Privacy Policy
NOTICE OF PRIVACY PRACTICES
Effective February 16, 2026
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO YOUR MEDICAL INFORMATION. PLEASE REVIEW THIS NOTICE CAREFULLY.
OUR COMMITMENT TO YOUR PRIVACY
Norfolk Medical Group (hereinafter referred to as “NMG” and sometimes “we” or “us”) is dedicated to maintaining the privacy of your personal health information. In conducting our business, NMG creates and maintains identifiable information about you and the medical treatment and healthcare items/services that we provide for you (collectively, your “Information”). NMG is subject to, and must comply with the requirements of, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and other laws protecting the confidentiality, security, and availability of your Information. We are required by HIPAA to provide you with this Notice of Privacy Practices (this “Notice”) describing our legal duties and privacy practices. NMG may make changes to its Notice of Privacy Practices from time to time. By law, we must follow the terms of the Notice that is in effect at the time.
This Notice describes how NMG may use and disclose your Information, including your medical history, symptoms, examination and test results, diagnoses, care plans, and other health information, to carry out treatment, payment, and health care operations and for other allowed purposes or as required by law. The Information we disclose in accordance with this Notice might be subject to redisclosure by the recipient and, in some instances, may no longer be protected under HIPAA. This Notice also describes your rights to review and control the use and disclosure of your Information. We will report any breaches of your unsecured Information, in accordance with applicable law.
The terms of this Notice apply to all records containing your Information that are created and/or retained by NMG. We reserve the right to revise or amend this Notice at any time. Any revision or amendment of this Notice will be effective for all of your records that NMG has created or maintained in the past and any of your records we may create or maintain in the future. A copy of our current Notice is posted in our office in a prominent location and on our webpage. You may request a copy of our current Notice at any time. We will follow the terms of the Notice that we have in effect at the time. The effective date of this Notice is posted at the top of this page.
Primary Uses and Disclosures. We may use and disclose your Information for purposes of providing treatment, obtaining payment, and our health care operations, and there may be incidental uses and/or disclosures of your Information related to those purposes. The following are some examples of such uses and disclosures. We are not required to obtain your authorization for these uses and disclosures of your Information. Not every possible use and disclosure in a particular category is listed; however, all of the ways that we are permitted to use and disclose your Information without your written authorization will fall within one of these categories (or another described below).
Disclosures to Persons Involved in Your Care. We may disclose to a member of your family, a relative, a friend, or another person that you have identified your Information that directly relates to such person’s involvement in your care and/or who has responsibility for payment of your care. We may also use/disclose your Information to notify a relative or other person responsible for your care of your location, general condition, or death. If you are not present or are unable to state an objection or to request a restriction to such use/disclosure, we may, in our professional judgment, determine whether the use/disclosure is in your best interest. Further, in the event of your death, we may disclose to a member of your family, a relative, a friend, or any other person you identify your Information that directly relates to that person’s involvement in your care or who has responsibility for payment of your care, unless such disclosure is inconsistent with your prior-expressed preference that is known to NMG. We may disclose your Information to a public or private entity, authorized by law or by its charter to assist in disaster relief efforts, for the purposes of notifying your family about your condition, status and location.
Uses and Disclosures Requiring Written Authorization. Any use or disclosure of your Information for purposes other than as otherwise generally described in this Notice will be made only with your prior written authorization. Any authorization you provide to us regarding the use/disclosure of your Information may be revoked by you, at any time, by giving us written notice of the revocation. Your revocation shall not apply to those uses and disclosures we made on your behalf pursuant to your authorization prior to the time we received your written revocation.
Substance Use Disorder Treatment Information. If we receive or maintain any substance use disorder treatment records about you that are protected under 42 C.F.R. Part 2 (“SUD Treatment Records”), we will not disclose those SUD Treatment Records without your written consent. We may use/disclose SUD Treatment Records as follows:
In no event will we use or disclose your SUD Treatment Records, or testimony that describes the Information contained in your SUD Treatment Records, in any civil, criminal, administrative, or legislative proceedings by any federal, state, or local authority against you, unless authorized by your written consent or the order of a court after you have been provided notice of the court order and an opportunity to be heard.
