Assist in specialized government functions, such as national security, intelligence, and protective services.
- Inform military and veteran authorities if you are an armed forces member.
- Inform a correctional institution if you are an inmate.
- Inform workers’ compensation carriers or your employer if you are injured at work, as authorized by and as necessary to comply with relevant laws.
- Tell you about health-related products and services.
- Send appointment confirmations and reminders.
- Communicate with individuals, such as friends and family, who are involved in your care or involved in the payment for that care.
- Communicate within our organization for treatment, payment, or healthcare operations.
- Communicate with other providers, health plans, or their related entities for their treatment, payment, or healthcare operations activities.
- Provide information to other third parties with whom we do business in order to allow those third parties to provide services to us or on our behalf. (Don’t worry—in these situations, we require third parties to provide us with assurances that they will safeguard your information.)
- Any other uses or disclosures not set forth in this Notice may only be performed with your written permission. We will also obtain your written permission before we use or disclose your PHI for any marketing purposes that are unrelated to the Services we provide. You may revoke your permission, in writing, at any time. If you do so, we will no longer use or disclose your PHI for the reasons covered by your written permission, but note that we are unable to take back any disclosures we have already made with your permission, and that we are required to retain our records of the care that we’ve provided to you.
Rio Ray’s responsibilities with respect to your PHI
Rio Ray is required by HIPAA to:
- Maintain the privacy of your PHI.
- Provide this Notice setting forth our duties and privacy practices.
- Abide by the terms of the version of this Notice currently in effect.
- Tell you if there has been a security breach that compromises your PHI.
- Please note that some states have laws that may require that we apply extra protections to some of your health information.
Your rights with respect to your PHI
You have the following rights with respect to your PHI maintained by Rio Ray.
Inspect and copy. You have the right to inspect and copy certain portions of your PHI. We may, in certain limited circumstances, deny your request to inspect or copy your PHI. If we do so, we will inform you of the reason for the denial.
Amend. You have the right to amend your PHI if you feel that it is incorrect or incomplete. We may, in certain limited circumstances, deny your request to amend your PHI. If we do so, you may submit a statement of disagreement for inclusion in your records.
Accounting of disclosures You have the right to an accounting of our disclosures of your PHI made over the past six years. This right does not apply to disclosures made for treatment, payment, or healthcare operations; disclosures made to you about your treatment; disclosures made pursuant to an authorization; and certain other disclosures.
Restrictions on disclosure You have the right to request restrictions on how we use or disclose your PHI. Rio Ray is not required to comply with such requests except for requests pertaining to disclosure to a vision insurance plan or other payor for payment or certain care operations that relate to an item or service for which you have paid out of pocket in full. If we agree to any such request, we will comply with your request except in certain emergency situations or as required by law.
Communication You have the right to request that we communicate with you at a specific telephone number or address.
Paper copy You have the right to obtain a paper copy of this Notice (even if you’re currently reading it electronically!).
Changes to this Notice
We occasionally review this Notice to make sure it complies with applicable laws and conforms to changes in our business. We may need to update this Notice, and we reserve the right to do so at any time. If we change the terms of this Notice, the new terms will apply to all PHI that we maintain, including PHI that you provided to us before such changes were made. We will post the new Notice on our website and mobile applications, and will update the “Effective Date” at the top of this page so you can tell if it has changed since your last visit. We will make the new Notice available upon request. Your continued use of the Services constitutes your acceptance of the terms of such revised Notice.
Contacting Rio Ray
To exercise any of your rights set forth in this Notice, or for more information about Rio Ray’s privacy practices, email email@example.com or write to 6601 Sunplex Drive, Ocean Springs, MS 39564.