HIPAA Notice and Consent

What Health Information Do We Collect and Maintain?

The health information that we collect or maintain may include:

• Your name, age, phone number, date of birth, email address, username, password, and other registration information.
• Health information that you provide to us, including information or records relating to your medical or health history, health status, laboratory testing results, photos, videos, diagnostic images, and other health-related information.
• Health information about you prepared or obtained by our clinical professionals and support staff who provide clinical services through Materna Providers, such as medical records, treatment notes, remote monitoring data, and other health-related information.
• Health information we collect through your use of our software, including responses to health-related questions.
• Billing information that you provide to us, such as credit card information, or that we receive from a provider of healthcare benefits on your behalf.

How Do We Use and Disclose Health Information?

We use and disclose your health information for normal business activities that fall into the categories of treatment, payment, and health care operations. Generally, we do not need your permission for these disclosures under applicable law. Examples include:

• Treatment: We keep a record of the health information you provide us. This record may include test results, diagnoses, medications, responses to medications or therapies, and information we learn about your medical condition through our services. We may disclose this information so other doctors, nurses, clinicians, laboratories, and care partners can meet your health care needs.
• Payment: We document the services and supplies you receive when we provide care so that you, a health plan, or another third party can pay us.
• Health Care Operations: We use health information to improve the services we provide, train staff, manage our business, assess and improve quality, and provide customer service. For example, we may use your health information to review our treatment and services and evaluate the performance of our staff in caring for you.

Other Permitted Uses and Disclosures

We may also use and disclose your health information to:

• Provide the services, including artificial intelligence-supported tools, care coordination, and customer support. Please see the Privacy Policy and Terms of Use for more information about our use of artificial intelligence.
• Comply with federal, state, or local laws and regulations.
• Assist in public health activities, such as tracking diseases or medical devices.
• Inform authorities to protect suspected victims of abuse or neglect.
• Comply with federal and state health oversight activities, such as fraud investigations, audits, and requests for information.
• Respond to law enforcement officials, judicial orders, subpoenas, or other lawful processes.
• Inform coroners, medical examiners, and funeral directors of information necessary for them to fulfill their duties.
• Conduct research following review protocols designed to balance privacy and research needs.
• Avert a serious threat to health or safety.
• Assist in specialized government functions, such as national security, intelligence, and protective services.
• Inform military and veteran authorities if you are an armed forces member, active or reserve.
• Inform a correctional institution if you are an inmate.
• Inform workers compensation carriers or your employer if you are injured at work.
• Recommend treatment alternatives or tell you about health-related products and services.
• Enforce compliance with our agreements and policies.
• Communicate within our organization for treatment, payment, or health care operations.
• Communicate with other providers, health plans, or related entities for treatment, payment, care coordination, quality assessment and improvement, or qualifications and training of health care professionals.
• Provide information to third parties with whom we do business, such as secure record storage providers, after requiring assurances that they will safeguard your information.
• Communicate with individuals involved in your care or payment for your care, such as family members or guardians, and send appointment reminders.
• Support business analytics and service improvement.

All other uses and disclosures not previously described may only be made with your written authorization. We will also obtain your authorization before using or disclosing your health information for marketing purposes, as defined under 45 CFR Section 164.501, or before selling your information.

You may revoke your authorization at any time, but revocation will not affect uses and disclosures already made in reliance on your authorization.

How Will Health Information Be Communicated?

We use standard physical, electronic, and business security methods to help prevent access to your health information by people who should not see it. However, we cannot promise that data sent over the Internet, SMS text, email, or through a data storage facility will be fully secure. By using the services and providing your cell phone number and email address, you permit us to communicate with you by SMS text message and email. You may ask us to stop sending SMS text messages by contacting support@phiahealth.com. You understand that you may have to pay data costs to receive SMS text messages that we send to your mobile phone.

Our Responsibilities

Materna Providers will:

• Maintain the privacy of your health information.
• Provide this Notice of our legal duties and privacy practices.
• Abide by the terms of the Notice currently in effect.
• Tell you if there has been a breach that compromises your health information.

We reserve the right to change our privacy practices and make new practices effective for all information we maintain. Revised notices will be posted on the service.

Your Rights

By contacting us at support@phiahealth.com, you may:

• Inspect and copy certain portions of your health information. We may deny your request under limited circumstances. You may request that we provide your health records to you in an electronic format.
• Request amendment of your health information if you believe it is incorrect or incomplete. Under certain circumstances, we may deny your request.
• Receive an accounting of certain disclosures of your health information made during the prior six years, excluding certain disclosures for treatment, payment, and health care operations. Fees may apply.
• Request that we restrict how we use or disclose your health information. We will not always agree to your request, unless the request concerns information provided to a payor, the disclosure would be for the payor's payment or health care operations, and you have paid for the health care services completely out of pocket.
• Request that we communicate with you at a specific telephone number or address.
• Obtain a paper copy of this Notice even if you receive it electronically. We may ask that some requests be made in writing.

What If I Have a Complaint?

If you believe your privacy has been violated, you may file a complaint with us or with the Secretary of the U.S. Department of Health and Human Services. We will not retaliate or penalize you for filing a complaint. To file a complaint with us or receive more information, contact us at 267-555-0198 or privacy-inquiries@phiahealth.com.

To file a complaint with the Secretary of Health and Human Services, write to 200 Independence Ave., S.E., Washington, D.C. 20201, call 1-800-537-7697, or file an online complaint at https://ocrportal.hhs.gov/ocr/smartscreen/main.jsf.

Who Will Follow This Notice?

This Notice describes the health care practices of:

• Any health care professional authorized to access or enter information into your health record through Phia Health-supported services.
• All departments and units through which health services are provided or that have access to your health information.
• All affiliates and business associates who have access to your health information as permitted by law.