Breaches. In the event that your unsecured Information is accessed, acquired, used or disclosed in a manner not permitted by law and that compromises its security or privacy, we will notify you within sixty (60) days. We will report any breaches of your unsecured Information in accordance with applicable federal and state law.
Your Information Rights. The following is a statement of your rights with respect to your Information and a brief description of how you may exercise these rights:
Any request for access to or copies of your Information must be submitted in writing to our Privacy Officer. We will do our best to respond to your request within thirty (30) days, unless state law requires us to respond sooner. NMG may charge you a reasonable fee for the copying, mailing, labor and supplies associated with fulfilling your request. If we maintain the requested Information electronically, we will provide you with a copy in the electronic form and format that you request if we can readily produce such format. If we cannot readily produce the format you requested, we will produce your electronic Information in another readable electronic format as reasonably agreed to between you and us. If your request directs us to transmit the copy of your Information directly to another person, we will provide the copy to the person you designated; provided, your request is made in writing, signed by you, and clearly identifies the designated person and where to send the copy of your Information.
We may deny your request to inspect and/or copy your Information in certain circumstances. For example, we may deny your request if it is determined that providing your Information could cause harm to you or another person. If your request is denied, you may, in some instances, have the right to have such denial reviewed. We will provide you with a written statement of the reasons for denial and, if you are allowed to have such denial reviewed, we will provide you with instructions for how to request a reconsideration.
Right to a Copy of this Notice. You have the right to receive a paper copy of this Notice. You may ask us to give you a copy of this Notice at any time. To obtain a paper copy of this Notice, please contact our Privacy Officer or ask for one at your next visit. You are also able to obtain a copy of this Notice by visiting our website.
Right to File a Complaint. If you believe that your privacy rights have been violated, you may file a complaint with our Privacy Officer and/or the Secretary of the U.S. Department of Health and Human Services (DHHS). Complaints must be submitted in writing. To submit a complaint to NMG, send a letter specifically describing your concerns to our Privacy Officer. DHHS provides information on its public website (www.hhs.gov) about how to file a complaint with the Secretary. We respect your privacy and we support efforts to protect the privacy and confidentiality of your Information. NMG will not retaliate against you for filing a complaint.
Privacy Officer Contact Information. If you have questions about this Notice, please contact our Privacy Officer by telephone, facsimile, or regular mail at the contact information listed at the top of the first page of this Notice. If you want to exercise any of your rights pursuant to this Notice, or if you wish to file a complaint, such request or complaint must be submitted in writing and delivered in person or faxed or mailed to our Privacy Officer at the address or facsimile number listed at the top of the first page of this Notice.
Effective February 16, 2026
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO YOUR MEDICAL INFORMATION. PLEASE REVIEW THIS NOTICE CAREFULLY.
OUR COMMITMENT TO YOUR PRIVACY
Norfolk Medical Group (hereinafter referred to as “NMG” and sometimes “we” or “us”) is dedicated to maintaining the privacy of your personal health information. In conducting our business, NMG creates and maintains identifiable information about you and the medical treatment and healthcare items/services that we provide for you (collectively, your “Information”). NMG is subject to, and must comply with the requirements of, the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and other laws protecting the confidentiality, security, and availability of your Information. We are required by HIPAA to provide you with this Notice of Privacy Practices (this “Notice”) describing our legal duties and privacy practices. NMG may make changes to its Notice of Privacy Practices from time to time. By law, we must follow the terms of the Notice that is in effect at the time.
This Notice describes how NMG may use and disclose your Information, including your medical history, symptoms, examination and test results, diagnoses, care plans, and other health information, to carry out treatment, payment, and health care operations and for other allowed purposes or as required by law. The Information we disclose in accordance with this Notice might be subject to redisclosure by the recipient and, in some instances, may no longer be protected under HIPAA. This Notice also describes your rights to review and control the use and disclosure of your Information. We will report any breaches of your unsecured Information, in accordance with applicable law.
