HEMATOGENIX LABORATORY SERVICES, LLC (“Hematogenix”)
NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE READ THIS NOTICE CAREFULLY.

EFFECTIVE February 1, 2008

Our Commitment to Your Privacy

Hematogenix is dedicated to maintaining the privacy of your PHI. In conducting our business, we will create records regarding you and the treatment and services we provide you. We are required by law to maintain the confidentiality of health information that identifies you. We also are required by law to provide you with this notice of our legal duties and privacy practices concerning your “protected health information” or “PHI.” PHI is information about you, including basic demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services. By law, we must follow the terms of the notice of privacy practices that we have in effect at the time.

To summarize, this notice provides you with the following information:

• How we may use and disclose your PHI,
• Your privacy rights in your PHI, and
• Our obligations concerning the use and disclosure of your PHI.

The terms of this notice apply to all records containing your PHI that are created or retained by our organization. We reserve the right to revise or amend our notice of privacy practice. To the extent permitted by law, any revision or amendment to this notice will be effective for all of your records our organization has created or maintained in the past, and for any of your records we may create in the future, and such revisions shall be available at www.Hematogenix.com. If you have any questions about this notice, please contact Hematogenix. 

Subject to applicable law, the following categories describe different ways that we may use and disclose your PHI:

1. Treatment. We may use your PHI to provide and coordinate the treatment and services your receive. Many of the people who work for us may use or disclose your PHI in order to provide supplies and services to you or to assist others in your treatment, such as to perform diagnostic tests, or provide your test results to your physician.
2. Payment. We may use and disclose your PHI in order to bill and collect payment for the services and supplies you may receive from us. For example, we may contact your health insurer to certify that you are eligible for benefits (and for what range of benefits), and we may provide your insurer with details regarding you and your treatment to determine if your insurer will cover, or pay for your supplies and/or services. We may also use and disclose your PHI to obtain payment from third parties that may be responsible for such costs, such as family members. Also, we may use your PHI to bill you directly for services and supplies.
3. Health Care Operations. We may use and disclose your PHI to support the operation of our laboratory and monitory the quality of services we provide. For example, we may conduct cost-management and business planning activities for our business.

The following categories describe scenarios beyond treatment, payment and operations in which we may use or disclose your PHI, as permitted or required by law:

1. Public Health Risk. We may disclose your PHI to public health authorities that are authorized by law to collect information for the purpose of preventing or controlling disease, injury or disability, such as:

• • Maintaining vital records, such as births and deaths
  • Reporting child abuse or neglect
  • Preventing or controlling disease, injury or disability
  • Notifying a person regarding a potential exposure to a communicable disease
  • Notifying a person regarding a potential risk for spreading or contracting a disease or condition
  • Reporting reactions to drugs or problems with products or devices
  • Notifying individuals if a product or device they may be using has been recalled
  • The potential abuse or neglect of an adult patient (including domestic violence); however, we will only disclose this information if the patient agrees or we are required or authorized by law to disclose this information.

2. Health Oversight Activities. We may disclose your health information to a health oversight agency for activities authorized by law. Oversight activities can include, for example, investigations, inspections, audits, surveys, licensure and disciplinary actions; civil, administrative, and criminal procedures or actions; or other activities necessary for the government to monitor government programs, compliance with civil rights laws and the health care system in general.
3. Lawsuits and Similar Proceedings. We may use and disclose your PHI in response to a court or administrative order, if you are involved in a lawsuit or similar proceeding. We also may disclose your identifiable health in response to a discovery request, subpoena, or other lawful process by another party involved in a dispute, but only if we have made an effort to inform you of the request or to obtain an order protecting the information the party has requested.
4. Law Enforcement. We may release PHI if asked to do so by a law enforcement official in response to a valid subpoena or court order, which may be related to one of the following:

• • Regarding a crime victim in certain situations, if we are unable to obtain the person’s agreement
  • Concerning a death we believe might have resulted from criminal conduct
  • Regarding criminal conduct in our offices
  • In response to a warrant, summons, court order, subpoena, or similar legal process
  • To identify/locate a suspect, material witness, fugitive or missing person
  • In an emergency, to report a crime (including the location or victim(s) of the crime, or the description, identity or location of the perpetrator)

