Privacy Policy

Effective Date: October 15, 2022
Health Care Remotely, LLC (“HC Remotely,” “we,” “us,” or “our”) operate the website https://hcremotely.com. The website does not track individually identifiable information (also known as “Protected Health Information” or “PHI”).

We offer telehealth services enabling our patients to receive health care using audiovisual or audio-only services. The website includes a link to HC Remotely’s instance of Athenahealth’s patient portal (“practice patient portal”) that does record PHI. Any PHI entered into the patient portal is subject to the company’s Health Insurance Portability and Accountability Act Notice of Privacy Practices (“HIPAA Privacy Notice”). The HIPAA Privacy Notice describes how we use and share your PHI and also describes your rights with respect to your PHI. To the extent that there is a conflict between this Privacy Policy and the HIPAA Privacy Notice with respect to PHI, the HIPAA Privacy Notice will prevail.

If you have questions or concerns about our Privacy Policy, want to submit a request or would like to report a violation, you can contact us by sending an email to privacy@hcremotely.com.

What personal data we collect

We do not collect any personal data from site visitors to this website. We do not have any contact forms, comments or third-party embeds. We do not use cookies for tracking or analytic purposes. If you send us an email, your email, including your email address, will be retained for up to 90 days to help our team track progress toward addressing questions or comments over that time period.

First-time users will be asked to provide personal health information and payment information to facilitate practice registration and support the initial clinical visit. The data are managed by a HIPAA-compliant technology partner and then transferred into our electronic medical record. Subsequently, HC Remotely patients may be asked to submit, within the practice’s patient portal:

  • Personal health information within the for the purposes of reliably identifying you across clinical encounters (e.g., name, date of birth, user name, email address, contact information, health insurance carrier and plan, phone number(s), password),
  • Health information about you prepared or obtained by our team who provide clinical services for you like medical and therapy records, treatment and examination notes, and other health-related information.
  • Information related to family members and other individuals who are associated with your account.
  • Payment information including your credit card number, expiration date, and credit card security code.
  • If you agree to allow us to collect medical records from your past, current or future health providers, we may collect those medical records within your medical records within our instance of the Athenahealth electronic medical record.
  • Athenahealth may collect information about your device is you access any of the company’ mobile applications or use the company’s services as part of your interactions with HC Remotely (e.g., device ID, browser type, language preferences, IP address, geolocation information, date/time stamps of when you accessed Athenahealth’s services or applications).

Athenahealth may also use cookies on its services. The company uses cookies to:

  • Authenticate users
  • Block malicious use of login credentials
  • Shield unauthorized access to our Service

Athenahealth may also use cookies to collect information about their services to understand how you use those services to improve them.

Comments

Registered patients can send comments to the practice or their specific treating physician or provider within the practice’s patient portal. These online messages are stored within the portal and will not be used for any purposes beyond addressing the message content.

Media

Registered patients can send photographs or other media to the practice or their specific treating physician or provider within the practice’s patient portal. These images are stored within the portal and will not be used for any purposes beyond addressing the image for diagnostic or treatment purposes.

Embedded content from other websites

Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Our Site includes Social Media Features, such as the Facebook button. These Features may collect your IP address, which page you are visiting on our Site, and may set a cookie to enable the Feature to function properly. Social Media Features are either hosted by a third party or hosted directly on our Site. Your interactions with these Features are governed by the privacy statement of the company providing them.

Athenahealth’s patient portal may also include links to or information about websites, applications, products, services and solutions that are operated by third parties. We do not control and are not responsible for any information you wish to share with, or access from, these third parties.

How we use your information

The website does not collect any information about you. Once you log into the practice’s patient portal, your personal information (e.g., PHI, credit card information) will be used to:

  • Run our practice, improve your care and contact you when necessary using your preferred contact method
  • Share it with other professionals who are treating you
  • Send you information from trusted third-party partners (e.g.Healthwise).
  • To create summary information using de-identified data (in groups of no fewer than 100 patients) to share the practice’s performance
  • Use and share your health information to bill and get payment from health plans or other entities
  • Respond to organ and tissue donation requests
  • Work with a medical examiner or funeral director
  • Address workers’ compensation, law enforcement and other government requests
  • Respond to lawsuits and legal actions
  • Comply with state and federal laws
  • Athenahealth may also share your health information
    • To address public health or safety needs (e.g., preventing disease, helping with product recalls, reporting adverse reactions to medications, reporting suspected abuse, neglect or domestic violence, preventing or reducing a serious threat to anyone’s health or safety)
    • In other ways that contribute to the public good. Athenahealth must meet specific conditions defined by law to share your information for these services (click here for more details)
    • To perform health research
    • To enable cross-device/cross-context tracking when you use your log in with athena account
    • To plan and execute security and risk control measures, like fraud and abuse detection and prevention

With whom we share your data

We believe the basis of all health care interactions is trust. Here are a list of entities with whom we may share your personal health information that you enter through the practice’s patient portal:

  • Healthcare providers, insurance companies, and other healthcare-related entities. We may share your information with other health care providers, laboratories, government agencies, insurance companies, organ procurement organizations, medical examiners or funeral directors, and other entities relevant to providing you with treatment options and support.
  • Authorized third-party vendors and service providers. We may share your information with third-party vendors and service-providers that help us with specialized services, including billing, payment processing, customer service, email deployment, business analytics, performance monitoring, hosting, and data processing. These third-party vendors and service providers may not use your information for purposes other than those related to the services they are providing to us.
  • Business transfers. We may share your information in connection with a substantial corporate transaction, such as a merger, consolidation, asset sale, or bankruptcy.
  • Legal purposes. We may disclose information to respond to subpoenas, court orders, legal process, law enforcement requests, legal claims or government inquiries, and to protect and defend the rights, interests, health, safety, and security of HC Remotely, our affiliates, users, or the public. If we are legally compelled to disclose information about you to a third party, we will attempt to notify you by sending you a message through your preferred contact modality unless doing so would violate the law or unless you have not provided your email address to us.

Electronic communications

In connection with your accounts created for HC Remotely, athenahealth may need to send business, informational, support and security related messages (whether texts, alerts or calls) to all telephone numbers, including cellular numbers or mobile devices, you choose to provide on your accounts. You agree such texts or calls may be pre-recorded messages or placed with an automatic telephone dialing system. In addition, you agree that athenahealth may send service or account related text messages to cellular phone numbers you provide to athenahealth, and you agree to accept and pay all carrier message and data rates that apply to such text messages.

If you choose to provide an e-mail or other electronic address on your account, you acknowledge and consent to receive business and informational messages relating to your account at the address, and you represent and warrant that such address is your correct address and is not accessible or viewable by any other person.

Security

We use reasonable measures to help protect information from loss, theft, misuse and unauthorized access, disclosure, alteration and destruction (including using the Secure Socket Layer [SSL] system for web page interactions and secure messaging through the Athenahealth electronic medical record). No data storage system or transmission of data over the Internet or any other public network can be guaranteed to be 100% secure. Please note that information collected by third parties may not have the same security protections as information you submit to us, and we are not responsible for protecting the security of such information.

We are required by law to notify you if there has been a breach that compromises your health information.

How long we retain your data

We do not collect any data on the practice website. If you become a patient in the practice, here are the lengths of time we will retain your records:

  • Arizona, Colorado, Delaware, Georgia, Illinois, Michigan and Washington: Six years
  • California: 10 years
  • Texas: Seven years

All patients of the practice will have access to all of the notes from the practice within the practice patient portal. You may request to have your medical records sent to you or a different practice at any time. You can make that request through the portal or you can send an email to admin@hcremotely.com.

Your health information rights

You have a right:

  • To access your health information at any time. Your records are always available to you through the practice’s patient portal. If you would like a copy of your medical records emailed to you, please email admin@hcremotely.com.
  • To request an amendment to certain portions of your medical record if you feel the health information is incorrect or incomplete. However, under certain circumstances, we may deny your request.
  • To request that we contact you in a specific way (e.g., home or office phone) or send mail to a different address.
  • To receive a list of instances when we have shared your health information with another person or organization. The only exception is when we share your information with a person or organization for treatment, payment or health care operations.
  • To request that we restrict how we use or disclose your health information. You can update your health information sharing preferences at any time by logging into the practice’s patient portal. If any portion of your visit cost is covered by an insurance company, that insurance company may request your records as a component of payment or operations.
  • To obtain a paper copy of this notice even if you receive it electronically.
  • To have your medical power of attorney or your legal guardian exercise your rights and make choices about your health information.
  • To file a complaint if you feel your rights have been violated. You can
    • Email the practice at privacy@hcremotely.com.
    • File a complaint with the U.S. Department of Health and Human Services Office of Civil Rights by
      • sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201
      • calling 1.877.696.6775
      • visiting www.hhs.gov/ocr/privacy/hipaa/complaints

We will not retaliate against you for filing a complaint.

We prefer that you contact us though the practice’s patient portal as that method provides us with enough assurance that you are the person authorized to make the request about your health information. If you choose to email us at admin@hcremotely.com, please include enough information for us to reliably determine that you are indeed someone who is authorized to make your request. Email requests for your medical records will be completed within 30 days. Email requests for an “accounting of disclosures” will be addressed within seven days.