The terms of this Notice apply to all records containing your Information that are created and/or retained by NMG. We reserve the right to revise or amend this Notice at any time. Any revision or amendment of this Notice will be effective for all of your records that NMG has created or maintained in the past and any of your records we may create or maintain in the future. A copy of our current Notice is posted in our office in a prominent location and on our webpage. You may request a copy of our current Notice at any time. We will follow the terms of the Notice that we have in effect at the time. The effective date of this Notice is posted at the top of this page.
Primary Uses and Disclosures. We may use and disclose your Information for purposes of providing treatment, obtaining payment, and our health care operations, and there may be incidental uses and/or disclosures of your Information related to those purposes. The following are some examples of such uses and disclosures. We are not required to obtain your authorization for these uses and disclosures of your Information. Not every possible use and disclosure in a particular category is listed; however, all of the ways that we are permitted to use and disclose your Information without your written authorization will fall within one of these categories (or another described below).
- Treatment. We may use/disclose your Information to provide, coordinate and manage your health care and related services. This includes the use/disclosure of your Information for treatment purposes by/to health care providers within and outside of NMG, such as other doctors, nurses, technicians, and other personnel involved in your care and treatment. For example, your Information may be provided to a doctor to whom you have been referred to ensure that the doctor has the information needed to diagnose and treat you. To the extent permitted by law, we may also disclose your Information to people who are involved in your health care, such as family members and friends, unless you have specifically instructed us not to do so.
- Payment. We may use and disclose your Information so that the health care and related services that you receive from us may be billed to, and payments may be collected from: you; an insurance company; or another third-party payor. We may also tell your health plan about a treatment you are going to receive in order to obtain prior approval or to determine whether your plan will cover the treatment. We may also disclose your Information to other health care providers and health plans for payment activities of those providers and plans. For example, we may provide your Information to a doctor who is not on NMG’s medical staff so that the doctor may bill you or your insurer for services you received from that doctor.
- Healthcare Operations. We may use and disclose your Information, as needed, for certain administrative and operational purposes in the course of running our business. These uses and disclosures are necessary for our operations and to make sure that all of NMG’s patients receive quality care. For example, we may use your Information to review our services and treatment and to evaluate our performance in caring for you. We may combine the health information of some or all of NMG’s patients to decide what additional services we should be offering, what services may not be needed, and whether certain treatments are effective. We may also disclose your Information to doctors, nurses, technicians, medical students, and our personnel for review and learning purposes. We may also combine the information we have with information from other health care providers to compare how we are doing and see where we can make improvements in the care and services that we offer. We may remove information that identifies you from this set of health information so others may use it to study health care and health care delivery without learning your identity. We may also disclose your Information to other individuals and organizations, including physicians, hospitals, healthcare clearinghouses, and/or health plans, to assist with the health care operations activities of such individuals and organizations, as long as they have (or had) a relationship with you. These are just some of the uses and disclosures that NMG may engage in as part of our routine health care operations.
- Incidental Uses and Disclosures. There may be incidental uses and disclosures of your Information that cannot reasonably be prevented. For example, when your name is called in our waiting room, we cannot prevent other people in the waiting room from overhearing your name.
- Other Uses and Disclosures. We may contact you to schedule, or remind you of, an appointment, including by leaving you voice messages on your cell phone or answering machine or in a message left with the person answering the phone. We may also use your Information to tell you about health-related benefits, treatment options or alternatives, and other services that may be of interest to you. Uses and Disclosures Allowed or Required by Law. We may use and disclose your Information in the following situations, as allowed or as required by law. These uses and disclosures of your Information generally do not require us to obtain your written authorization:
- Business Associates. We may disclose your Information to various vendors and service providers that provide certain services for NMG that involve access to your Information. We have a written contract with each of these business associates that contains terms requiring them and their subcontractors to protect the privacy and security of your Information in accordance with HIPAA.
