HIPAA – NOTICE OF PRIVACY
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION.
PLEASE REVIEW IT CAREFULLY
OUR LEGAL DUTIES
- Luxottica of America Inc. (“Luxottica”), including all direct and indirect subsidiaries, is committed to protecting your privacy. This Notice tells about the uses and disclosures we make of your personal health information, including certain rights that you have, and obligations we are bound to, with respect to such information.
We are required by applicable federal and state law to do the following:
- Maintain the privacy and safeguard the security of your health information;
- Give you this Notice about our privacy practices, our legal duties, and your rights concerning your health information;
- Notify you, along with all other affected individuals, of a breach of unsecured health information; and
- Follow the privacy practices that are described in this Notice while it is in effect.
- This Notice takes effect April 1, 2019, and will remain in effect until we replace it. We reserve the right to change our privacy practices and the terms of this Notice at any time, provided such changes are permitted by applicable law.
- We reserve the right to make the changes in our privacy practices and this Notice, effective for all health information that we maintain, including health information we created or received before we made the changes. In the event we make a material change in our privacy practices, we will change this Notice and provide it to you or it can be viewed on our website. You may request a copy of our Notice at any time. For more information about our privacy practices, or for additional copies of this Notice, please contact us using the information listed at the end of this Notice.
USES AND DISCLOSURES OF HEALTH INFORMATION
- We use health information about you for treatment, to obtain payment for treatment, for administrative purposes, and to evaluate the quality of care and service that you receive. Your health information is contained in a medical or optical dispensary record that is the physical property of Luxottica. Your health information consists of any information, whether in oral or recorded form, that is created or received by us and individually identifies you, and that relates to your past, present or future physical or mental health or condition; the provision of health care to you; or the past, present or future payment for the provision of health care to you.
How We May Use or Disclose Your Health Information
We may use or disclose your health information to an optometrist, ophthalmologist,
optician or other health care providers providing treatment to you. This may include:
- the provision, coordination, or management of health care;
- consultation between health care providers relating to your care;
- referring you to another health care provider; or
- appointment reminders and recall information.
We may use and disclose your health information to facilitate payments of benefits for
treatment and services provided to you. This may include:
- billing and collection activities and related data processing;
- submitting claims to your health or vision coverage;
- disclosure to consumer reporting agencies of information relating to collection of payments.
For Health Care Operations
We may use and disclose health information about you for our health care
operational purposes. For example, your health information may be used or disclosed to:
- conduct quality assessments and improvement activities;
- conduct training programs or credentialing activities;
- conduct or arrange for medical review, legal services, audit services, fraud and abuse detection and compliance programs;
- determine how to continually improve the quality and effectiveness of the products, service and care we provide, including customer satisfaction surveys and data analyses;
- properly manage our business;
- business plan and development, including acquisitions, mergers and consolidations; and
- communicate with you concerning (a) a health-related product or service that is provided by us, (b) your treatment, or (c) case management, care coordination, or to recommend alternative treatments, therapies, providers or settings for care to the extent such activities are not within your current treatment.
To You, Your Family and Friends
- We must disclose your health information to you, as described in the Your Health Information Rights section of this Notice. We may disclose your health information to a family member, friend or other person to the extent necessary to help with your health care or with payment for your health care, but only if you agree that we may do so or, if you are not able to agree, if it is necessary in our professional judgment.
Location and Notification
- We may use or disclose your health information to notify, or assist in the notification of (including identifying or locating) a family member, your personal representative or another person responsible for your care, of your location or your general condition. We will make this type of disclosure only if you agree that we may do so or, if you are not able to agree, if it is necessary in our professional judgment.
Required by Law
We may use and disclose information about you as required by applicable law. In
addition, we may disclose information for the following purposes:
- for judicial and administrative proceedings pursuant to court order or specific legal authority;
- pursuant to a shared/joint custody and child care or support arrangement authorized by law or court order;
- to report information related to victims of abuse, neglect or domestic violence;
- to assist law enforcement officials in their law enforcement duties; or
- to assist public health, safety or law enforcement officials avert a serious threat to the health or safety of you or any other person.
Personal Representatives; Decedents
- We may disclose your health information to your personal representatives authorized under applicable law, such as a guardian, power of attorney for health care, or court-appointed administrator. Your health information may also be disclosed to executors, legally authorized family members, funeral directors or coroners to enable them to carry out their lawful duties upon your death.
- Your health information may be used or disclosed for cadaveric organ, eye or tissue donation purposes, provided we follow applicable laws.
- Specialized government functions such as protection of public officials or reporting to various branches of the armed services that may require use or disclosure of your health information.
- Your health information may be used or disclosed in order to comply with laws and regulations related to Worker Compensation.
Marketing Products or Services
- “Marketing” means to make a communication to you that encourages you to purchase or use a product or service. We will not use or disclose your health information for marketing communications without your prior written authorization, except in the narrow circumstances permitted by HIPAA. We may also provide you with information regarding products or services that we offer related to your health care needs, provided that we are not paid or otherwise receive compensation for such communications.
- We are also permitted to communicate with you regarding, treatment, case management or care coordination (including recommending alternative treatments, providers or settings for care). However, if we will receive compensation (directly or indirectly) in return for making any such communications, we must first obtain your written authorization, unless the communication describes only a drug or biologic that is currently prescribed for you and any compensation we receive relates solely to the cost of making the communication. This requirement does not apply to any payment or compensation for providing treatment to you.
