Please note that the scope of this Policy is limited to information collected or received by Company through your use of the Services. Company is not responsible for the actions of third party people or companies, the content of their software or sites, the use of information you provide to them, or any products or services they may offer. Any link to those software and sites does not constitute our sponsorship of, or affiliation with, those people or companies.
- Personal Information Collection.
2.1 Account. If you are a Services customer then you will be entitled to access your Services account on the Website, Software or App (“Account”). We may collect certain Personal Information from you as part of the Account registration process, such as your email address and other designated information.
2.2 Health History. We may collect certain Personal Information, including information regarding your health history from you as part of the Account registration process.
2.3 Contact Us Information. If you choose to send us a “Contact Us” request, whether by submitting an online form that we make available on the Website, through the Software or App, or by sending an email to an email address that we display on the Website, you may be required to provide us with certain Personal Information such as your name and email address. You may also choose to provide us with additional Personal Information.
2.4 Log Files. The Services may make use of log files. The information inside the log files includes IP addresses, type of browser, Internet Service Provider, date/time stamp, referring/exit pages, clicked pages and any other information your browser may send to us. We may use such information to analyze trends, administer the Services, track user’s movement around the Services, prevent fraud, and gather demographic information.
2.5 Cookies and Tracking. The Website may utilize “cookies” and other tracking technologies. A “cookie” is a small text file that may be used, for example, to collect information about Website activity. Certain cookies and other technologies may serve to recall Personal Information previously indicated by a Website user. Most browsers allow you to control cookies, including whether or not to accept them and how to remove them. You may set most browsers to block cookies or to notify you if you receive a cookie.
2.6 Mobile Device and App Data. We may collect limited information from your mobile device in order to provide the Software and/or App. Such information may include your mobile device type, mobile device id, carrier, software permissions, IP address, and date and time stamps of Software and/or App use. In addition, we may deploy tracking technologies within the Software and/or App to help us gather aggregate statistics, but we will not use Personal Information for such purposes. We may also create a unique device identifier that is stored on your mobile device for your use of our Software and/or App.
2.7 Mobile Analytics. We may use mobile analytics software to allow us to better understand the functionality of our Software and/or App on your mobile device. This software may record information such as how often you use the application, the events that occur within the application, aggregated usage, performance data, device ID, and where the application was downloaded from. We do not link the information we store within the analytics software to any Personal Information you submit within Software and/or App.
2.10 Surveys and Contests. We may request information via surveys or contests. Participation in these surveys or contests is completely voluntary and you may choose whether or not to participate and therefore disclose this information. Information requested may include contact information (such as name and address), and demographic information (such as education and age level). Contact information will be used to notify the winners and award prizes. Survey information will be used for purposes of monitoring or improving the use and satisfaction of the Website, Software or App.
2.11 Social Media. When you access and interact with any social media platform with or through the Services, we may collect the personal information that you make available to us on that account, including your account ID and username.
2.12 Video Streaming Services. When you access and interact with any video streaming platform with or through the Services, we may collect the personal information that you make available to us on that account, including your account ID and username.
2.13 Geographic Location Information. The Services are location-based, so in order to function correctly, the Services need to know your geographic location. Whenever you use the Services, we use the location information from your mobile device or browser to tailor the features to your current location. This information is not shared with others. Also, the Services use your mobile device’s background location to provide additional features, including the ability to send you notifications of events near you. If you have background location turned on, the Services, from time to time, tell us about your device’s location even if you are not directly interacting with the Services.
2.14 User Content. You can also decide whether or not to create and publicly share, post or upload content, including text, video, audio, images and other materials (“User Content”). However, any User Content that you share, post or upload may be viewed by all users. Therefore, you must exercise caution and common sense when sharing, posting or uploading information, including any details as to your identity and/or location. THE USER CONTENT THAT YOU SHARE, POST OR UPLOAD TO ALL USERS OF THE SERVICES IS NEITHER PRIVATE NOR CONFIDENTIAL AND YOU SHOULD NOT HAVE ANY EXPECTATION OF PRIVACY WITH RESPECT THERETO.
- Personal Information Use.
3.1 Company Notifications. We will use your Personal Information internally to provide and improve our Services, to contact you in connection with the Services and certain programs or offerings that you may have registered for, to send you updates or news regarding the Services including our products and services, and to identify and authenticate your access to the parts of the Services that you are authorized to access.
3.2 in-Application Notifications. We may send you in-Application notifications regarding the Software and/or App, our Services and third party advertisements.
3.3 Social Media. If you choose to log in to any social media account with or through the Services, we and that service may share certain information about you and your activities. With your permission, we also may share information about your activities on our Services with that social network’s users.