- As Required By Law. We will use and disclose your Information when we are required to do so by federal, state or local law; however, we will limit the use/disclosure to the minimum amount required for us to comply with such legal requirement. When the law requires us to report abuse, neglect or domestic violence, or respond to judicial or administrative proceedings or to law enforcement officials, we will comply with the requirements set forth below concerning those activities.
- Legal Proceedings. We may disclose your Information in the course of judicial or administrative proceedings: (i) in response to an order of a court or administrative tribunal, to the extent such disclosure is expressly authorized by such order; and (ii) in response to a subpoena, discovery request, or other lawful process that is not accompanied by an order of a court of administrative tribunal, but only if certain efforts have been made to inform you about the request or to obtain an order protecting the information being requested.
- HHS Compliance. By law, we must make disclosures of your Information to the Secretary of the Department of Health and Human Services to enable the Secretary to review our compliance with the requirements of HIPAA.
- FDA. When required by the U.S. Food and Drug Administration (“FDA”), we may disclose your Information to a person or company for purposes relating to the quality, safety or efficacy of FDA-regulated products or activities.
- Health Oversight. We may disclose your Information to a state or federal health oversight agency for activities authorized by law, such as: investigations, inspections, and audits; licensure and disciplinary actions; civil, administrative, and criminal actions; and activities necessary for the government to oversee the health care system, government benefit programs, and compliance with civil rights laws.
- Public Health. We may disclose your Information for authorized state and/or federal public health activities, such as: (i) to report, prevent or control disease, injury or disability; (ii) to report births and deaths; (iii) to report child abuse or neglect; (iv) to report adverse reactions to medications or problems with products; (v) to notify people of problems with, or recalls of, products; (vi) to notify a person who may have been exposed to a disease or who may be at risk for contracting or spreading a disease or condition; and (vii) to notify appropriate government authorities if we believe a patient has been the victim of domestic violence, abuse, or neglect. We will make these disclosures only if you agree, unless we are required or otherwise authorized by law to do so. If directed by a public health authority, we may disclose your Information to a foreign government agency that is collaborating with the public health authority.
- Law Enforcement. We may disclose your Information if requested by federal, state or local law enforcement, for law enforcement purposes, such as: (i) in response to a court order, subpoena, summons, or warrant; (ii) to identify and/or locate a suspect, fugitive, material witness, or missing person; (iii) to assist with the identification of a victim of a crime; (iv) in connection with death that may be the result of criminal conduct; (v) to report criminal conduct at our facility; and/or (vi) in emergency circumstances to report a crime, the location or victim(s) of the crime, or the description, identity or location of the perpetrator.
- Abuse/Neglect. We may disclose your Information to a governmental entity/agency that is authorized by law to receive reports of child, elder, or dependent adult abuse or neglect or if we believe that you have been a victim of abuse, neglect or domestic violence. Such disclosures will be made consistent with the requirements of applicable laws and with due regard for the safety of the individual.
- Threats to Health or Safety. We may use and disclose your Information when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. Any such disclosure, however, would only be to someone able to help prevent the threat and/or to identified victims of the threat.
- Coroners, Medical Examiners, Funeral Directors. We may disclose your Information to a coroner or medical examiner for identification purposes, to determine a cause of death, or to perform other duties authorized by law. We may disclose your Information to a funeral director as needed to carry out his/her duties.
- Organ Donation. If you are an organ or tissue donor, we may use and disclose your Information for permitted cadaveric organ, eye, or tissue donation and transplantation purposes, including disclosures to organizations involved in procuring, banking or transplanting donor organs and tissues.
- Research. We may disclose your Information to researchers for research that has been approved by a privacy board or an institutional review board. Before we use or disclose your Information for research, the project will be approved through a formal review and approval process; however, we may disclose your Information to people preparing to conduct a research project (e.g., to help find participants), so long as the information that they review does not leave NMG’s premises. We will almost always ask for your specific permission if the researcher will have access to your name, address, or other information that reveals your identity.
