Effective Date: January 1, 2023
Last Updated: August 1, 2025
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU CAN BE USED AND DISCLOSED AND HOW YOU CAN ACCESS THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
This Notice describes the privacy practices of Hoopcare Medical of Florida, P.A. and Hoopcare, Inc. (“we,” “us”), including all licensed professionals allowed to enter or access your medical record and all workforce members with access to your medical or billing records or other health information about you (“Protected Health Information” or “PHI”).
We can change this Notice at any time. New terms can apply to all PHI we maintain, including PHI created or received before the change. When updated, we post the new Notice at app.hoopcare.com/legal/npp. You can also request a copy using the contacts at the end of this Notice.
We safeguard your PHI and follow federal and state law. We must:
• Maintain the privacy and security of your PHI.
• Give you this Notice that explains our duties and practices.
• Notify you if a breach exposes your unsecured PHI.
We follow the terms of the current Notice when we use or disclose PHI.
We can use and disclose PHI without your written authorization for:
Treatment. To provide care and related services — for example telehealth visits, consulting with your clinicians, recommending alternatives, or describing a health-related product or service. We also disclose PHI to other providers involved in your treatment.
Payment. To obtain payment for services — for example submitting claims to Medicare or your health plan, verifying coverage, or supporting payment to other providers who treated you.
Health Care Operations. For operations that run and improve our services — quality assessment, credentialing, training, communications with and about you, licensing, customer support, analytics, security, website tagging limited to operations, and development of care management features and algorithms.
Organized Health Care Arrangement. Hoopcare Medical of Florida, P.A. and Hoopcare, Inc. function together for treatment, payment, and operations and can share PHI with each other for those purposes.
Business Associates. We work with vendors who perform services for us (for example scheduling, billing, care coordination, transcription). We require them by contract to protect your PHI.
Electronic Health Information Exchange (HIE).
• We participate in one or more HIEs and health record locator services.
• The HIE can include sensitive information, lab results, diagnoses, medications, clinical notes, and demographics.
• The HIE lets us and your other treating providers view and use your electronic health information to coordinate your care as the law allows.
• We track access we control. Other providers who use the HIE can disclose your information to other treating providers.
Disclosures to Relatives, Close Friends, and Caregivers.
• If you are present or available, we disclose only when you agree, when we give you a chance to object and you do not object, or when we reasonably infer you do not object.
• If you are not available, we use professional judgment to disclose only information directly relevant to another person’s involvement in your care or payment.
As Required by Law. We use and disclose PHI when the law requires it.
Public Health Activities. We disclose PHI to:
• Report to public health authorities to prevent or control disease, injury, or disability.
• Report child abuse or neglect.
• Report information about FDA-regulated products.
• Alert a person at risk of exposure or spread of a disease or condition.
• Report work-related illness or injury to an employer as required by law.
Victims of Abuse, Neglect, or Domestic Violence. We disclose PHI to government authorities authorized to receive such reports when we reasonably believe you are a victim.
Health Oversight. We disclose PHI to agencies that oversee the health care system and government programs like Medicare.
Judicial and Administrative Proceedings. We disclose PHI in response to court orders, subpoenas, or other lawful process.
Law Enforcement. We disclose PHI to law enforcement as the law allows and when required by a court order or legal process.
Decedents. We disclose PHI to a coroner or medical examiner as authorized by law.
Organ and Tissue Donation. We disclose PHI to organizations that facilitate organ, eye, or tissue donation and transplantation.
Health or Safety. We use or disclose PHI to prevent or lessen a serious and imminent threat to a person’s or the public’s health or safety.
Specialized Government Functions. We disclose PHI to military authorities, the U.S. Department of State, or other government units with special functions in limited circumstances.
Workers’ Compensation. We disclose PHI as needed to comply with workers’ compensation or similar programs.
We use or disclose PHI for other purposes only with your written authorization. You can revoke an authorization at any time, except to the extent we already relied on it, by sending a written request using the contacts below.
Connections to Third-Party Devices or Services. If you authorize a connection, you agree we can access and share data from and with those third parties. That data can become part of your health record and can be shared with providers through an HIE as described above.
Clinical Trials and Research. We obtain your authorization to use or disclose PHI for research, unless an Institutional Review Board or privacy board approves a waiver or the disclosure fits a limited exception (for example reviews preparatory to research, research on decedents, or a limited data set with direct identifiers removed).
Marketing. We obtain your authorization before using PHI for marketing under HIPAA. We do not accept payment from others to send you communications about treatments, providers, care settings, case management, care coordination, products, or services unless you authorize or the law permits the communication. Face-to-face communications and promotional gifts of nominal value do not require authorization. We can send refill reminders or communications about a drug or biologic you currently take when any payment we receive is reasonably related to our cost to make the communication.
Sale of PHI. We do not sell PHI. Any disclosure that meets HIPAA’s definition of a sale of PHI requires your authorization.
Psychotherapy Notes. We do not use or disclose psychotherapy notes without your authorization, except for use by the mental health professional who created the notes to treat you.
Highly Confidential Information. Extra protections can apply to certain PHI — for example substance use disorder treatment records, mental health records, HIV/AIDS, genetic information, and other categories protected by state or federal law. If a disclosure needs your authorization, we obtain it.
For further information or complaints. Contact us using the information below if you want more information about your privacy rights, if you believe we violated your privacy rights, or if you disagree with a decision about access to your PHI. You can also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.
Right to Request Restrictions. You can request restrictions on our use and disclosure of PHI for treatment, payment, and operations; to people involved in your care or payment; or for notifications of location and condition. We consider all requests. We are required to accept a restriction that limits disclosure to a health plan for payment or operations if: the disclosure is not required by law and the PHI pertains only to a service you (or someone for you) paid for in full out-of-pocket.
Right to Confidential Communications. You can request to receive PHI by alternative means or at alternative locations. We accommodate reasonable written requests.
Right to Inspect and Copy. You can access and request copies of PHI in your medical and billing records, including electronic copies where available. In limited cases we can deny access. If you request copies, we charge a reasonable, cost-based fee.
Right to Amend. You can request an amendment to PHI in your medical or billing records. We grant the request unless we believe the information is accurate and complete or an exception applies. If we deny the request, we explain why and how to submit a statement of disagreement.
Right to an Accounting of Disclosures. You can request an accounting of certain disclosures of your PHI for a period up to six years before your request. If you request more than one accounting in a 12-month period, we can charge a reasonable fee.
Right to a Paper Copy. You can obtain a paper copy of this Notice at any time, even if you agreed to receive it electronically.
Hoopcare Medical of Florida, P.A. → contact@hoopcare.com
Hoopcare, Inc. → dpo@hoopcare.com or support@hoopcare.com
