Privacy Policy

Printed copies of this document are considered uncontrolled. 18898.1.Rev002 09.19.2017

Keith G. Lorio, DDS

Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

I. Dental Practice Covered by this Notice

This Notice describes the privacy practices of Keith G. Lorio, DDS (“Dental Practice”). “We” and “our” means the Dental Practice. “You” and “your” means our patient.

II. How to Contact Us/Our Privacy Official

If you have any questions or would like further information about this Notice, you can contact Keith G. Lorio, DDS’ Privacy Official at:

Keith G. Lorio, DDS

11505 Perkins Road, Suite K Baton Rouge LA 70810

(225) 307-3143

appts@batonrougedentist.com

III. Our Promise to You and Our Legal Obligations

The privacy of your health information is important to us. We understand that your health information is personal and we are committed to protecting it. This Notice describes how we may use and disclose your protected health information to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. Protected health information is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services.

We are required by law to:

• Maintain the privacy of your protected health information;
• Give you this Notice of our legal duties and privacy practices with respect to that information; and
• Abide by the terms of our Notice that is currently in effect.

IV. Last Revision Date

This Notice was last revised on September 19, 2017.

V. How We May Use or Disclose Your Health Information Printed copies of this document are considered uncontrolled. 18898.1.Rev002 09.19.2017

The following examples describe different ways we may use or disclose your health information. These examples are not meant to be exhaustive. We are permitted by law to use and disclose your health information for the following purposes:

A. Common Uses and Disclosures

1. Treatment. We may use your health information to provide you with dental treatment or services, such as cleaning or examining your teeth or performing dental procedures. We may disclose health information about you to dental specialists, physicians, or other health care professionals involved in your care.

2. Payment. We may use and disclose your health information to obtain payment from health plans and insurers for the care that we provide to you.

3. Health Care Operations. We may use and disclose health information about you in connection with health care operations necessary to run our practice, including review of our treatment and services, training, evaluating the performance of our staff and health care professionals, quality assurance, financial or billing audits, legal matters, and business planning and development.

4. Appointment Reminders. We may use or disclose your health information when contacting you to remind you of a dental appointment. We may contact you by using a postcard, letter, phone call, voice message, text or email.

5. Treatment Alternatives and Health-Related Benefits and Services. We may use and disclose your health information to tell you about treatment options or alternatives or health-related benefits and services that may be of interest to you.

6. Disclosure to Family Members and Friends. We may disclose your health information to a family member or friend who is involved with your care or payment for your care if you do not object or, if you are not present, we believe it is in your best interest to do so.

7. Disclosure to Business Associates. We may disclose your protected health information to our third-party service providers (called, “business associates”) that perform functions on our behalf or provide us with services if the information is necessary for such functions or services. For example, we may use a business associate to assist us in maintaining our practice management software. All of our business associates are obligated, under contract with us, to protect the privacy of your information and are not allowed to use or disclose any information other than as specified in our contract.

B. Less Common Uses and Disclosures

1. Disclosures Required by Law. We may use or disclose patient health information to the extent we are required by law to do so. For example, we are required to disclose patient health information to the U.S. Department of Health and Human Services so that it can investigate complaints or determine our compliance with HIPAA.

2. Public Health Activities. We may disclose patient health information for public health activities and purposes, which include: preventing or controlling disease, injury or disability; reporting births or deaths; reporting child abuse or neglect; reporting adverse reactions to medications or foods; reporting product defects; enabling product recalls; and Printed copies of this document are considered uncontrolled. 18898.1.Rev002 09.19.2017

notifying a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.

3. Victims of Abuse, Neglect or Domestic Violence. We may disclose health information to the appropriate government authority about a patient whom we believe is a victim of abuse, neglect or domestic violence.

4. Health Oversight Activities. We may disclose patient health information to a health oversight agency for activities necessary for the government to provide appropriate oversight of the health care system, certain government benefit programs, and compliance with certain civil rights laws.

5. Lawsuits and Legal Actions. We may disclose patient health information in response to (i) a court or administrative order or (ii) a subpoena, discovery request, or other lawful process that is not ordered by a court if efforts have been made to notify the patient or to obtain an order protecting the information requested.

6. Law Enforcement Purposes. We may disclose your health information to a law enforcement official for a law enforcement purposes, such as to identify or locate a suspect, material witness or missing person or to alert law enforcement of a crime.

7. Coroners, Medical Examiners and Funeral Directors. We may disclose your health information to a coroner, medical examiner or funeral director to allow them to carry out their duties.