- Criminal Activity. In accordance with applicable federal and state laws, we may use or disclose your Information if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public.
- Military and Veterans. If you are a member of the Armed Forces, we may use and disclose your Information: (i) for activities deemed necessary by military command authorities; (ii) for purposes of a determination by the Department of Veterans Affairs of your eligibility for benefits, or (iii) to a foreign military authority if you are a member of that foreign military, in accordance with HIPAA.
- National Security. We may disclose your Information to federal officials for intelligence, counter-intelligence and national security activities authorized by law. We may also disclose your Information to federal officials in order to protect the President and other government officials or foreign heads of state, or to conduct investigations.
- Correctional Institutions. If you are an inmate of a correctional institution or are under the custody of a law enforcement official, we may disclose to the correctional institution or law enforcement official your Information as necessary: (i) for the correctional institution to provide health care services to you; (ii) to protect your health and safety or the health and safety of others; or (iii) for the safety and security of the institution or official.
- Employers. We may disclose to your employer some of your Information obtained while providing healthcare services to you, if such services are performed at the request of your employer for purposes of conducting an evaluation relating to legally required workplace medical surveillance or determining whether you have a work-related illness or injury.
- Workers’ Compensation. We may use and disclose your Information to comply with workers’ compensation laws and other similar legally established programs. For example, to the extent your care is covered by workers’ compensation, we will make periodic reports to your employer about your condition. We are required by law to report cases of occupational injury and occupational illness to the employer or workers’ compensation insurer.
- Schools. We may disclose proof of immunizations to a school you attend or will attend if the school is required by state or other law to have such proof prior to admitting you and if we obtain your consent or, if you are a minor, the consent of a parent, guardian or person acting in loco parentis.
- Fundraising. We may use or disclose your demographic information, the dates that you received treatment, the department of service, your treating physician, outcome information and health insurance status to contact you for our fundraising activities. This information may come from SUD Treatment Records (defined below), if any. If you do not want to receive these materials, please notify our Privacy Officer and we will cease any further fundraising communications. Similarly, you should notify our Privacy Officer if you decide that you want to start receiving fundraising communications again.
- Change of Ownership. In the event that NMG is sold or merged with another organization, your Information will become the property of the new owner and be subject to its HIPAA Notice of Privacy Practices. You will retain the right to request that copies of your Information be transferred to another health care provider, and your HIPAA rights with respect to your Information will remain the same.
Disclosures to Persons Involved in Your Care. We may disclose to a member of your family, a relative, a friend, or another person that you have identified your Information that directly relates to such person’s involvement in your care and/or who has responsibility for payment of your care. We may also use/disclose your Information to notify a relative or other person responsible for your care of your location, general condition, or death. If you are not present or are unable to state an objection or to request a restriction to such use/disclosure, we may, in our professional judgment, determine whether the use/disclosure is in your best interest. Further, in the event of your death, we may disclose to a member of your family, a relative, a friend, or any other person you identify your Information that directly relates to that person’s involvement in your care or who has responsibility for payment of your care, unless such disclosure is inconsistent with your prior-expressed preference that is known to NMG. We may disclose your Information to a public or private entity, authorized by law or by its charter to assist in disaster relief efforts, for the purposes of notifying your family about your condition, status and location.
Uses and Disclosures Requiring Written Authorization. Any use or disclosure of your Information for purposes other than as otherwise generally described in this Notice will be made only with your prior written authorization. Any authorization you provide to us regarding the use/disclosure of your Information may be revoked by you, at any time, by giving us written notice of the revocation. Your revocation shall not apply to those uses and disclosures we made on your behalf pursuant to your authorization prior to the time we received your written revocation.
- Marketing. We may use and disclose your Information for marketing purposes only with your prior written authorization, unless the use is in the form of a face-to-face communication made by us to you or involves a promotional gift of nominal value given from us to you. The authorization will disclose whether we receive any compensation for any marketing activity you authorize, and we will stop any future marketing activity to the extent you revoke that authorization. Marketing uses/disclosures do not include activities such as us contacting you about health-related products or services offered by NMG, or to manage or coordinate your care, or to encourage you to maintain a healthy lifestyle, or to remind you to refill prescriptions.