Sale of Your Health Information
- We will never sell your health information without your prior authorization, except in the narrow circumstances permitted by HIPAA. Under HIPAA, we, or our business associate, may receive compensation (directly or indirectly) related to an exchange of your health information for the following purposes: (a) public health activities; (b) research purposes (if the price charged reflects the cost of preparation and transmittal of the information); (c) payment or compensation for your treatment; (d) health care operations related to the sale, merger or consolidation of all or part of our business; (e) performance of services by a business associate on our behalf; (f) providing you with a copy of your health information; or (g) other reasons determined necessary or appropriate by applicable laws or regulations.
- You may give us written authorization to use your health information or to disclose it to anyone for any purpose. We will not condition your current or future treatment on the basis of providing an authorization. If you give us an authorization, you may revoke it in writing at any time. Your revocation will not affect any use or disclosures permitted by your authorization while it was in effect. Unless you give us a written authorization, we cannot use or disclose your health information for any reason except those described in this Notice.
To a Business Associate
- A Business Associate is a person or entity that helps Luxottica provide its services to you. We will only disclose your health information to Business Associates who have agreed in writing to protect that information as required by HIPAA.
Organized Health Care Arrangement (“OHCA”)
- If we are a member of an OHCA, we may disclose your Protected Health Information to another member of the OHCA for the health care operations of the OHCA.
YOUR HEALTH INFORMATION RIGHTS
- You have the right to review or get copies of your health information, with limited exceptions. You may request that we provide copies in a format other than photocopies. We will use the format you request unless we cannot practicably do so. You may be asked to make a request in writing to obtain access to your health information. You may obtain a form to request access by using the contact information listed at the end of this Notice. We may charge you a reasonable cost based fee for expenses such as copies and staff time. You may also request access by sending us a letter to the address at the end of this Notice setting forth the specific information to which you desire access. If you request an alternative format, provided that it is practicable for us to produce the information in such format, we may charge a cost-based fee for preparing and transmitting your health information in that format. If you prefer, we will prepare a summary or an explanation of your health information for a cost-based fee. If we use or maintain an electronic health record (“EHR”) with respect to your care, you have the right to request a copy of your information in electronic format, and to direct us to transmit a copy of your information to a third party designated by you; and our fee may not exceed our labor costs in responding to such request. Please contact us using the information listed at the end of this Notice for a full explanation of our fee structure.
- You have the right to receive a list of instances in which we or our business associates disclosed your health information for purposes other than treatment, payment, health care operations, where you have provided an authorization and certain other activities, for the last 6 years (or a shorter period if our relationship with you has existed for less than 6 years).
- If you request this accounting more than once in a 12 month period, we may charge you a reasonable, cost based fee for responding to these additional requests.
- With respect to disclosures made by our business associates, we may choose to provide you with a list of business associates acting on our behalf, along with their contact information, who must provide you with the accounting upon a request made directly by you to such entities.
- You have the right to request that we place additional restrictions on our use or disclosure of your health information. Except as noted below, we are not required to agree to these additional restrictions, but if we do, we will abide by our agreement (except in an emergency). Upon your request, and except as otherwise required by law, we will not disclose your health information to a health plan for purposes of payment or health care operations when the information relates solely to a service/product for which you paid out-of-pocket in full.
- You have the right to request in writing that we communicate with you about your health information by alternative means or to alternative locations. Your request must specify the alternative means or location, and provide satisfactory explanation how payments will be handled under the alternative means or location you request.
- You have the right to request that we amend your health information. Your request must be in writing, and it must explain why the information should be amended. We may deny your request under certain circumstances. You may obtain a form to request an amendment to your health information by using the contact information listed at the end of this Notice.
- If you receive this Notice on our website or by electronic mail (email), you are entitled to receive this Notice in written form, as well.
Breach of Unsecured Health Information:
- If we discover that your health information has been breached (for example, disclosed to or acquired by an unauthorized person, stolen, lost, or otherwise used or disclosed in violation of applicable privacy law) and the privacy or security of the information has been compromised, we must notify you of the breach without unreasonable delay and in no event later than 60 days following our discovery of the breach.
PRIVACY QUESTIONS AND COMPLAINTS
- If you want more information about our privacy practices or have privacy questions or concerns, please contact us. If you are concerned that we may have violated your privacy rights, or you disagree with a decision we made about access to your health information or in response to a request you made to amend or restrict the use or disclosure of your health information or to have us communicate with you by alternative means or at alternative locations, you may complain to us using the contact information listed at the end of this Notice. You may separately choose to file a complaint with the U.S. Department of Health and Human Services, Office of Civil Rights (OCR), by completing a Health Information Privacy Complaint Form (available at http://www.hhs.gov/ocr/privacy/hipaa/complaints/hipcomplaintform.pdf) and sending to the applicable OCR Regional Office listed on the form, or by calling 1-800-368-1019 for instructions and contact information. An electronic complaint may be filed at http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html. You must file a complaint with OCR within 180 days (6 months) after the occurrence of the act or omission giving rise to your complaint.
- We support your right to the privacy of your health information. We will not retaliate in any way if you choose to file a complaint with us or with the Office of Civil Rights.
If you have questions or wish to contact us about this Policy, please direct inquiries to:
Privacy Office Luxottica of America Inc.
4000 Luxottica Place
Mason, Ohio 45040