8. Organ, Eye and Tissue Donation. We may use or disclose your health information to organ procurement organizations or others that obtain, bank or transplant cadaveric organs, eyes or tissue for donation and transplant.

9. Research Purposes. We may use or disclose your information for research purposes pursuant to patient authorization waiver approval by an Institutional Review Board or Privacy Board.

10. Serious Threat to Health or Safety. We may use or disclose your health information if we believe it is necessary to do so to prevent or lessen a serious threat to anyone’s health or safety.

11. Specialized Government Functions. We may disclose your health information to the military (domestic or foreign) about its members or veterans, for national security and protective services for the President or other heads of state, to the government for security clearance reviews, and to a jail or prison about its inmates.

12. Workers’ Compensation. We may disclose your health information to comply with workers’ compensation laws or similar programs that provide benefits for work-related injuries or illness.

VI. Your Written Authorization for Any Other Use or Disclosure of Your Health Information

Uses and disclosures of your protected health information that involve the release of psychotherapy notes (if any), marketing, sale of your protected health information, or other uses or disclosures not described in this notice will be made only with your written authorization, unless otherwise permitted or required by law. You may revoke this Printed copies of this document are considered uncontrolled. 18898.1.Rev002 09.19.2017

authorization at any time, in writing, except to the extent that this office has taken an action in reliance on the use of disclosure indicated in the authorization. If a use or disclosure of protected health information described above in this notice is prohibited or materially limited by other laws that apply to use, we intend to meet the requirements of the more stringent law.

VII. Your Rights with Respect to Your Health Information

You have the following rights with respect to certain health information that we have about you (information in a Designated Record Set as defined by HIPAA). To exercise any of these rights, you must submit a written request to our Privacy Official listed on the first page of this Notice.

A. Right to Access and Review

You may request to access and review a copy of your health information. We may deny your request under certain circumstances. You will receive written notice of a denial and can appeal it. We will provide a copy of your health information in a format you request if it is readily producible. If not readily producible, we will provide it in a hard copy format or other format that is mutually agreeable. If your health information is included in an Electronic Health Record, you have the right to obtain a copy of it in an electronic format and to direct us to send it to the person or entity you designate in an electronic format. We may charge a reasonable fee to cover our cost to provide you with copies of your health information.

B. Right to Amend

If you believe that your health information is incorrect or incomplete, you may request that we amend it. We may deny your request under certain circumstances. You will receive written notice of a denial and can file a statement of disagreement that will be included with your health information that you believe is incorrect or incomplete.

C. Right to Restrict Use and Disclosure

You may request that we restrict uses of your health information to carry out treatment, payment, or health care operations or to your family member or friend involved in your care or the payment for your care. We may not (and are not required to) agree to your requested restrictions, with one exception: If you pay out of your pocket in full for a service you receive from us and you request that we not submit the claim for this service to your health insurer or health plan for reimbursement, we must honor that request.

D. Right to Confidential Communications, Alternative Means and Locations

You may request to receive communications of health information by alternative means or at an alternative location. We will accommodate a request if it is reasonable and you indicate that communication by regular means could endanger you. When you submit a written request to the Privacy Official listed on the first page of this Notice, you need to provide an alternative method of contact or alternative address and indicate how payment for services will be handled.

E. Right to an Accounting of Disclosures Printed copies of this document are considered uncontrolled. 18898.1.Rev002 09.19.2017

You have a right to receive an accounting of disclosures of your health information for the six (6) years prior to the date that the accounting is requested except for disclosures to carry out treatment, payment, health care operations (and certain other exceptions as provided by HIPAA). The first accounting we provide in any 12-month period will be without charge to you. We may charge a reasonable fee to cover the cost for each subsequent request for an accounting within the same 12-month period. We will notify you in advance of this fee and you may choose to modify or withdraw your request at that time.

F. Right to a Paper Copy of this Notice

You have the right to a paper copy of this Notice. You may ask us to give you a paper copy of the Notice at any time (even if you have agreed to receive the Notice electronically). To obtain a paper copy, ask the Privacy Official.

G. Right to Receive Notification of a Security Breach

We are required by law to notify you if the privacy or security of your health information has been breached. The notification will occur by first class mail within sixty (60) days of the event. A breach occurs when there has been an unauthorized use or disclosure under HIPAA that compromises the privacy or security of your health information.

The breach notification will contain the following information: (1) a brief description of what happened, including the date of the breach and the date of the discovery of the breach; (2) the steps you should take to protect yourself from potential harm resulting from the breach; and (3) a brief description of what we are doing to investigate the breach, mitigate losses, and to protect against further breaches.