- Sale of Your Information. Except in connection with the sale of NMG or its merger with another organization, as discussed above, we may only sell your Information to a third party with your written authorization.
- Psychotherapy Notes. We may use and disclose any psychotherapy notes about you only with your prior written authorization, except when our use or disclosure relates to the following: (i) carrying out treatment, payment, or health care operations purposes; (ii) legally required disclosures; (iii) health oversight activities; (iv) disclosures to coroners and medical examiners; (v) reports related to threats to health or safety; and (vi) defending NMG in a legal action or other proceeding brought by you (or on your behalf) against NMG or our providers. As used in this Notice, the term “psychotherapy notes” has the specific meaning given to it under HIPAA.
Substance Use Disorder Treatment Information. If we receive or maintain any substance use disorder treatment records about you that are protected under 42 C.F.R. Part 2 (“SUD Treatment Records”), we will not disclose those SUD Treatment Records without your written consent. We may use/disclose SUD Treatment Records as follows:
- Treatment, Payment and Health Care Operations. If we receive or maintain your SUD Treatment Records from a substance use disorder treatment program that is covered under 42 C.F.R. Part 2 (a “Part 2 Program”) pursuant to a general written consent that you provide to the Part 2 Program to use and disclose your SUD Treatment Records for purposes of treatment, payment, or health care operations, then we may use and disclose your SUD Treatment Records for treatment, payment, and health care operations purposes.
- Specific Authorization. If we receive or maintain your SUD Treatment Records through a specific written consent that you provide to us or to a third party, then we may use and disclose your SUD Treatment Records only as expressly permitted by you in your specific consent.
In no event will we use or disclose your SUD Treatment Records, or testimony that describes the Information contained in your SUD Treatment Records, in any civil, criminal, administrative, or legislative proceedings by any federal, state, or local authority against you, unless authorized by your written consent or the order of a court after you have been provided notice of the court order and an opportunity to be heard.
Breaches. In the event that your unsecured Information is accessed, acquired, used or disclosed in a manner not permitted by law and that compromises its security or privacy, we will notify you within sixty (60) days. We will report any breaches of your unsecured Information in accordance with applicable federal and state law.
Your Information Rights. The following is a statement of your rights with respect to your Information and a brief description of how you may exercise these rights:
- Inspection and Copies. Subject to certain grounds for denial, you may ask to inspect and obtain copies of your Information that may be used to make decisions about your health care and treatment, including your medical records and billing records, but not including: (i) psychotherapy notes (if any); (ii) certain laboratory information restricted by federal law; and (iii) information compiled in reasonable anticipation of, or for use in, any civil, criminal, or administrative action or proceeding.
Any request for access to or copies of your Information must be submitted in writing to our Privacy Officer. We will do our best to respond to your request within thirty (30) days, unless state law requires us to respond sooner. NMG may charge you a reasonable fee for the copying, mailing, labor and supplies associated with fulfilling your request. If we maintain the requested Information electronically, we will provide you with a copy in the electronic form and format that you request if we can readily produce such format. If we cannot readily produce the format you requested, we will produce your electronic Information in another readable electronic format as reasonably agreed to between you and us. If your request directs us to transmit the copy of your Information directly to another person, we will provide the copy to the person you designated; provided, your request is made in writing, signed by you, and clearly identifies the designated person and where to send the copy of your Information.
We may deny your request to inspect and/or copy your Information in certain circumstances. For example, we may deny your request if it is determined that providing your Information could cause harm to you or another person. If your request is denied, you may, in some instances, have the right to have such denial reviewed. We will provide you with a written statement of the reasons for denial and, if you are allowed to have such denial reviewed, we will provide you with instructions for how to request a reconsideration.
