Access My Records Privacy Policy

07-24-2014

Access My Records, Inc. (AMR) is committed to protecting your health information. AMR provides systems and technologies for you to manage, create, store and transmit medical information and makes data available to service providers and facilitates the sharing of medical information among medical providers.

This notice applies to all the health care records maintained by AMR, whether made by you or a medical provider. Medical providers may have different policies or notices regarding their use and disclosure of medical information and such medical providers’ uses and disclosures will be done according to their privacy policies.

AMR maintains the privacy of medical information that identifies or relates to you and is in AMR’s control. AMR gives you this notice describing AMR’s privacy practices with respect to medical information about you. AMR will notify you following a breach of your unsecured medical information; and follow the terms of the Privacy Policy that is currently in effect.

DEFINITIONS

For the purposes of this Notice, the terms set forth in this section have the meanings assigned to them below. Terms not defined below (whether or not capitalized) have the definitions given them in HIPAA, unless the context requires otherwise:

"CONFIDENTIAL INFORMATION" means any information concerning our business, financial affairs, current or future products or technology, trade secrets, workforce, customers, or any other information that is treated or designated by us as confidential or proprietary, or would reasonably be viewed as confidential or as having value to our competitors. Confidential Information shall not include information that we make publicly available or that becomes known to the general public other than as a result of a breach of an obligation by you. Confidential Information does not include individuals' health information.

"DE-IDENTIFIED HEALTH INFORMATION" means health information that has been de-identified in accordance with the provisions of the Privacy Rule, and "De-Identify," with respect to health information, means make it into De Identified Health Information.

"DE-IDENTIFIED INFORMATION" means De-Identified Health Information and De-Identified Personal Information.

"DE-IDENTIFIED PERSONAL INFORMATION" means personal information from which a user's name and other unique identifiers have been removed, and from which the user cannot reasonably be identified; and "De-Identify," with respect to Personal Information, means to make it into De-Identified Personal Information.

"HIPAA" means the administrative simplification provisions of the Health Insurance Portability and Accountability Act of 1996, and the regulations promulgated thereunder.

"PERSONAL INFORMATION" means information that identifies you personally as a user of the System, and all information concerning you and your use of the System that is not Protected Health Information. (For example, information that identifies you personally, such as your name, or your name used in conjunction with your address, telephone number, email address, and or company name.)

“PREMIUM MEMBERSHIP” means any user’s use of the newly provided Services after the upgrading to Services designated by the site as premium services.

"PRIVACY RULE" means the Standards for Privacy of Individually Identifiable Health Information at 45 CFR part 160 and part 164, subparts A and E.

"PROTECTED HEALTH INFORMATION" has the meaning given it in the Privacy Rule, and includes all individually identifiable health information.

"SERVICES" means the services to which you have been granted access.

“STANDARD MEMBERSHIP" means any user’s use of the Services before upgrading to “Premium Membership” or, in some cases, the use of the Services after removal or exclusion of “Premium Membership”.

"SYSTEM" means the electronic communication network from time to time operated by us, all software used or provided by us, and all such hardware and software installed at or accessed by you and all documentation provided by us in connection with the System, paper or electronic.

"TERM" means the initial term and all renewal terms of this Agreement as provided in Section 16.

"USER" means you and any other user of the System.

"ACCESS ID" means a unique user access Identification assigned to an individual user.

"YOUR HEALTH INFORMATION" means Protected Health Information that you enter into the System or is otherwise provided to the System on behalf of you.

YOUR MEDICAL INFORMATION RIGHTS

The following describes the manner in which AMR handles your health information and describes the facilities and services that AMR provides for managing your health information and communicating with AMR about your health information. All written notices to AMR are sent to AMR’s Privacy Department:

Access My Records, Inc. Attn: Privacy Department
P.O. Box 970427
Boca Raton, FL 33497

Inspect and Copy. Within AMR’s services, you have the ability to inspect and copy your health information. However, to formally request to inspect or get an electronic or paper copy of your medical record or other health information, submit your request in writing to AMR’s Privacy Department. Reasonable fees may apply. AMR may deny your request to inspect and/or receive a copy in certain circumstances.

