It is your right as a patient to be informed of the privacy practices of your healthcare provider, as well as to be informed of your privacy rights with respect to your PERSONAL HEALTH INFORMATION (PHI). The Health Insurance Portability and Accountability Act (HIPAA) (2013) provides safeguards to protect your privacy. This form is an abbreviated version of this text; however, a more complete text is posted in the Office, as well as many be provided upon request. Additional information is available from the U.S. Department of Health and Human Services. www.hhs.gov.

​

There are strict rules and restrictions on who may see or be notified of your PHI. These restrictions do not include the normal interchange of information necessary to provide you with office services. HIPAA provides certain rights and protections to you as the patient. At Face Medical Boutique, it is your right as a patient to be informed of the practice’s legal duties with respect to the protection of your PHI. Face Medical Boutique will maintain the privacy of your health information, providing you with a notice of the legal duties and practices regarding PHI collected and maintained, abiding by the terms of this notice. 

​

All patient information at Face Medical Boutique will kept confidential except as is necessary to provide services or to ensure that all administrative matters related to your care are handled appropriately, including, but not limited to sharing information with other healthcare providers as deemed necessary and appropriate for your care. Patient files may be stored in open file racks or electronically and will not contain any coding which identifies patient information which is not already a matter of public record. The normal course of providing care means that such records may be left, at least temporarily, in administrative areas, such as the front office, examination room, etc. Those records will not be available to persons other than office staff.

 

You agree to the normal procedures utilized within the office for the handling of patient records, including PHI and other documents of information. With electronic records, despite secure networks and confidentiality measures in place, there is a risk of breach information by outside sources. In the event of breached information, the patient will be notified immediately, and further measures will be taken immediately at that time to ensure the utmost confidentiality is obtained at that time. The practice utilizes a number of vendors in the conduct of business. These vendors may have access to PHI but must agree to abide by HIPAA. In addition to, you understand and agree to inspections of the office and review of documents which may include PHI by governmental agencies in normal performance of their duties. 

​

It is the policy of this office to remind patient of their appointments. We may do this by telephone, e-mail, U.S mail, or by any means convenient for the practice and/or as requested by you. We may send you other communications informing you of changes to office policy and new technology that you might find valuable or informative. 

​

Your confidential information will not be used for the purposes of marketing or advertising of products, goods, or services. At Face Medical Boutique, we agree to provide patients with access to their records in accordance with state and federal laws upon a written request. You also have the right to amend your health record in writing, stating the reason you believe it is incorrect, and obtain an accounting of your disclosures of your PHI. We may change, add, delete, or modify any of these provisions to better serve the needs of the practice and patient. If you believe your privacy rights have been violated, you do agree to bring any concerns or complaints regarding privacy to the practice immediately or with the Secretary of the Department of Health and Human Services with the understanding there will be no retaliation against you for the filing of a complaint.

​

Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall. 

All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.