- Amendments. If you believe that your Information maintained by us is incorrect or incomplete, you may ask us to amend such Information. Your request must be submitted in writing to our Privacy Officer. We may deny your request if it is not made in writing or does not include a valid reason to support your request. We may deny your request to amend information that: (i) is accurate and complete; (ii) was not created by us, unless the person or entity that created such information is no longer available to make the amendment; (iii) is not part of the information kept by or for us; or (iv) is not part of the information which you are permitted to inspect or copy. If we deny your request, you may file a statement of disagreement that will become part of your record. If you file a statement of disagreement, we reserve the right to respond to your statement. You will receive a copy of any response we make and such response will also become part of your record.
- Accounting of Disclosures. You may request an accounting of certain disclosures of your Information that we have made (if any) during the six (6) years prior to the date of your request, except for disclosures: (i) to carry out treatment, payment or healthcare operations; (ii) made directly to you; (iii) incident to a use or disclosure otherwise permitted or required by law; (iv) pursuant to a written authorization; (v) to persons involved in your care or for notification purposes; (vi) for national security purposes; (vii) to correctional institutions or law enforcement officials having custody over you; or (viii) as part of a limited data set. Your request must be submitted in writing to our Privacy Officer. Your request must state a time period that may not be longer than the six (6) years preceding the date of your request.
- Confidential Communication. You may request that we send your Information to you by alternative means or at alternative locations. For example, you may request that we contact you at your work or by U.S. Mail. We will not ask you the reason for your request, and we will accommodate reasonable requests. You must submit your request in writing to our Privacy Officer. Your request must specify how and where you wish to be contacted. You must provide us with a mailing address where you can receive mail from us related to billings for our services. We reserve the right to contact you by other means and at other locations if you fail to respond to any communication from us that requires a response. We will attempt to notify you per your original request before we attempt to contact you by other means or at a different location.
- Restrictions. You may ask us to restrict the use/disclosure of any part of your Information to carry out treatment, payment or healthcare operations. You may also request that any part of your Information not be disclosed to family, relatives or friends who may be involved in your care or not to notify them of your location, general condition or death. Your request must be submitted in writing to our Privacy Officer, and must specifically describe in a clear and concise fashion: (1) what information you want to limit; (2) whether you want to limit our use or disclosure or both; and (3) to whom you want the limits to apply. We do not have the authority to bind anyone else to restrictions that you request and we agree to. We are not required to agree to your request unless the restriction involves the disclosure of your Information to a health plan for purposes of payment or health care operations and such Information pertains solely to a health care item or service for which you paid out-of-pocket in full. If we do agree to your requested restriction, we will not use or disclose your Information in violation of that restriction, except in an emergency. We may terminate any restriction by giving you written notice; provided, our termination shall only be effective with respect to information created or received after we have given you such notice of termination of the restriction. We may not terminate a restriction that we are required by law to agree to with respect to disclosures to health plans, as described above.
Right to a Copy of this Notice. You have the right to receive a paper copy of this Notice. You may ask us to give you a copy of this Notice at any time. To obtain a paper copy of this Notice, please contact our Privacy Officer or ask for one at your next visit. You are also able to obtain a copy of this Notice by visiting our website.
Right to File a Complaint. If you believe that your privacy rights have been violated, you may file a complaint with our Privacy Officer and/or the Secretary of the U.S. Department of Health and Human Services (DHHS). Complaints must be submitted in writing. To submit a complaint to NMG, send a letter specifically describing your concerns to our Privacy Officer. DHHS provides information on its public website (www.hhs.gov) about how to file a complaint with the Secretary. We respect your privacy and we support efforts to protect the privacy and confidentiality of your Information. NMG will not retaliate against you for filing a complaint.
Privacy Officer Contact Information. If you have questions about this Notice, please contact our Privacy Officer by telephone, facsimile, or regular mail at the contact information listed at the top of the first page of this Notice. If you want to exercise any of your rights pursuant to this Notice, or if you wish to file a complaint, such request or complaint must be submitted in writing and delivered in person or faxed or mailed to our Privacy Officer at the address or facsimile number listed at the top of the first page of this Notice.
