Our commitment to your privacy
Our practice is dedicated to maintaining the privacy of your personal health information (PHI) as part of providing professional care. We are also required by law to keep your information private. These laws are complicated, but we must give you this important information. This is a shorter version of a full, legally required notice of privacy practices, which is available upon request.

How we use and disclose your protected health information with your consent We will use the information we collect mainly to provide you/your child with treatment, to arrange payment for our services, and for some other business activities that are called, in the law, health care operations. After you have read this notice we will ask you to sign a consent to let us use and share your information in these ways. If you do not consent and sign this form, we cannot treat you. If we want to use or send, share, or release your information for other purposes, we will discuss this with you and ask you to sign an authorization form to allow this.

At times professionals outside of our practice may access information for the purpose of business/administration functions. Examples include accountants and book keepers who access our records. These individuals will have signed contracts with our office requiring that they keep any information that they access confidential.

Disclosing your health information without your consent
There are times when the laws require us to use or share your information. For example:
1. When there is a serious threat to your/your child's or another’s health and safety or to the public. We will only share information with persons who are able to help prevent or reduce the threat.
2. When we are mandated to report child abuse or neglect or elder abuse or neglect.
3. When we are required to do so by lawsuits and other legal or court proceedings.
4. If a law enforcement official requires us to do so.
5. For workers’ compensation and similar benefit programs.
6. When the use and disclosure without your consent or authorization is allowed under other sections of Section 164.512 of the HIPAA Privacy Rule and the Commonwealth of Massachusett’s confidentiality law. This includes certain narrowly-defined disclosures to law enforcement agencies, to a health oversight agency (such as HHS or a state department of health), to a coroner or medical examiner, for public health purposes relating to disease or FDA-regulated products, or for specialized government functions such as fitness for military duties, eligibility for VA benefits, and national security and intelligence.

Your rights regarding your health information
1. You can ask us to communicate with you in a particular way or at a certain place that is more private for you. For example, you can ask us to call you at home, and not at work, to schedule or cancel an appointment.
2. You can ask us to limit what we tell people involved in your care or the payment for your/your child's care, such as family members and friends.
3. You have the right to look at the health information we have about you/your child, such as your medical and billing records. You can get a copy of these records.
4. If you believe that the information in your records is incorrect or missing something important, you can ask us to make additions to your records to correct the situation. You have to make this request in writing. You must also tell us the reasons you want to make the changes.
5. You have a right to restrict disclosures when you have paid for your care out-of-pocket (i.e., you have the right to restrict certain disclosures of PHI to a health plan when you pay out-of-pocket in full for our services).
6. You have the right to a copy of this notice.
7. You have the right to file a complaint if you believe your privacy rights have been violated. You can file a complaint with the Secretary of the U.S. Department of Health and Human Services. All complaints must be in writing. Filing a complaint will not change the health care we provide to you in any way. Also, you may have other rights that are granted to you by the laws of our state, and these may be the same as or different from the rights described above. We will be happy to discuss these situations with you now or as they arise. If you have any questions regarding this notice or our health information privacy policies, please contact us directly at 781-237-1735.
You have a right to be notified if there is a breach of your unsecured PHI. You have a right to be notified if: (a) there is a breach (a use or disclosure of your PHI in violation of the HIPAA Privacy Rule) involving your PHI; (b) that PHI has not been encrypted to government standards; and (c) my risk assessment fails to determine that there is a low probability that your PHI has been compromised.
1. When the Practice becomes aware of or suspects a security breach the practice will conduct a Risk Assessment. The Practice will keep a written record of that Risk Assessment.
2. Unless the Practice determines that there is a low probability that PHI has been compromised, the Practice will give notice of the breach within 60 days of discovery.
3. The risk assessment can be done by a business associate if it was involved in the breach. While the business associate will conduct a risk assessment of a breach of PHI in its control, the Practice will provide any required notice to patients and HHS.
4. After any breach, particularly one that requires notice, the Practice will re-assess its privacy and security practices to determine what changes should be made to prevent the re-occurrence of such breaches.

The effective date of this notice is September 23, 2003.

Consent to Use and Disclose Your Health Information

This form is an agreement between you, and me/us, when we use the words “you” and “your” below, this can mean you or your child. When we examine, test, diagnose, treat, or refer you/your child, we will be collecting what the law calls “protected health information” (PHI). We need to use this information in our office to decide on what treatment is best for you/your child. We may also share this information with others to arrange payment for your treatment, to help carry out certain business or government functions, or to help provide other treatment to you/your child. By signing this form, you are also agreeing to let us use your PHI and to send it to others for the purposes described above. Your signature below acknowledges that you have read or heard our notice of privacy practices, which explains in more detail what your rights are and how we can use and share your information.
If you are concerned about your PHI, you have the right to ask us not to use or share some of it for treatment, payment, or administrative purposes. You will have to tell us what you want in writing. Although we will try to respect your wishes, we are not required to accept these limitations. However, if we do agree, we promise to do as you asked. After you have signed this consent, you have the right to revoke it in writing.

If you do not sign this form agreeing to our privacy practices, we cannot treat you/your child. In the future, we may change how we use and share your information, and so we may change our notice of privacy practices. If we do change it, you can get a copy by calling us at 781-237-1735.
Please note: if you ask us to consult with other caregivers or with educators regarding your child, this request will release us to share information pertinent to the consultation.
Electronic communication: at times, you may wish to communicate with this office via email. Please note that this is not necessarily a secure means of communication.

Signature of client or his or her personal representative:*

Date:*
,

Name of client or personal representative:*

Relationship to client:*

Choose Clinician:*
Dr. MoldoverDr. HebertDr. Benetti-McQuoid