3.4 Disclosure to Other Users. We may disclose Personal Information to other users who use our services if you choose to include Personal Information in your public profile. Your username and location and any other information or content you post publicly will be shared with users when you use the Public Features of our Services.
3.5 Disclosure to Company’s Service Provider. We may disclose Personal Information to WellnessLiving Systems Inc., who is the third-party service provider of the Software.
3.6 Disclosure to Independent Healthcare Professionals. We may disclose Personal Information to independent healthcare professionals (“Healthcare Professionals”) as part of the medical consult process in order to obtain your prescription for a continuous glucose monitoring (CGM) device, as well as to provide you with ongoing nutritional counseling.
3.7 Disclosure to Pharmacy Services. Company partners with independent, third-party pharmacies. You hereby give us consent to our providing to third-party pharmacies all information necessary for such pharmacy to provide you pharmacy services. The types of information Company may provide includes health records provided to Company by you, including health care records and Personal Information.
3.8 Disclosure due to Legal Process . We may access, use, preserve, and share your Personal Information with third parties when we have a good faith belief that it is necessary to: (a) detect, prevent and address fraud and other illegal activity; (b) protect ourselves, you and others, including as part of investigations; and (c) if required to do so by search warrant, subpoena, court order or other legal process. We may also share such information if we believe that you have abused your rights to use the Services or violated an applicable law, or in connection with any dispute between you and us with respect to the Services.
3.9 Change of Control. If we sell all or part of our business, make a sale or transfer of assets, are otherwise involved in a merger or business transfer, or in the event of bankruptcy, we may disclose and transfer your Personal Information to one or more third parties as part of that transaction.
3.10 No Sale of Personal Information. Our policy is that we do not sell, lease, rent or otherwise disclose your Personal Information to third parties other than as described above.
3.11 Do Not Track Notice. Do Not Track (“DNT”) is a setting in a web browser that directs websites not to track your behavior. You can activate the DNT settings through most browsers. We do not track users over time and across third party Websites, so we do not respond to DNT signals.
- Security Measures. The security of Personal Information is important to us. We follow generally accepted industry standards, including the use of appropriate administrative, physical and technical safeguards, to protect the Personal Information that we collect or that is submitted to us. For example, our website is scanned on a regular basis for security and generally known vulnerabilities and all sensitive information you supply is encrypted via Secure Socket Layer (SSL) technology. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your Personal Information, we cannot guarantee its absolute security or confidentiality. If you have any questions about security on the Services, you can contact us at [email protected].
- Opting Out. You may choose not to receive future Software or App-related notifications from us by changing the notification settings on your mobile device. You may also choose not to receive any promotional, advertising, or other emails related to the Services from us by selecting an unsubscribe link at the bottom of each email that you receive from us. Please note that even if you opt out of receiving the foregoing emails, we may still send you a response to any “Contact Us” request as well as administrative emails (for example, in connection with your Account) that are necessary to facilitate your use of the Services. If you choose not to receive certain notifications from us then you may still be able to use the Website, Software and/or App but you may not receive, or may be unable to use, certain services that involve our interaction with you.
- Access to Personal Information. To the extent that you do provide us with Personal Information, Company wishes to maintain accurate Personal Information. If you would like to delete or correct any other of your Personal Information that we may be storing, you may submit a request to us by sending an email to [email protected]. Your email should include adequate details of your request and verification of your identity.
- Children’s Privacy. Our Services are not directed to persons under the age of eighteen (18). Company does not knowingly collect or solicit personal information from anyone under the age of 18 or knowingly allow such persons to register for an account with the Services. If we become aware that we have collected personal information from a child under the age of 18, we will take steps to remove that information. If you believe that we might have any information from or about a child under the age of 18, please contact us at [email protected].
- California Residents. California Civil Code Section 1798.83 permits customers of Company who are California residents to request certain information regarding its disclosure of Personal Information to third parties for their direct marketing purposes. To make such a request, please send an email to [email protected]. Please note that we are only required to respond to one request per customer each year.
- Nevada Residents. If you are a resident of Nevada, you have the right to opt-out of the sale of certain Personal Information to third parties who intend to license or sell that Personal Information. To make such a request, please send an email to [email protected]. Please note that we do not currently sell your Personal information as sales are defined in Nevada Revised Statutes Chapter 603A.
Current policy version: June 1, 2023
Copyright © 2023 FoodFirst, LLC. All rights reserved.
THE WEBSITE IS INTENDED FOR USE ONLY BY HEALTHY ADULT INDIVIDUALS
- User Account. You may choose to register with Company through the Website and create a user account (the “Account”). If you do, you will have access to your Account by providing an email address and password. You are responsible for maintaining the confidentiality of your access information and for controlling access to your Account and your computer. You agree to accept responsibility for all activities that occur under your Account. We may terminate your Account at any time, for any reason or no reason and without prior notice to you.