Amendment or Addendum. You may ask AMR to amend the information or add an addendum (an addition to the record) for as long as the information is kept by or for AMR. To request an amendment or addendum, your request must be made in writing and with reason, and submitted to AMR’s Privacy Department. Your request may be denied but if denied, it will be done so in writing and with reason.

Accounting of Disclosures. You may request a list of certain disclosures AMR has made of your medical information and to request this list or accounting of disclosures, submit your request in writing to AMR’s Privacy Department. Your request may be denied for statute of limitations reasons among other possible reasons and reasonable fees may apply.

Restrictions. You may request a restriction or limitation on the medical information AMR uses or discloses including disclosures to someone who is involved in your care. AMR may deny your request for reasons of applicable federal, state and local law among other possible reasons. If AMR does agree with your request, that agreement must be in writing, and AMR will comply unless the information is needed for emergency treatment. To request restrictions, make your request in writing to AMR’s Privacy Department.

Confidential Communications. You may request how AMR communicates with you. To request confidential communications, make your request in writing to AMR’s Privacy Department and AMR will accommodate all reasonable requests.

Paper Copy of This Notice. You may request a paper copy of this notice at any time by contacting AMR’s Privacy Department.

Choose a Representative. You may designate a representative to act on your behalf as a medical power of attorney or a legal guardian to exercise your rights and make choices about your medical information. A request to designate a representative is made in writing by contacting AMR’s Privacy Department. AMR will require such person attempting to act on your behalf to provide documentation proving they have authority to act for you.

HOW AMR MAY USE AND DISCLOSE MEDICAL INFORMATION ABOUT YOU

For Treatment. AMR may permit access to your medical information to your health care providers and their business associates for their treatment of you.

For AMR Operations. AMR may use and disclose medical information about you to run our organization. These uses and disclosures are necessary for the proper management and administration of AMR and its systems, and to carry out our legal responsibilities. Your medical information may also be used or disclosed to comply with law and regulation, for contractual obligations, patients’ claims, grievances or lawsuits, health care contracting, legal services, business planning and development, business management and administration, the sale of all or part of AMR to another entity, underwriting and other insurance activities and to operate AMR. For example, AMR may use medical information to review the accuracy of our system. AMR may also use and disclose medical information for data aggregation purposes and combine medical information about many individuals to decide what additional services AMR should offer, what services are not needed, and whether certain systems and technologies are effective. AMR may also disclose information to doctors, nurses, technicians, medical students, and other medical professionals for review and learning purposes. AMR may also combine the medical information with medical information from other healthcare entities to compare how AMR is operating and see where improvements can be made to its services.

Appointment Reminders. AMR may use and disclose medical information to contact you as a reminder that you have an appointment for treatment or medical care with a medical provider.

Treatment Alternatives. AMR may use and disclose medical information to tell you about possible treatment options or alternatives that may be of interest to you.

Health-Related Benefits and Services. AMR may use and disclose medical information to tell you about health-related benefits or services that may be of interest to you.

Individuals Involved in Your Care or Payment for Your Care. AMR may release medical information about you to a friend or family member who is involved in your medical care. AMR may also give information to someone who helps pay for your care. In addition, AMR may disclose medical information about you to an entity assisting in a disaster relief effort so that your family can be notified about your condition, status, and location.

Research. Under certain circumstances, AMR may use and disclose medical information about you for research purposes. AMR may use and disclose medical information about patients for research purposes, subject to the confidentiality provisions of federal, state and local law.

As Required By Law. AMR will disclose medical information about you when required to do so by federal, state, or local law. This includes, but is not limited to, to avert a serious threat to health and safety, for workers’ compensation, to make required public health disclosures, for law enforcement purposes, for national security and intelligence activities, and as otherwise may be required by federal, state, or local law.