5. Serious Threats to Health or Safety. We may use and disclose your PHI when necessary to reduce or prevent a serious threat to your health and safety or the health and safety of another individual or the public. Under these circumstances, we will only make disclosures to a person or organization able to help prevent the threat.
6. Military. We may disclose your PHI if you are a member of U.S. or foreign military forces (including veterans) and if required by the appropriate military command facilities.
7. National Security. As authorized by law, we may disclose your PHI to federal officials for intelligence, counterintelligence, to protect the President, and other national security activities authorized by law.
8. Inmates. As authorized by law, we may disclose your PHI to correctional institutions or law enforcement officials if you are an inmate or under the custody of a law enforcement official. Disclosure for these purposes would be necessary: (a) for the institution to provide health care services to you, (b) for the safety and security of the institution, and/or (c) to protect your health and safety or the health and safety of other individuals.
9. Workers’ Compensation. We may disclose your PHI to the extent authorized by and to the extent necessary to comply with laws relating to workers’ compensation or other similar programs established by law.
10. Coroners, Medical Examiners and Funeral Directors. We may disclose health information to a coroner or medical examiner. This may be necessary, for example, to identify a deceased person or determine the cause of death. We may also disclose medical information to funeral directors consistent with applicable law to carry out their duties.
11. Organ Procurement Organizations. Consistent with applicable law, we may disclose health information to organ procurement organizations or entities engaged in the procurement, banking, or the transportation of organs for the purpose of tissue donation and transplant.
12. Research. We may disclose information to researchers when their research has been approved by an Institutional Review Board or Privacy Board that has reviewed the research proposal and established protocols to ensure the privacy of your healthcare information.
13. Business Associates. There are some services provided by Hematogenix through contracts with business associates (e.g., billing services), and we may disclose your PHI to our business associate so that they can perform their agreed upon duties. To protect your information, however, we require the business associate to appropriately safeguard your information.
14. Food and Drug Administration (FDA): We may disclose to the FDA, or persons under the jurisdiction of the FDA, PHI relative to adverse events with respect to drugs, foods, supplements, products and product defects, or post marketing surveillance information to enable product recalls, repairs, or replacement.
15. Notification. We may use or disclose your PHI to notify or assist in notifying you, a family member, personal representative, or another person responsible for your care, regarding your location and general condition.
16. Health-Related Benefits and Services. We may use your PHI to inform you of health-related benefits or services that may be of interest to you.
17. Release of Information to Family / Friends. We may release your PHI to a friend or family member that is helping you pay for your health care, or who assists in taking care of you.
18. Disclosures Required By Law. We will use and disclose your PHI when we are required to do so by federal, state or local law.

Your Rights Regarding Your PHI:

1. Confidential Communications. You have the right to request that we communicate with you about your health and related issues in a particular manner or at a certain location. For instance, you may ask that we contact you at home, rather than work. In order to request a type of confidential communication, you must make a written request to us, specifying the requested method of contact or location where you wish to be contacted. We will accommodate reasonable requests. You do not need to give a reason for your request.
2. Requesting Restrictions. You have the right to request a restriction in our use or disclosure of your PHI for treatment, payment or health care operations. Additionally, you have the right to request we limit our disclosure of your identifiable health care information to individuals involved in your care or the payment for your care, such as family members and friends. We are not required to agree to your request; however, if we do agree, we are bound by our agreement except when otherwise required by law, in emergencies, or when the information is necessary to treat you. In order to request a restriction in our use or disclosure of your PHI, you must make your request in writing to us. Your request must describe in clear and concise fashion: (a) the information you wish restricted; (b) whether you are requesting to limit our use, disclosure or both; and (c) to whom you want the limits to apply.
3. Inspection and Copies. Generally, patients are entitled to inspect and obtain a copy of his/her PHI, including patient medical records and billing record. However, because Hematogenix is subject to CLIA, the Clinical Laboratory Improvement Amendments of 1988, the PHI that we maintain may be specifically exempted, to the extent the provision of access to the patient would be prohibited by law. If permissible, you must submit your request in writing to us in order to inspect and/or obtain a copy of your PHI. We may charge a fee for the costs of copying, mailing, labor and supplies associated with your request. We may deny your request to inspect and/or copy in certain limited circumstances; however, you may request a review of our denial. Reviews will be conducted by another licensed health care professional chosen by us.
4. Amendment. You may ask us to amend your health information if you believe it to be incorrect or incomplete, and you may request an amendment for as long as the information is kept by or for us. To request an amendment, your request must be made in and submitted to us in writing. You must provide us with a reason that supports your request for amendment. We will deny your request if you fail to submit your request (and the reason supporting your request) in writing. Also, we may deny your request if you ask us to amend information that is: (a) accurate and correct; (b) not part of the PHI kept by or for us; (c) not part of the PHI which you would be permitted to inspect and copy; (d) not created by us, unless the individual or entity that created the information is not available to amend the information.
5. Accounting of Disclosures. To the extent permitted by law, all of our patients have the right to request an “accounting of disclosures.” An “accounting of disclosures” is a list of certain disclosures we have made of your PHI. In order to obtain an accounting of disclosures, you must submit your request in writing to our office. All requests for an “accounting of disclosures” must state a time period which may not be longer than six years and may not include dates before April 14, 2003.
6. Right to a Paper Copy of This Notice. You are entitled to receive a paper copy of our Notice of Privacy Practices. You may ask us to give you a copy of this notice at any time. To obtain a paper copy of this notice, contact our office.
7. Right to File a Complaint. If you believe your privacy rights have been violated, you may file a compliant with us or with the Office of Civil Rights, the United States Secretary of Health and Human Services, or any other regulatory board. All complaints must be in writing. You will not be penalized for filing a complaint.
8. Right to Provide an Authorization for Other Uses and Disclosures. We will obtain your written authorization for uses and disclosures that are not identified by this notice or permitted by applicable law. Any authorization you provide to us regarding the use and disclosure of your PHI may be revoked at any time in writing. After you revoke your authorization, we will no longer use or disclose your PHI for the reasons described in the authorization.

HEMATOGENIX WILL POST ANY CHANGES TO OUR NOTICE OF PRIVACY PRACTICES IN OUR OFFICE(S), AND ON OUR WEBSITE AT WWW.HEMATOGENIX.COM.