Privacy Policy

Effective Date: October 26, 2023

This Privacy Policy describes how MacArthur GI (“we,” “us,” or “our”) protects the privacy of your Protected Health Information (PHI) and other personal information. We are committed to safeguarding your privacy and complying with all applicable federal and state laws, including the Health Insurance Portability and Accountability Act (HIPAA) of 1996 and its implementing regulations.

Please review this policy carefully.

Our Commitment to Your Privacy

We understand that your health information is personal. We are dedicated to protecting your health information and have established policies and procedures to ensure its confidentiality. This policy applies to all PHI created or maintained by MacArthur GI, whether in paper or electronic form.

What is Protected Health Information (PHI)?

PHI includes any information about your health status, provision of healthcare, or payment for healthcare that can be linked to you. This includes your demographic information, medical history, test results, diagnoses, and treatment plans.

How We May Use and Disclose Your PHI

We may use and disclose your PHI for treatment, payment, and healthcare operations without your explicit written authorization.

  • For Treatment: We may use and disclose your PHI to provide, coordinate, and manage your healthcare and related services. This includes sharing information with other healthcare providers, such as specialists, hospitals, or pharmacies, involved in your care. For example, a physician treating you for a specific condition may need to know about your overall health and other conditions you may have.
  • For Payment: We may use and disclose your PHI to obtain payment for the healthcare services we provide to you. This includes billing you, your insurance company, or a third party payer. For example, we may send a claim to your health insurer that includes information about the services we provided to you.
  • For Healthcare Operations: We may use and disclose your PHI for our internal operations to ensure we provide quality care. These activities include, but are not limited to, quality assessment and improvement activities, training programs, credentialing, administrative services, and business planning. For example, we may use your PHI to review our treatment and services and to evaluate the performance of our staff.

Uses and Disclosures Requiring Your Authorization

For certain uses and disclosures of your PHI, we will obtain your prior written authorization. These include:

Marketing: We will not use or disclose your PHI for marketing purposes without your written authorization. Sale of PHI: We will not sell your PHI without your written authorization. Psychotherapy Notes: We generally require your authorization for the use and disclosure of psychotherapy notes, if applicable. Other Uses: Any other uses or disclosures of your PHI not described in this policy will be made only with your written authorization. You have the right to revoke your authorization at any time, in writing, except to the extent that we have already acted in reliance on your authorization.

Uses and Disclosures Permitted or Required by Law Without Authorization

We may use or disclose your PHI without your authorization under certain circumstances, including:

Public Health Activities: To prevent or control disease, injury, or disability; report births and deaths; report child abuse or neglect; report reactions to medications or problems with products; notify people of product recalls; or notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.

Victims of Abuse, Neglect, or Domestic Violence: To a government authority if we believe a patient is a victim of abuse, neglect, or domestic violence. We will only make this disclosure if legally required or authorized, or if you agree. 

Health Oversight Activities: To a health oversight agency for activities authorized by law, such as audits, investigations, inspections, and licensure. 

Judicial and Administrative Proceedings: In response to a court or administrative order, subpoena, discovery request, or other lawful process. 

Law Enforcement: To law enforcement officials for specific purposes, such as responding to a warrant or subpoena, identifying or locating a suspect, fugitive, material witness, or missing person, and in emergency circumstances. 

Coroners, Medical Examiners, and Funeral Directors: To these individuals to assist them in carrying out their duties. 

Organ, Eye, or Tissue Donation: To organizations that facilitate organ, eye, or tissue procurement, banking, or transplantation. 

Research: For certain research purposes when specific privacy protections are in place, such as approval by an Institutional Review Board (IRB). 

Serious Threat to Health or Safety: To prevent a serious and imminent threat to your health and safety or the health and safety of others. 

Specialized Government Functions: To military command authorities, veterans’ affairs, national security and intelligence activities, and correctional institutions or law enforcement officials regarding inmates. 

Workers’ Compensation: As authorized by workers’ compensation laws or other similar programs.

Your Rights Regarding Your PHI

You have the following rights concerning your PHI:

  • Right to Inspect and Copy: You have the right to inspect and obtain a copy of your PHI that we maintain, which includes medical and billing records. We may charge a reasonable, cost-based fee for copies.
  • Right to Amend: If you believe that the PHI we have about you is incorrect or incomplete, you may request an amendment. We may deny your request under certain circumstances, but we will notify you of the denial and your right to submit a statement of disagreement.

  • Right to an Accounting of Disclosures: You have the right to request an “accounting of disclosures,” which is a list of certain disclosures we have made of your PHI for purposes other than treatment, payment, or healthcare operations, or those made with your authorization, or those made for certain national security or law enforcement purposes.

  • Right to Request Restrictions: You have the right to request a restriction or limitation on the PHI we use or disclose about you for treatment, payment, or healthcare operations. We are not required to agree to your request, except if you pay for a service or health care item out of pocket in full, you can request that we not disclose PHI about that service or item to your health plan for purposes of payment or healthcare operations.

  • Right to Request Confidential Communications: You have the right to request that we communicate with you about medical matters in a certain way or at a certain location. For example, you can ask that we only contact you at work or by mail. We will accommodate all reasonable requests.

  • Right to a Paper Copy of This Policy: You have the right to obtain a paper copy of this Privacy Policy upon request, even if you have agreed to receive it electronically.

  • Right to Be Notified of a Breach: You have the right to be notified in the event of a breach of your unsecured PHI.

To exercise any of these rights, please submit a written request to our Privacy Officer using the contact information provided at the end of this policy.

Our Website and Online Interactions

Information We Collect Online

When you visit macarthurgi.com, we may collect information about your visit that does not identify you personally. This “website usage data” may include:

IP Address: Your computer’s Internet Protocol address. Browser Type: The type of web browser you are using. Operating System: Your computer’s operating system. Referring Pages: The website you visited before ours. Pages Visited: Which pages you visit on our site. Time and Date: The time and date of your visit.

How We Use Website Usage Data

This non-personal information is collected through “cookies” and similar tracking technologies (e.g., Google Analytics). We use this data to:

Improve the content and functionality of our website. Understand how visitors interact with our site. Personalize your experience on our website. Analyze trends and gather demographic information about our user base as a whole.

This data is aggregated and does not identify you individually.

Cookies

A cookie is a small text file placed on your computer by a web server. Cookies do not contain PHI. You can configure your browser to refuse cookies or to alert you when cookies are being sent. However, some parts of our website may not function properly if you disable cookies.

Patient Portals and Online Forms

If our website links to or offers patient portals or online forms that collect PHI (e.g., appointment requests, medical history updates), please be assured that these platforms are designed with robust security measures to protect your PHI and are typically provided by third-party vendors who are HIPAA-compliant and operate under Business Associate Agreements (BAAs) with us. Any PHI submitted through these secure channels is handled in accordance with this Privacy Policy and HIPAA regulations.

Third-Party Websites

Our website may contain links to third-party websites (e.g., external health resources). Please be aware that we are not responsible for the privacy practices or content of these other sites. This Privacy Policy applies solely to information collected by MacArthur GI. We encourage you to read the privacy policies of any linked websites you visit.

Security of Your Information

We employ administrative, technical, and physical safeguards to protect your PHI from unauthorized access, use, or disclosure. These measures include:

  • Access Controls: Limiting access to PHI to authorized personnel only. 
  • Encryption: Using encryption technologies to protect electronic PHI when transmitted and stored. 
  • Secure Networks: Maintaining secure computer networks and systems. 
  • Staff Training: Educating our staff on privacy and security policies and procedures. 
  • Physical Safeguards: Securing our physical facilities to prevent unauthorized access to paper records.

While we strive to protect your PHI, no security system is impenetrable, and we cannot guarantee the absolute security of any information you transmit to us online.

Children’s Privacy

Our website and services are not directed at children under the age of 13, and we do not knowingly collect personal information from children under 13 on our website without verifiable parental consent. If we become aware that we have inadvertently received PHI or personal information from a child under the age of 13 without verifiable parental consent, we will delete that information from our records.

Changes to This Privacy Policy

We reserve the right to amend or update this Privacy Policy at any time. The revised policy will be effective immediately upon posting on our website. The “Effective Date” at the top of this policy will indicate when the most recent changes were made. We encourage you to review this policy periodically to stay informed about how we are protecting your information.

Questions and Complaints

If you have questions about this Privacy Policy or believe your privacy rights have been violated, you may contact our Privacy Officer:

Privacy Officer

MacArthur GI
10520 MacArthur Blvd., Oakland, CA 94605
Office: (510) 562-7467 ext 1
info@macarthurgi.com

You also have the right to file a complaint with the Secretary of the U.S. Department of Health and Human Services (HHS) if you believe your privacy rights have been violated. There will be no retaliation for filing a complaint.

This policy is intended to comply with the requirements of HIPAA and other applicable laws concerning the privacy of protected health information.