- User Content.
5.1 Permission. The Website may permit you to create and publicly share, post or upload content, including text, video, audio, images and other materials (“User Content”). You are solely responsible for your own User Content and the consequences of sharing, posting or uploading such content on the Website.
5.3 Public Display. You understand that User Content will be displayed publicly. Company does not control, take responsibility for or assume liability for any User Content, or any loss or damage related to User Content.
5.5 Monitoring and Removal. Company has the right, but not the obligation, to monitor the User Content in order to determine compliance with the terms of this license and any operating rules established by Company, as well as to satisfy any law, regulation, or authorized government request. Company has the right to remove any User Content that we, in our sole discretion, view as a violation of terms of this license, or for any other reason.
5.6 Geographic Location Information. As part of your use of the Website and Services you may be provided with the opportunity to upload and post content to the Website and Services regarding your geographic location. Therefore, you must exercise caution and common sense when submitting personal information to the public, including any details as to your identity and/or location. You are solely responsible for the submission of your geographic location and the consequences of publishing such personal information on the Website.
- Third Party Services, Websites and Social Media.
7.1 Third Party Services and Websites. As part of your use of the Website and Services, you may be provided with the opportunity to access third party services and websites via outbound hyperlinks (collectively and individually, “Third Party Materials”). You agree to use the Third Party Materials at your sole risk and that Company shall not have any liability to you for content that may be found to be offensive, indecent, or objectionable. Company is not responsible for examining or evaluating the content, accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect of such Third Party Materials. Company does not warrant or endorse such Third Party Materials, and does not assume any liability or responsibility to you or any other person for any Third Party Materials, or for any other materials, products, or services of third parties. Third Party Materials and links to other websites are provided by Company solely as a convenience to you.
7.2 Social Media. As part of your use of the Website and Services, you may be provided with the opportunity to access third party social media platforms. You agree to use any social media platform at your sole risk and that Company shall not have any liability to you for content that may be found to be offensive, indecent, or objectionable. Company is not responsible for examining or evaluating the content, accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect of such social media platform. You agree to take reasonable precautions with posting on a social media platform with regards to your personal information and/or geographic location. Further, you agree to take reasonable precautions in all interactions with other social media platform users, particularly if you provide such users with personal information and/or decide to meet such a user offline, or in person. You are solely responsible for the submission of your personal information and/or geographic location and the consequences of publishing such information on a social media platform.
7.3 Video Streaming Services. As part of your use of the Software, you may be provided with the opportunity to access third party video streaming platforms. You agree to access and use any video streaming platform at your sole risk and that Company shall not have any liability to you for content that may be found to be offensive, indecent, or objectionable. Company is not responsible for examining or evaluating the content, accuracy, completeness, timeliness, validity, copyright compliance, legality, decency, quality or any other aspect of such video streaming platform. You agree to take reasonable precautions with broadcasting on a video streaming platform with regards to your personal information and/or geographic location. Further, you agree to take reasonable precautions in all interactions with other video streaming platform users, particularly if you provide such users with personal information and/or decide to meet such a user offline, or in person. You are solely responsible for the submission of your personal information and/or geographic location and the consequences of publishing such information on a video streaming platform.
7.4 Dexcom CGM Data. To the extent that your use of the Website includes data received or otherwise generated from any Dexcom, Inc. (“Dexcom”) continuous glucose monitoring (CGM) device (collectively, “Dexcom CGM Data”), you acknowledge and agree that such Dexcom CGM Data is provided by Dexcom without any warranty or other terms that contradict, expand or differ from the express warranties and terms published or otherwise made available by Dexcom. For additional information, please refer to the materials included with your Dexcom CGM device.
- DISCLAIMER OF WARRANTY. COMPANY HEREBY DISCLAIMS ANY AND ALL WARRANTIES WITH RESPECT TO THE WEBSITE, CONTENT AND SERVICES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF FITNESS FOR PARTICULAR PURPOSES OR MERCHANTABILITY, NON-INFRINGEMENT, SATISFACTORY QUALITY, INTEGRATION, OR LIABILITY ARISING FROM ANY COURSE OF DEALING, USAGE OF TRADE, OR TRADE PRACTICE. YOU AGREE THAT THE WEBSITE, CONTENT AND SERVICES ARE BEING PROVIDED “AS IS” AND THAT COMPANY HAS MADE NO EXPRESS WARRANTIES REGARDING THE WEBSITE, CONTENT AND SERVICES. THE ENTIRE RISK AS TO FUNCTIONALITY AND OPERATION OF THE WEBSITE, CONTENT AND SERVICES LIES WITH YOU, AND COMPANY ASSUMES NO RISK OR OBLIGATION IN CONNECTION THEREWITH.
Some jurisdictions do not allow the exclusion of implied warranties, or have legislation that imposes certain statutory warranties that cannot be excluded, so the above exclusion may not apply to you.
- LIMITATION OF LIABILITY. YOUR USE OF THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS IS ENTIRELY AT YOUR OWN RISK. UNDER NO CIRCUMSTANCE WILL COMPANY, ITS AGENTS, LICENSORS OR SUPPLIERS BE LIABLE TO YOU ON ACCOUNT OF YOUR USE OR MISUSE OF, OR RELIANCE ON, THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS. TO THE EXTENT PERMITTED BY LAW, IN NO EVENT WILL COMPANY, ITS LICENSORS, SUPPLIERS OR DEALERS BE LIABLE TO YOU FOR ANY ACTUAL, DIRECT, INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING ANY LOST PROFITS, LOST SAVINGS, COSTS OF PROCUREMENT OF SUBSTITUTE PRODUCTS OR SERVICES OR OTHER DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. COMPANY SHALL NOT BE LIABLE FOR (I) ANY FAILURE OR PERFORMANCE, ERROR, OMISSION, INTERRUPTION, DEFECT, DELAY IN OPERATION OR TRANSMISSION, COMPUTER VIRUS OR LINE OR SYSTEM FAILURE (INCLUDING LOST PROFITS, LOSS OF BUSINESS, LOSS OF OR DAMAGE TO DATA, BUSINESS INTERRUPTION, AND DAMAGES THAT RESULT FROM INACCURACY OF THE INFORMATION OR INCONVENIENCE, DELAY, OR LOSS OF THE USE OF THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS); (II) PERSONAL INJURY OR PROPERTY DAMAGE, OF ANY NATURE WHATSOEVER, RESULTING FROM YOUR ACCESS TO AND USE OF THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS; (III) ANY BUGS, VIRUSES, TROJAN HORSES, OR OTHER MALICIOUS CODE WHICH MAY BE TRANSMITTED TO OR THROUGH THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS BY ANY THIRD PARTY; (IV) FOR ANY BREACH OF SECURITY ASSOCIATED WITH THE TRANSMISSION OF INFORMATION THROUGH THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS, OR FOR ANY INFORMATION OBTAINED OR DOWNLOADED FROM THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS, OR OTHERWISE ARISING OUT OF THE USE OF THE SAME; OR (V) DEFAMATORY, OFFENSIVE, INAPPROPRIATE, OR ILLEGAL CONTENT OR USER SUBMISSIONS OR THE CONDUCT OF ANY THIRD PARTY. THE FOREGOING LIMITATION OF LIABILITY WILL APPLY TO THE FULLEST EXTENT PERMITTED BY LAW IN THE APPLICABLE JURISDICTION AND IN NO EVENT WILL COMPANY’S CUMULATIVE LIABILITY TO YOU EXCEED ONE-QUARTER OF WHAT YOU HAVE ACTUALLY PAID COMPANY DURING THE SIX MONTH PERIOD PRECEDING THE DATE SUCH LIABILITY AROSE.
Some jurisdictions do not allow the limitation or exclusion of liability for incidental or consequential damages, or have legislation that restricts the limitation or exclusion of liability, so the above limitation may not apply to you.
- ADDITIONAL DISCLAIMERS. THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS, OR THE RESULTS TO BE OBTAINED FROM THE USE OF THE INFORMATION ON THE WEBSITE, IS NOT INTENDED TO PROVIDE LEGAL, FINANCIAL, ACCOUNTING, TAX OR OTHER ADVICE, AND SHOULD NOT BE RELIED UPON AS PROFESSIONAL ADVICE. ANY MATERIAL DOWNLOADED OR OTHERWISE OBTAINED THROUGH THE USE OF THE WEBSITE, CONTENT, SERVICES AND RELATED GOODS IS DONE AT YOUR OWN DISCRETION AND RISK AND YOU ARE SOLELY RESPONSIBLE FOR ANY DAMAGE TO YOUR COMPUTER SYSTEM OR LOSS OF DATA THAT RESULTS FROM THE DOWNLOADING OF ANY SUCH MATERIAL, INCLUDING ANY DAMAGES RESULTING FROM COMPUTER VIRUSES.
- Copyright Infringement Notice and Takedown Policy.
14.1 Copyright Agent. In accordance with the provisions of the Digital Millennium Copyright Act, 17 USC § 512, the designated agent to receive notices of claims of copyright infringement for Company is:
c/o CRAFT CHU PLLC
1204 Heights Boulevard
Houston, TX 77008
14.2 Notification. If you believe your copyright has been infringed, you may provide us with notice. To be effective, the notification must be a written communication that includes the following: (a) physical or electronic signature of a person authorized to act on behalf of the owner of an exclusive right that is allegedly infringed; (b) identification of the copyright work claimed to have been infringed, or, if multiple copyrighted works at a single online site are covered by a single notification, a representative list of such works at that site; (c) identification of the material that is claimed to be infringing or to be the subject of infringing activity and that is to be removed or access to which is to be disabled, and information reasonably sufficient to permit us to locate the material; (d) information reasonably sufficient to permit us to contact the complaining party, such as an address, telephone number, and, if available, an electronic mail address at which the complaining party may be contacted; (e) a statement that the complaining party has a good faith belief that use of the material in the manner complained of is not authorized by the copyright owner, its agent, or the law; and (f) a statement that the information in the notification is accurate, and under penalty of perjury, that the complaining party is authorized to act on behalf of the owner of an exclusive right that is allegedly infringed.
14.3 Counter Notification. We may give notice to our users that we have received a notice of infringement by means of a general notice on our Website, electronic mail to a user’s electronic mail address in our records, or by written communication sent by first-class mail to a user’s physical address in our records. If you receive such a notice, you may provide counter-notification in writing to the designated agent that includes the information below. To be effective, the counter-notification must be a written communication that includes the following: (a) your physical or electronic signature; (b) identification of the material that has been removed or to which access has been disabled and the location at which the material appeared before it was removed or access to it was disabled; (c) a statement under penalty of perjury that the you have a good faith belief that the material was removed or disabled as a result of mistake or misidentification of the material to be removed or disabled; and (d) your name, physical address and telephone number, and a statement that you consent to the jurisdiction of a Federal District Court for the judicial district in which your physical address is located, or if your physical address is outside of the United States, for the judicial district in which our offices are located, and that you will accept service of process from the person who provided notification of allegedly infringing material or an agent of such person.
The aforementioned responsibilities are required of Company in order to comply with the Digital Millennium Copyright Act, and will automatically be amended to incorporate any changes, amendments or modifications made thereto.
- Compliance with Law Including Export Control. Company and the Website are located in the United States. The United States controls the export of products and information. You agree to comply with all such applicable restrictions and not to export or re-export the Website, Content and Services (including any software) to countries or persons prohibited under the United States or other applicable export control laws or regulations. If you access and download the Content (including any software), you represent that you are not in a country where such export is prohibited or are not a person or entity to which such export is prohibited. You are solely responsible for compliance with the laws of your local jurisdiction and any other applicable laws regarding the import, export, or re-export of the Website, Content and Services (including any software).
Copyright © 2023 FoodFirst, LLC. All rights reserved.
Notice of Privacy Practices
Effective Date: June 1, 2023
THIS NOTICE OF PRIVACY PRACTICES (THIS “NOTICE”) DESCRIBES HOW YOUR PROTECTED HEALTH INFORMATION (“PHI” AS DEFINED BY THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (“HIPAA”)) MAY BE USED AND DISCLOSED WHEN YOU USE SERVICES PROVIDED THROUGH FOODFIRST, LLC, D/B/A SLIMLOGIX AND ITS AFFILIATED PRACTICES AND PROVIDERS.
SlimLogix is committed to maintaining the privacy of your PHI. We are required by law to: (a) provide you with this Notice of our legal duties and privacy practices with respect to your PHI; (b) follow the terms of the Notice currently in effect; and (c) notify you if there is a breach of your PHI. We must also provide you with information regarding: (a) how we may use and disclose your PHI; (b) your privacy rights; and (c) our obligations concerning the use and disclosure of your PHI.
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS DOCUMENT CAREFULLY. PLEASE NOTE THAT USING THIS WEB SITE DOES NOT CONSTITUTE A DOCTOR–PATIENT RELATIONSHIP AND THIS DOCUMENT DOES NOT APPLY UNTIL AFTER YOU HAVE BECOME A MEMBER OF SLIMLOGIX.
I. USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION.
A. Routine Uses and Disclosures of Protected Health Information. SlimLogix is permitted under federal law to use and disclose PHI for certain purposes, including treatment, payment, and health care operations. Generally, we do not need your permission for these uses or disclosures under applicable laws. The following are examples of the types of routine uses and disclosures of PHI that we are permitted to make without your permission. Although this list is not exhaustive, it should give you an idea of the routine uses and disclosures we are permitted to make without your permission.
- For Treatment: We keep a record of your PHI, which may include lab results, diagnoses, medications, your response to medications or other therapies, and information we learn about your health by providing the Services. We may use and disclose this information and other PHI to provide, coordinate, and/or manage your treatment and inform you of treatment alternatives and other health related benefits, products and services that may be of interest to you. We may use and disclose this information and other PHI to health care professionals (including without limitation Providers) and/or other third parties to provide, coordinate, and manage the delivery of your health care. For example, we may disclose your PHI to a pharmacy to fill a prescription, to a laboratory to order a test, or to another specialist for consultation.
