Sanesco Notice of Privacy Practices
Sanesco (the agency) must collect timely and accurate health information about you and make that information available to members of your healthcare team in this company, so that they can accurately diagnose your condition and provide the care you need. There may also be times when your health information will be sent to service providers outside of this company for services that this company cannot provide.
The purpose of this Notice of Privacy Practices is to inform you about how your health information may be used within Sanesco, as well as reasons why your health information could be sent to other service providers outside of this company.
This Notice describes your rights regarding the protection of your health information and how you may exercise those rights. This Notice also gives you contact information should you have questions or comments about the policies and procedures Sanesco uses to protect the privacy of your health information.
Please review this document carefully and ask for clarification if you do not understand any portion of it.
Effective Date: July 1, 2023
Responsibilities of Sanesco
Sanesco is required to protect the privacy of your health information that may identify you. This health information includes healthcare services that are provided to you, payment for those healthcare services, or other healthcare operations provided on your behalf. This agency is required by law to inform you of our legal duties and privacy practices with respect to your health information through this Notice of Privacy Practices.
This Notice describes the ways we may share your past, present, and future health information, ensuring that we use and/or disclose this information only as we have described in this Notice. We do, however, reserve the right to change our privacy practices and the terms of this Notice, and to make the new Notice provisions effective for all health information that we maintain.
If at any time you have questions or concerns about the information in this Notice or about our agency’s privacy policies, procedures and practices, you may contact our agency Privacy Official at (866) 670-5705.
Use and Disclosure of Health Information without Authorization
We may use or disclose your health information, as needed, in order to provide, coordinate, or manage your healthcare and related services. This includes sharing your health information with other healthcare providers, both within and outside this agency, regarding your support when we need to coordinate and manage your healthcare.
Payment for Services
We may use and give your health information to other staff and health plans you designate to bill and collect payment for the healthcare services received by you. We may share information with your health plan to determine coverage status prior to scheduled services. We will share adequate information with departments that prepare bills and manage client accounts in order to ensure payment for services rendered. We may share your health information with agents of your insurance company or health plan to confirm services that were provided to you. We may also share your health information with facility staff that review client services to make certain you have received appropriate care.
Health Care Operations
We may use or disclose your health information in performing a variety of business activities that we call “health care operations”. These “health care operations” allow us to improve the quality of care we provide to you and our other clients and help us to reduce healthcare costs.
We may contract with individuals and entities (called business associates) to perform various functions on our behalf or to provide services to you. To perform these functions or services, business associates may receive, create, maintain, use or disclose your PHI (Protected Health Information), but only after they have agreed, in writing, to safeguard your PHI.
Required by Law and Law Enforcement
We may use or disclose your PHI when we are required to do so by state or federal law. We are required to disclose your PHI to the Secretary of the U.S. Department of Health and Human Services when the Secretary is investigating or determining our compliance with federal privacy laws. We may disclose your PHI in connection with legal proceedings, such as in response to an order from a court or administrative tribunal, or in response to a subpoena. We may also disclose your PHI for law enforcement purposes.
Abuse or Neglect
We may disclose your PHI to a government authority authorized by law to receive reports of abuse, neglect or domestic violence.
We may disclose your PHI to comply with workers’ compensation laws and other similar laws that provide benefits for work-related injuries or illnesses.
We may use your health information to contact you to:
- Remind you of upcoming appointments
- Make you aware of alternative services, products, or healthcare providers that may be of interest to you
Use and Disclosure of Health Information That Allows You an Opportunity to Object
There are certain circumstances where we may disclose your health information with your expressed authorization to individuals that you authorize such as your friends and family.
Example: If we have your expressed authorization, we may share with a family member, relative, friend or other person identified by you, your health information that is directly related to that person’s involvement in your care or payment for your care, such as your spouse, if that person monitors your medication schedule.
If you would like to object to the disclosure of your health information in any of the above circumstances or if you have any questions about such disclosure, please contact our agency Privacy Official listed in this Notice for consideration of your objection. We will contact you in the event of any requests for your PHI in the scenarios above for an opportunity to object.
Use and Disclosure of Health Information That Requires Your Authorization
We will not use or disclose your health information without your expressed authorization except as specified in the above examples where use or disclosure of your information is allowed or when required by State or Federal law. For all other uses or disclosures, we will ask you to sign a written authorization that allows us to share or request your health information. Before you sign an authorization, you will be fully informed of the exact information you are authorizing to be disclosed/requested and to/from whom the information will be disclosed/requested.
You may request that your authorization be cancelled by informing our agency Privacy Official that you do not want any additional health information about you exchanged with a particular person/agency. You will be asked to sign and date the Authorization Revocation section of your original authorization. Your authorization will then be considered invalid at that point in time; however, any actions that were taken on the authorization prior to the time you cancelled your authorization are legal and binding.
Your Rights Regarding Your Health Information
You have the following rights regarding your health information as created and maintained by this agency.
Right to receive a copy of this Notice
You have a right to receive a physical copy of Sanesco Notice of Privacy Practices. At your first encounter with this agency, you will be provided a link for online access of this Notice and asked to sign acknowledgement that you have received it. Call Sanesco to request a physical copy of this Notice to be mailed to you (fees may apply).
Right to request different ways to communicate with you
You have the right to request to be contacted at a different location or by a different method. For example, you may request all written information be sent to your work address rather than your home address. We will agree with your request as long as it is reasonable to do so; however, your request must be made in writing and forwarded to our Privacy Official at 375 280th St, Osceola, WI 54020.
Right to request to see and copy your health information
Effective April 5, 2014, a patient or their legal representative may request and must be provided with copies of completed test reports from laboratories subject to CLIA standards, as long as the patient’s identity can be identified via the laboratory’s authentication process.
We request you provide a written request to access or disclose your PHI by completing a PHI Request Form or contact our Privacy Official at (866) 670-5705. Written requests must be forwarded to our Privacy Official at 375 280th St, Osceola, WI 54020.
If your request is approved, you may be charged a fee to cover the cost of the copy, excluding labor costs. Instead of providing you with a full copy of the health information, we may give you a summary or explanation of your health information, if you agree in advance to that format and to the cost of such information.
Your request may be denied under certain circumstances. If we do deny your request, we will explain our reason for doing so in writing and describe any rights you may have to request a review of our denial.
Right to request amendment of your health information
You have the right to request changes in your health information in clinical, billing, and other
records used to make decisions about you. If you believe that we have information that is either inaccurate or incomplete, you may submit a request in writing to our agency Privacy Official and explain your reasons for the amendment. We must respond to your request within 60 days of receiving your request.
We may deny your request if:
- the information was not created by this company (unless you prove the creator of the information is no longer available to change the information);
- the information is not part of the records used to make decisions about you;
- we believe the information is correct and complete; or
- you do not have the right to see and copy the record
Our Policies for Protecting Your Protected Health Information
We protect the PHI that we maintain about you by using commercially reasonable physical, technical, and administrative safeguards in accordance with applicable law. When our business activities require us to provide PHI to third parties, they must agree to follow appropriate standards of security and confidentiality regarding the PHI received. Access to your PHI is restricted to appropriate business purposes.
We have developed privacy policies to protect your PHI. All employees receive training on these policies and must sign a privacy acknowledgment form, binding them to abide by our policies and procedure.