VIII. Special Protections for HIV, Alcohol and Substance Abuse, Mental Health and Genetic Information

Certain federal and state laws may require special privacy protections that restrict the use and disclosure of certain health information, including HIV-related information, alcohol and substance abuse information, mental health information, and genetic information. For example, a health plan is not permitted to use or disclose genetic information for underwriting purposes. Some parts of this HIPAA Notice of Privacy Practices may not apply to these types of information. If your treatment involves this information, you may contact our office for more information about these protections.

IX. Our Right to Change Our Privacy Practices and This Notice

We reserve the right to change the terms of this Notice at any time. Any change will apply to the health information we have about you or create or receive in the future. We will promptly revise the Notice when there is a material change to the uses or disclosures, individual’s rights, our legal duties, or other privacy practices discussed in this Notice. We will post the revised Notice on our website (if applicable) and in our office and will provide a copy of it to you on request. The effective date of this Notice is 9/19/17.

X. How to Make Privacy Complaints

If you have any complaints about your privacy rights or how your health information has been used or disclosed, you may file a complaint with us by contacting our Privacy Official listed on the first page of this Notice. Printed copies of this document are considered uncontrolled. 18898.1.Rev002 09.19.2017

You may also file a written complaint with the Secretary of the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you in any way if you choose to file a complaint.

XI. How We Use Cookies

Cookies are small files sent to your web browser from a server and stored on your computer. They allow einsteinlaw.com to improve your user experience by collecting and remembering information about your preferences when using the site. Cookies can be accepted or declined. Cookies cannot grant access to your computer or any of the information it contains.

Most browsers automatically accept cookies, but you can change your settings to decline cookies if you wish. However, it is important to understand that declining cookies may keep you from taking full advantage of the site.

Learn more about managing cookies in the most commonly used browsers:

Google Chrome: http://www.google.com/support/chrome/bin/answer.py?answer=95647

Apple Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

Microsoft Internet Explorer: https://privacy.microsoft.com/en-us/ie11-win7-privacy-statement

Microsoft Edge: https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy

Mozilla Firefox: http://support.mozilla.com/en-US/kb/Enabling%20and%20disabling%20cookies

XII. Google AdWords Remarketing

We use Google AdWords Remarketing to advertise our services across the web. We also use it to provide marketing that is relevant to you. By placing a cookie on your browsing device, Google AdWords Remarketing displays ads tailored to you based on the parts of our site that you visit. This cookie does not identify you or give access to your computer. Instead, the cookie acknowledges that you visited a page, resulting in the placement of ads related to that page topic. You can choose not to participate in Google AdWords Remarketing by visiting this page. You can choose not to participate in any third-party vendor’s use of cookies by visiting this page.

XIII. Google Analytics

Google Analytics is a tool that records data pertaining to how users go about finding the information they seek, including search terms used and the amount of traffic that certain websites attract. We use this information to improve the user experience by making einsteinlaw.com easier to find for those who can benefit from our content. As with AdWords Remarketing, Google Analytics relies on cookies to collect this information. You can opt out of participating in Google Analytics and cease receiving related cookies by following these instructions

XIV. Facebook Lead Ads

Facebook Lead Ads are advertisements we place on Facebook that allow you to submit your personal information directly to us so that we can contact you and discuss your interest in our services. The terms of our privacy policy apply to personal information submitted through a Facebook Lead Ad. We do not target minors through Lead Ads.

XV. Bing Ads Data Collection

Bing Ads uses anonymous cookies to collect data regarding user actions on an advertiser’s websites. We use Bing Ads to learn how often users click our advertisements, how long users spend on our site, how often they visit, and other data. If you do not wish to participate in Bing Ads data collection, please follow the instructions outlined on this page.

XVII. Our Data Storage

The Office of Keith G. Lorio, DDS, APDC retains all ownership rights pertaining to databases, software, codes, designs and all other internally developed applications used to provide our site and our services. You retain all rights to the data you submit to einsteinlaw.com. We work with third-party vendors and hosting companies in order to provide the networking, storage, software, hardware, and other technology needed to provide our services.

XVIII. Managing Your Personal Information

We take every measure to give you access to your personal information. You can correct errors or remove your information altogether at any time, as long as the preservation of this data is not required by law or for genuine business purposes. To initiate this process, you must identify yourself and the information you wish to access, modify, correct, or remove. We reserve the right to refuse requests that endanger the privacy of others, are unrealistic, would require unreasonably extensive technical effort, or require unauthorized access. When users are granted access to their personal information, this is provided free of charge unless it requires substantial effort on our part.

If you would like to access, change, or remove your personal information, please contact us. If you wish to remove your information, we will do so within 7 business days of receiving your request.