Health Oversight Activities. AMR may disclose medical information to a health oversight agency for activities authorized or required by law.

Lawsuits and Disputes. If you are involved in a lawsuit or a dispute, AMR may disclose medical information about you in response to a court or administrative order. AMR may also disclose medical information about you in response to a subpoena, discovery request, or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.

Uses and Disclosures Requiring Patient Authorization. The following uses and disclosures will be made only with written authorization from you:

INFORMATION WE COLLECT THROUGH OUR WEBSITES

Here are some examples of the ways in which we may collect, store, and or aggregate your non-personally identifiable information through our websites, and how we may use such information:

Internet Protocol (IP) address. Your “IP address” is a number that lets computers attached to the Internet know where to send you data, such as the screens and pages viewed within our websites. We use this information to deliver these pages and screens to you upon request, to tailor our websites to the interests of you and others, and to measure traffic to and within our websites.

Cookie. A “cookie” is a small text file that may be used to collection information about your activity on our websites. For example, when you visit a particular area within our websites, a cookie is placed on your machine (if you or your browser accept the cookie). This cookie may then be read by screen or pages within our websites and related services. You may configure your browser to notify you or to reject and block cookies, but if you do, you may not have access to some areas of our websites or services, or to the personalized features of our websites and services.

Web Beacon. A “web beacon”, “clear gif”, “web bug”, or “pixel tag” is a tiny graphic file with a unique identifier that is similar in function to a cookie, but allows us to count the number of users that have visited certain pages or screens of our websites, and to help determine the effectiveness of reach and messaging to our users. When used in HTML-formatted email messages, web beacons can tell the sender whether and when the email has been opened. In contract to cookies, which may be stored on your computer’s hard drive, web beacons are typically embedded within the page viewed and not apparent to the naked eye.

Demographic Information. “Demographic information” may be your gender, age, zip code, and interests. We may collect such information about you through our websites and services and use it to provide you with personalized services and to analyze trends to ensure that our websites and services and the content exchanged is targeted to meet your needs. Please note that we consider aggregated information, which is not personally identifiable, to be de-identified information.

THIRD-PARTY WEBSITES AND ADVERTISERS

Our websites and services may contain links to third-party websites. While we endeavor to work with third-parties that share our respect for user privacy, we are not responsible nor to be held liable for the websites or privacy practices of such third-parties. We may also, use third-party advertisers, ad networks, and other advertising, marketing, and promotional companies, to serve advertisements on our websites or delivery inclusion with our emails. Such third-parties may gather information about your visit to our websites or other websites, monitor your access to or market products or services to you, monitor the ads you view, click-on, or interact with, when they were delivered, and the screens and pages that they are on.

We do not endorse these parties, their content, or any products and services they may offer or extend to you. You are responsible for knowing when you are leaving our websites and services to visit a third-party website, and for reading and understanding the terms of use and privacy policy statements for each such third-party.

CHANGES TO THE PRIVACY POLICY

AMR reserves the right to make changes to the Privacy Policy without notice. AMR reserves the right to make the revised or changed Privacy Policy effective for medical information AMR already has about you as well as any information AMR receives in the future. The Privacy Policy will contain, on the first page, the effective date. In addition, each time you register to utilize our services, you will be able to view the current Privacy Policy in effect.

COMPLAINTS AND DISPUTES

If you believe your privacy rights have been violated, you may file a complaint within 180 days to AMR. To file a complaint with AMR, contact AMR’s Privacy Department. All complaints must be submitted in writing and you will not be penalized for filing a complaint.

Should a dispute occur, all disputes with AMR are to be handled professionally, timely and submitted in writing to AMR directly. This prohibits the post of negative reviews of any kind on any review sites, social media sites, or any other such site or publication wherein opinion-based commentary is available for general or private consumption.

REMEMBER, YOU CAN DO YOUR PART TO HELP PROTECT YOUR INFORMATION BY: