Ria Health HIPAA Notice of Privacy Practices
(Last revised May 15, 2023)
- What information we collect about you
- What choices you have about your information
- How we use your information
- How and with whom we may share the information we have about you
- How we protect your information
- How to contact us with questions or concerns
We urge you to take the time to read our entire HIPAA Notice of Privacy Practices for complete detail about our privacy practices and your information.
DxRx, Inc. (dba Ria Health) and Ria Health PC (hereafter, “Ria Health”)
We are required by law to maintain the privacy of your PHI; provide you with notice of our legal duties and privacy practices with respect to your PHI; and to notify you following a breach of unsecured PHI related to you. We are required to abide by the terms of this HIPAA Notice of Privacy Practices. This HIPAA Notice of Privacy Practices is effective as of the date listed on the first page of this HIPAA Notice of Privacy Practices. This HIPAA Notice of Privacy Practices will remain in effect until it is revised. We are required to modify this HIPAA Notice of Privacy Practices when there are material changes to your rights, our duties, or other practices contained herein.
- Upon request;
- Electronically via our website or via other electronic means; and
- Electronically within the Ria Health app for members on IOS and Android.
In addition to the above, we have a duty to respond to your requests (e.g. those corresponding to your rights) in a timely and appropriate manner. We support and value your right to privacy and are committed to maintaining reasonable and appropriate safeguards for your PHI.
CONFIDENTIALITY OF ALCOHOL TREATMENT RECORDS
The confidentiality of alcohol treatment patient records maintained by us is protected by Federal law and regulations. Generally, we may not say to a person outside of Ria Health that you are a patient of Ria Health, or disclose any information identifying you as someone with an alcohol problem unless:
You consent in writing (as discussed below in “Authorization to Use or Disclose PHI”);
The disclosure is allowed by a court order (as discussed below in “Uses and Disclosures”); or
The disclosure is made to medical personnel in a medical emergency or to qualified personnel for research, audit, or program evaluation (as discussed below in “Uses and Disclosures”).
Violation of the Federal law and regulations by Ria Health is a crime. Suspected violations may be reported to appropriate authorities in accordance with Federal regulations.
Federal law and regulations do not protect any information about a crime committed by you against any person who works for Ria Health or about any threat to commit such a crime (as discussed below in “Uses and Disclosures”).
Federal laws and regulations do not protect any information about suspected child abuse or neglect from being reported under State law to appropriate State or local authorities (as discussed below in “Uses and Disclosures”).
See 42 U.S.C. 290dd-3 and 42 U.S.C. 290ee-3 for Federal laws and 42 CFR part 2 for Federal regulations.
USES AND DISCLOSURES
Uses and disclosures of your PHI may be permitted, required, or authorized. The following categories describe various ways that we use and disclose PHI.
Among Ria Health Personnel. We may use or disclose information between or among personnel having a need for the information in connection with their duties that arise out of the provision of diagnosis, treatment, or referral for treatment of alcohol or drug abuse, provided such communication is: (i) Within Ria Health PC; or (ii) Between Ria Health PC and Ria Health. For example, our staff, including doctors, nurses, and clinicians, will use your PHI to provide your treatment care. Your PHI may be used in connection with billing statements we send you and in connection with tracking charges and credits to your account. Your PHI will be used to check for eligibility for insurance coverage and prepare claims for your insurance company where appropriate. We may use and disclose your PHI in order to conduct our healthcare business and to perform functions associated with our business activities, including accreditation and licensing.
Secretary of Health and Human Services. We are required to disclose PHI to the Secretary of the U.S. Department of Health and Human Services when the Secretary is investigating or determining our compliance with the HIPAA Privacy Rules.
Business Associates. We may disclose your PHI to Business Associates that are contracted by us to perform services on our behalf which may involve receipt, use or disclose of your PHI. All of our Business Associates must agree to: (i) Protect the privacy of your PHI; (ii) Use and disclose the information only for the purposes for which the Business Associate was engaged; (iii) Be bound by 42 CFR Part 2; and (iv) if necessary, resist in judicial proceedings any efforts to obtain access to patient records except as permitted by law.
Crimes on Premises. We may disclose to law enforcement officers information that is directly related to the commission of a crime on the premises or against our personnel or to a threat to commit such a crime.
Reports of Suspected Child Abuse and Neglect. We may disclose information required to report under state law incidents of suspected child abuse and neglect to the appropriate state or local authorities. However, we may not disclose the original patient records, including for civil or criminal proceedings which may arise out of the report of suspected child abuse and neglect, without consent.
Court Order. We may disclose information required by a court order, provided certain regulatory requirements are met.
Emergency Situations. We may disclose information to medical personnel for the purpose of treating you in an emergency.
Research. We may use and disclose your information for research if certain requirements are met, such as approval by an Institutional Review Board.
Audit and Evaluation Activities. We may disclose your information to persons conducting certain audit and evaluation activities, provided the person agrees to certain restrictions on disclosure of information.
Reporting of Death. We may disclose your information related to cause of death to a public health authority that is authorized to receive such information.
PERSONAL INFORMATION COLLECTION AND USE
- Personal Information collected for Ria Health Members and for All Service Users.
- How Personal Information is used by Ria Health
- How Personal Information is stored and processed by Ria health
- How Personal Information is shared by Ria Health and Ria Health services
- International Data Transfer
- Third-party websites and applications
- Your privacy choices and rights
- Supplemental information for California residents
- Personal Information collected from Children
AUTHORIZATION TO USE OR DISCLOSE PHI
Other than as stated above, we will not use or disclose your PHI other than with your written authorization. Subject to compliance with limited exceptions, we will not use or disclose psychotherapy notes, use or disclose your PHI for marketing purposes, or sell your PHI unless you have signed an authorization. If you or your representative authorize us to use or disclose your PHI, you may revoke that authorization in writing at any time to stop future uses or disclosures. We will honor oral revocations upon authenticating your identity until a written revocation is obtained. Your revocation will not affect any use or disclosures permitted by your authorization while it was in effect.
QUESTIONS, REQUESTS FOR INFORMATION, AND COMPLAINTS
If you have questions or concerns about this HIPAA Notice of Privacy Practices, please contact us by sending an email to:
We support your right to privacy of your Protected Health Information. You will not be retaliated against in any way if you choose to file a complaint with us or with the U.S. Department of Health and Human Services.
If you believe your rights have been violated and would like to submit a complaint directly to the U.S. Department of Health & Human Services, then you may submit a formal written complaint to the following address:
U.S. Department of Health & Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
If you have a patient safety concern you may report your concern to The Joint Commission at:
Office of Quality and Patient Safety
The Joint Commission
One Renaissance Boulevard
Oakbrook Terrace, IL 60181