HIPAA BUSINESS ASSOCIATE PRIVACY STATEMENT
Welcome to the BaseMedical website, owned and operated by HealthRight LLC (“BaseMedical.com”, “HealthRight”, “we”, “us” and “our”). HealthRight LLC takes privacy very seriously. HealthRight is a Business Associate, which provides services, such as maintenance of medical records, customer-intake, billing and technical services to the physicians, known as Covered Entities, who provide telehealth services to our customers (“Physicians”). As a Business Associate, we share a commitment with the Physicians to protect the privacy and confidentiality of health information that we obtain about you subject to the terms of our Business Associate Agreements with Physicians and in compliance with the Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, and the HIPAA Privacy and Security Rules (collectively “HIPAA”).
This Privacy Statement is provided to help you better understand how we at HealthRight use, disclose, and protect your health information in accordance with the terms of Business Associate Agreements between HealthRight and Covered Entities such as Physicians and as required by HIPAA.
Business Associate Agreement. The Business Associate Agreement is a formal written contract between HealthRight and a Covered Entity that requires HealthRight to comply with specific requirements related to the use and disclosure of your health information.
Covered Entity. A Covered Entity is a health plan, health care provider (e.g., physician, physician group practice, hospital), or healthcare clearinghouse that must comply with HIPAA.
Use and Disclosure of Your Health Information
The following is a description of how HealthRight may use and disclose your health information:
Use and Disclosure of De-Identified Health Information
For various reasons, HealthRight may use de-identified health information, and the de-identified health information of other HealthRight users. In this situation, all identifiers are removed from your health information in accordance with HIPAA requirements, so there is no reasonable basis to believe that the information can be used to identify you.
We use appropriate safeguards to prevent the use or disclosure of your health information. We have implemented administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality, integrity, and availability of your electronic health information that we create, receive, maintain, or transmit on behalf of Physicians. By way of example, such safeguards include:
Mitigation of Harm
In the event of a use or disclosure of your health information that is in violation of the requirements of the Business Associate Agreements, we will mitigate, to the extent practicable, any harmful effect resulting from the violation. Such mitigation will include:
Access to Your Health Information
We will make your health information available to Physicians, or as directed by them, to you, in accordance with your right of access under HIPAA. HealthRight will comply with your health information amendment and accounting obligations set forth in HIPAA. If you wish to access your health information, please send a written/email request to:
Chief Administrative OfficerHealthRight, LLC
181 Washington Street
Conshohocken PA 19428
Or via email to:
Upon request, we will make available our internal practices, books, and records relating to the use and disclosure of your health information received from, or created or received by HealthRight on behalf of a Physician to the Secretary of the U.S. Department of Health and Human Services for the purpose of determining compliance with HIPAA.