California residents

Under the California Consumer Privacy Act of 2018 (CCPA), California residents have additional privacy rights which are addressed in this Section VII. These rights apply solely to California residents and are in addition to the rights stated in this Privacy Policy. The CCPA does not apply to information regulated either by the California Confidentiality of Medical Information Act (CMIA), the Health Insurance Portability and Accountability Act of 1996 (HIPAA), or the Health Information Technology for Economic and Clinical Health Act (HITECH), nor does it apply to covered entities, including providers of health care, and their business associates, who maintain patient information in accordance with those laws.

We do not sell your personal information, have not sold your personal information within the prior 12 months, and only use and disclose your personal information as stated in this Privacy Policy. You have the right to request we provide you with details about the information we collect and disclose about you within the prior 12 months, including:

  • The categories of personal information we collect about you,
  • The categories of the sources of personal information we collect about you,
  • Our business or commercial purpose for collecting that information,
  • The categories of personal information that were disclosed for a business purpose,
  • The categories of third parties to whom we disclosed that personal information, and
  • The specific pieces of personal information we collect about you.

You may also request that we delete your information. These rights are subject to certain exceptions and limitations permitted by CCPA. To submit an access or deletion request, you may email us at admin@hcremotely.com stating your request with sufficient detail and providing information that allows us to reasonably verify you as the person whose data is the subject of such request. We will not respond to more than two requests from you in a 12-month period. We will not discriminate against you if you exercise your rights under CPPA. By exercising your rights you will not be (i) subject to denial of goods or services, (ii) charged a different price or rate, or (iii) provided different quality of service.

International users

Although anyone can view the information on this website, we do not knowingly allow individuals outside the United States to register as patients with the practice. If we learn that we have collected the personal information of an individual outside the United States, we will take steps to delete the information as soon as possible, except where prohibited by applicable law.

Children

Although anyone can view the information on this website, we do not knowingly allow individuals under the age of 18 to register as patients with the practice. If we learn that we have collected the personal information of a child under 18, we will take steps to delete the information as soon as possible, except where prohibited by applicable law.

If you are a parent or guardian and discover that your child under the age of 18, or equivalent minimum age depending on jurisdiction, has obtained a Health Care Remotely account, then you may email us at privacy@hcremotely.com and request that we delete that child’s personal information from our systems.

Changes to the Privacy Policy

We may update this Privacy Policy from time to time. When we update the Privacy Policy, we will revise the “Effective Date” date above and post the new Privacy Policy. We recommend that you review the Privacy Policy each time you visit the Services to stay informed of our privacy practices.

If you disagree with an updated Privacy Policy, you have the right to request a copy of your medical records through the practice’s patient portal and obtain subsequent medical care elsewhere. Your continued use of the practice’s services after a Privacy Policy change has been posted constitutes your acceptance of the changes.

We have adopted the following policies

  • Patient information will be kept confidential except as is necessary to provide services or to ensure that all administrative matters related to your care are handled appropriately. This specifically includes the sharing of information with other healthcare providers, laboratories, health insurance payers as is necessary and appropriate for your care.
  • It is the policy of this office to remind patients of their appointments. We may do this by telephone, e-mail, U.S mail, or by any means convenient for the practice and/or as requested by you. We may send you other communications informing you of changes to office policy and new technology that you might find valuable or informative.
  • You understand and agree to inspections of the office and review of documents which may include PHI by government agencies or insurance payers in normal performance of their duties.
  • You agree to bring any concerns or complaints regarding privacy to the attention of the office manger or the doctor.
  • Your confidential information will not be used for the purposes of marketing or advertising of products, goods or services.
  • We agree to provide patients with access to their records in accordance with state and federal laws.
  • We may change, add, delete or modify any of these provisions to better serve the needs of the both the practice and the patient. When we update this policy, we will ask you to sign an updated privacy policy at your next interaction with us as a condition of continuing care with us.
  • You have the right to request restrictions in the use of your protected health information and to request change in certain policies used within the office concerning your PHI. However, we are not obligated to alter internal policies to conform to your request.

Questions?

If you have questions about the elements of the Privacy Policy that pertain to the practice website, please email admin@hcremotely.com.

If you have questions about elements of the Privacy Policy that pertain to Athenahealth’s patient portal or electronic medical record, you can:

  • Call Athenahealth at 888-807-2076
  • Complete this online form
  • Send a letter to:

athenahealth, Inc.
Attn: Chief Compliance Officer
311 Arsenal Street
Watertown, MA 02474

 

Book Online Now