- For Payment: We may use and disclose your PHI, as needed, to bill and obtain payment for the health care services provided to you. We may disclose your PHI to health care providers (including without limitation Providers), health plans, and health care clearinghouses for their payment activities. For example, we may use and disclose PHI about you to receive payment for our services, manage your account, and fulfill our responsibilities under your health plan.
- For Health Care Operations: We may use or disclose your PHI in order to support the business activities of the Practices. These activities may include, but are not limited to, reviewing our treatment and services, improving the services we provide, training and evaluating the performance of our staff in providing services, and providing customer service. We may also use your PHI to evaluate and improve services provided by our business associates, including those that provide data assessment and management and other services for or on our behalf.
B. Uses and Disclosures That May Be Made Without Your Authorization or Opportunity to Object. SlimLogix may use or disclose your PHI in the following situations without your authorization and without providing you an opportunity to object:
- Required by the Secretary of Health and Human Services: We may be required to disclose your PHI to the Secretary of Health and Human Services to investigate or determine our compliance with the requirements of the HIPAA Privacy Rule.
- Required By Law: We may use or disclose your PHI to the extent that the use or disclosure is required by federal, state, or local law.
- Public Health: We may disclose your PHI for public health activities, such as tracking diseases and/or medical devices, which may include making disclosures to a public health authority or other government agency that is permitted by law to collect or receive the information (e.g., the Food and Drug Administration). These activities generally include the following: (a) to prevent or control disease, injury or disability; (b) to report births and deaths; (c) to report child abuse or neglect; (d) to report reactions to medications or problems with products; (e) to notify people of recalls of products they may be using; or (f) to notify a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition. If we keep genetic testing information about you, we will release that information only to the state departments that monitor our work or if required by law to release that information.
- Health Oversight: We may disclose PHI to a health oversight agency for oversight activities authorized by law, such as audits; civil, administrative or criminal investigations; inspections; licensure or disciplinary actions; civil, administrative or criminal proceedings or actions; or other activities necessary for the oversight of the health care system, government benefit programs or entities subject to government regulations or civil rights laws. Oversight agencies include government agencies that oversee the health care system, government benefit programs, other government regulatory programs and civil rights laws.
- Abuse or Neglect: If you have been a victim of abuse, neglect, or domestic violence, we may disclose your PHI to a government agency authorized to receive such information. In addition, we may disclose your PHI to a public health authority that is authorized by law to receive reports of child abuse or neglect.
- Judicial and Administrative Proceedings: We may disclose your PHI in response to an order of a court or administrative tribunal, and, in certain conditions, in response to a subpoena, discovery request or other lawful process.
- Law Enforcement: We may disclose your PHI, so long as applicable legal requirements are met, for law enforcement purposes, such as providing information to the police about the victim of a crime.
- Coroners and Funeral Directors: We may disclose your PHI to a coroner, medical examiner, or funeral director if it is needed to perform their legally authorized duties – for example to identify a deceased person, determine a cause of death, or as authorized by law.
- Organ Donation: If you are an organ donor, we may disclose your PHI to organ, eye or tissue donation or procurement organizations as necessary to facilitate organ, eye or tissue donation, procurement or transplantation.
- Research: Under certain circumstances, we may use and disclose your PHI for internal and external research purposes to, among other things, develop and improve our services and products. Under certain circumstances, we may disclose your PHI to organizations that support medical research or that find, investigate, or cure diseases.
- Serious Threat to Health or Safety: We may disclose your PHI if we believe it is necessary to prevent a serious threat to health or safety of a person or the public and it is to someone we reasonably believe is able to prevent or lessen the threat.
- Specialized Government Functions: When the appropriate conditions apply, we may disclose PHI for purposes related to military or national security concerns, such as for the purpose of a determination by the Department of Veterans Affairs of your eligibility for benefits. If you are a member of the armed forces, we may release PHI about you as required by military command authorities. We may also release PHI about foreign military personnel to the appropriate foreign military authority.
- National Security and Intelligence Activities: We may disclose your PHI to authorized federal officials for intelligence, counterintelligence, protection of the President, other authorized persons or foreign heads of state, for purpose of determining your own security clearance and other national security activities authorized by law.
- Workers' Compensation: We may disclose your PHI to workers’ compensation carriers or your employer if you are injured at work, as authorized by, or to the extent necessary, to comply with workers' compensation laws and other similar programs. If you do not want workers’ compensation notified, alternate insurance or payment information must be supplied.
- For Appointment Reminders and Health-Related Benefits and Services: We may use your PHI to contact you as a reminder that you have an appointment or to recommend possible treatment options or alternatives that may be of interest to you.
- For Marketing Activities: We may use your PHI to contact you in an effort to encourage you to purchase or use a product or service. If we receive any direct or indirect payment for making such a communication, however, we would need your prior written permission to do so unless our communications (a) describes only a drug or medication that is currently being prescribed for you and our payment for the communication is reasonable in amount or (b) is made by one of our business partners consistent with our written agreement with such business partner.
- Inmates: We may use or disclose your PHI to a correctional facility if you are an inmate of such correctional facility and we created or received your PHI in the course of providing care to you, which PHI may include information necessary for the correctional facility to provide you with health care or protect your health and safety, the health and safety of others, or the safety and security of the institution.
- Business Associates: We may disclose your PHI to persons or entities who perform functions, activities or services to us or on our behalf that require the use or disclosure of PHI. To protect your health information, we require the business associate to appropriately safeguard your information.
- De-identified Information: We may de-identify your PHI for any of the purposes described above. PHI that is de-identified in accordance with the HIPAA standards is no longer protected under HIPAA and may be used and disclosed for any lawful purpose, including certain research related purposes.
C. Uses and Disclosures That May Be Made either With Your Agreement or the Opportunity to Object. Unless you specifically object in whole or in part (which you may do at any time), SlimLogix may disclose to a member of your family, a relative, a friend, or any other person you identify (orally or in writing) as being involved in your care or the payment for your health care, such PHI that directly relates to that person's involvement in your health care. If you are unable to agree or object to such disclosure, we may disclose the information that we deem necessary and in your best interest, based on our professional judgment. In addition, we may use or disclose your PHI to notify or assist in notifying a family member, personal representative, or other person responsible for your care, of your location or general condition.
D. Uses and Disclosures of Protected Health Information Based upon Your Written Authorization. SlimLogix may use or disclose your PHI in the following situations only after receiving your written authorization:
- Psychotherapy Notes: We must obtain your written authorization for most uses and disclosures of psychotherapy notes.
- Marketing: We must obtain your written authorization to use and disclose your PHI for most marketing purposes (as defined by HIPAA), except as noted above.
- Sale of PHI: We must obtain your written authorization for any disclosure of your PHI which constitutes a sale of PHI.
- Other Uses: Uses and disclosures of your PHI not described above, or otherwise permitted by HIPAA, will be made only with your written authorization unless otherwise permitted or required by law. If you sign an authorization to release your PHI, you may revoke that authorization in writing. Revocation will stop any future release of your PHI but will not change what was released pursuant to the valid authorization. To the extent required by law, when using or disclosing your PHI or when requesting your PHI from another covered entity, we will make reasonable efforts not to use, disclose or request more than a “limited data set” (as defined by HIPAA) of your medical information, or, if needed by us, no more than the minimum amount of medical information necessary to accomplish the intended purpose of the use, disclosure or request, taking into consideration practical and technological limitations.
E. We Use an Electronic Health Record to Create, Store and Maintain your Medical Record. To help improve your medical care, SlimLogix utilizes an electronic health record (“EHR”) to create, store and maintain your medical record. The EHR allows us to send and receive your PHI to and from other Providers who have treated you and who also use the EHR, but only if the reason we or another Provider seeks your PHI is also to provide you with treatment, obtain payment for your medical treatment, or to perform other administrative tasks permitted by our privacy policies and law. Providers will not send or receive your PHI through the EHR for any other purposes.
F. Electronic Disclosure. We are required by law to provide notice to you if your medical information is subject to electronic disclosure. This Notice serves as general notice that we may disclose your PHI electronically for treatment, payment, or health care operations or as otherwise authorized or required by state or federal law.
II. YOUR RIGHTS REGARDING YOUR PROTECTED HEALTH INFORMATION.
You have certain rights regarding your PHI as explained below. You may exercise these rights by submitting a request to [email protected].
A. You have the right to inspect and copy portions of your PHI. If you want to see or get a copy of your PHI that is contained in a designated record set (e.g., medical and billing records), you must make the request in writing. You have the right to request that we provide your PHI to you in either paper or electronic format. We are required to provide you with such PHI within 30 days after receipt of your written request (or less if directed by state law) (with up to a 30-day extension if needed). We may charge you a reasonable fee to cover duplication, mailing and other costs incurred by us in complying with your request. There are certain situations when we may deny your request for access to your PHI; if we do, we will inform you why we denied your request. For example, we may deny your request if we believe the disclosure will endanger your life or that of another person. Depending on the circumstances of the denial, you may have the right to have this decision reviewed.
B. You have the right to request that we restrict how we use or disclose your PHI. You have the right to request a restriction or limitation on the PHI we use or disclose about you for purposes of treatment, payment or health care operations. You also have the right to request a limit on the PHI we disclose about you to someone who is involved in your care or the payment of your care, like a family member or friend. Your request must state the specific restriction requested and to whom you want the restriction to apply. We are not required to agree to a requested restriction except that we must agree to not disclose your PHI to your health plan if the disclosure (a) is for payment or health care operations (and not treatment purposes) and is not otherwise required by law and (b) relates to a health care item or service for which we have been paid in full out-of-pocket. If we agree with (or are required to honor) your request, we will put any limits in writing and abide by them except in emergency situations. You may not restrict any use or disclosure of your PHI if we are legally required to release such PHI.
C. You have the right to request to receive confidential communications from us by alternative means or at an alternative location. You have the right to request that we communicate with you in a certain way (for example, email instead of regular mail) or at a certain location (for example, sending information to your work address rather than your home address). We will accommodate reasonable requests as long as we can easily provide it in the format you requested. Any additional expenses will be passed on to you for payment.
D. You have the right to request a correction or update of your PHI. If you believe there is a mistake in your PHI or that a piece of important information is missing, you have the right to request that we correct the existing or add the missing information.) We can do this for as long as we maintain the PHI. You must provide the request and your reason for the request in writing. We will respond to your request within 60 days (or less if directed by state law) of receiving your request (with up to a 30-day extension if needed). If we approve your request, we will make the change to your PHI, tell you that we have done it, and tell others who need to know about such change or amendment. If we determine that your PHI is accurate and complete, we may deny your request. If we deny your request, we will send you a written explanation stating our reasons and explain your right to file a written statement of disagreement. If you do not file a written statement of disagreement, you have the right to request that your request and our denial be attached to all future uses or releases of your PHI.
If you are a California resident, you have the right to submit a 250-word addendum about anything in your record you disagree with. If you tell us to, we will put this addendum in your medical record. We may add a written rebuttal to the addendum and we will supply you with a copy of this rebuttal.
E. You have the right to receive a list of when and to whom we have disclosed your PHI (an “accounting of certain disclosures”). This accounting will not include disclosures made for treatment, payment, and health care operations purposes or any disclosures we may have made directly to you. If you request an accounting, you must specify the time period, which may not be longer than 6 years. You have the right to one free request within any 12-month period and we may charge you for any additional requests in the same 12-month period. We will notify you of any such charges and you are free to withdraw or modify your request in writing before any charges are incurred. We will respond to your request within 60 days (with up to a 30-day extension if needed).
F. You have the right to Choose Someone to Act for You. You may give someone the right to act for you (examples: legal guardian, authorized representative, and power of attorney). That person can exercise your rights and make choices about your PHI. We will make sure the person has this authority and can act for you before we take any action.
III. NOTIFICATION OF BREACH.
We are required by law to maintain the privacy and security of your PHI. We will let you know promptly if a breach occurs that may have compromised the privacy or security of your PHI.
IV. NO WAIVER
SlimLogix will never require you to waive your rights under the HIPAA Privacy Rule or the HIPAA Breach Notification Rule as a condition for receiving services or treatment.
V. NONDISCRIMINATION AND ACCESSIBILITY NOTICE. We comply with applicable Federal civil rights laws and do not discriminate on the basis of race, color, national origin, age, disability, or sex. We provide free aids and services to people with disabilities to communicate effectively with us, such as (a) qualified sign language interpreters, and (b) written information in other formats (e.g., large print, audio, accessible electronic formats). We also provide free language services to people whose primary language is not English, such as (a) qualified interpreters, and (b) information written in other languages. You can request these services at any time by emailing [email protected].
VI. CHANGES TO THIS NOTICE & COMPLAINTS
A. Changes: We reserve the right to modify this Notice and our privacy practices as described herein at any time. Any revision or amendment to this Notice will be effective for all of your records that we created or maintained in the past and for any of your records that we may create or maintain in the future. Our current Notice will always be available on our company website located at https://slimlogixsystem.com/privacy and you can request a paper copy at any time by emailing [email protected].
B. Complaints: If you have questions about this Notice of Privacy Practices, you believe that we have violated your privacy rights, or you disagree with a decision we made about access to your PHI, please contact SlimLogix’s Privacy Officer at [email protected].
You may also file a complaint with the Office of Civil Rights of the U.S. Department of Health and Human Services at the following address:
U.S. Department of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W.
Washington, D.C. 20201
C. No retaliation: We will not retaliate against you in any way for filing a complaint with us, the U.S. Department of Health and Human Services, or any state agency. We will not require you to waive your right to file a complaint as a condition of the provision of services.