Facebook-f Instagram Youtube Linkedin Tiktok
Book Now

Somavie Wellness Center & Med Spa

Notice Of HIPAA Privacy Practices

Last Updated: March 2025

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) requires us to ask each of our patients to acknowledge receipt of our Notice of HIPAA Privacy Practices.

This Notice describes how your Protected Health Information (“PHI”) may be used and disclosed by SomaVie Wellness Center and Med Spa (“SomaVie Wellness,” “we,” “us,” or “our”), and how you can get access to this information. Please review it carefully.

We are required by law to:

  • Maintain the privacy and security of your PHI.
  • Notify you promptly if a breach occurs that may have compromised the privacy or security of your information.
  • Follow the duties and privacy practices described in this Notice.
  • Provide you with a copy of this Notice upon request.

Each of SomaVie Wellness Center and Med Spa and its affiliates designate themselves as a single Affiliated Covered Entity (ACE) for purposes of compliance with HIPAA. Each of these entities, and their related sites, locations, and care providers, will follow the terms of this Notice. In addition, the entities, sites, locations, and care providers may share medical information with each other for treatment, payment, or healthcare operations related to the ACE. This designation may be amended periodically to add new covered entities that are part of the Affiliated Covered Entity under HIPAA.

1. Our Commitment to Protect Your Health Information

We are dedicated to protecting your medical information. The HIPAA Privacy Rule requires that we provide detailed notice in writing of our privacy practices. Your PHI is information that identifies you and that relates to your past, present, or future healthcare. We are required by law to maintain the privacy of your PHI and to give you this Notice explaining your rights and how, when, and why we may use or disclose your PHI.

We are required by law to follow the privacy practices described in this Notice, but we may change our policies at any time. Changes will apply to information we already hold, as well as new information collected after the change occurs. We will make any such changes by posting the revised Notice on our website. The date of the last update will be clearly indicated at the top of this Notice. Please review this Notice from time to time to ensure you are familiar with our HIPAA privacy practices.

2. How We May Use and Disclose Your PHI

We will use or disclose your PHI for treatment, payment, or healthcare operations. The examples below do not list every possible use or disclosure in a category.

A. Treatment, Payment, and Healthcare Operations

  • Treatment: We may use or disclose PHI to provide, coordinate, and manage your healthcare and related services. For example, we may consult with other healthcare providers regarding your treatment, share medical history to ensure continuity of care, or coordinate referrals to specialists.
  • Payment: We may use and disclose PHI to bill and collect payment for services. For example, we may send your insurance company a bill or disclose PHI to confirm coverage of a procedure.
  • Healthcare Operations: We may use and disclose PHI for business operations, such as training, quality assessment, and compliance monitoring. This includes activities like reviewing provider performance, auditing claims, and ensuring legal compliance.

B. Business Associates

  • We may contract with individuals and entities (“business associates”) to perform functions on our behalf. For example, we may disclose PHI to a billing service or cloud storage provider. All business associates must sign HIPAA-compliant agreements to safeguard your PHI.

C. Communications and Notifications

  • We may contact you via phone, text, email, or mail for appointment reminders, test results, treatment recommendations, and other healthcare-related matters.
  • You may request confidential communication methods, such as receiving mail at a P.O. Box or only being contacted via text.
  • Electronic Communication Risks: If you choose to communicate with us via email, text, or chat, you acknowledge that these methods may not be fully secure. While we take reasonable steps to protect your privacy, there is a risk that information could be intercepted or accessed by unauthorized persons. You may opt out of these communication methods at any time.

D. Uses and Disclosures That Require Your Authorization

  • Marketing Purposes: We will not sell or use your PHI for marketing without your written authorization.
  • Psychotherapy Notes: We will not use or disclose psychotherapy notes without your written consent.
  • Genetic Information: Under the Genetic Information Nondiscrimination Act (GINA), we will not use your genetic information for underwriting purposes.
  • Uses and Disclosures Requiring Authorization: Other uses and disclosures of your PHI not described in this Notice will be made only with your written authorization. This includes disclosures of PHI for marketing purposes, the sale of PHI, and, in certain cases, the use and disclosure of substance use disorder or reproductive health information (where applicable under state or federal law).

E. Uses and Disclosures Permitted by Law

We may share your PHI in the following circumstances without your authorization, as permitted or required by law:

  • Public Health Activities: Reporting disease, infections, reactions to medications, and workplace injuries.
  • Abuse or Neglect: Reporting suspected abuse, neglect, or domestic violence.
  • Health Oversight Agencies: Providing information for audits, government monitoring, and licensure compliance.
  • Legal Proceedings: Responding to subpoenas, court orders, or investigations.
  • Law Enforcement: Disclosing PHI for missing persons, crime investigations, or safety threats.
  • Research: In compliance with HIPAA, we may use PHI for approved medical research with appropriate privacy protections.
  • Workers’ Compensation: Complying with claims and similar programs.

F. Emergency Situations

We may use or disclose your PHI in an emergency when you are unable to provide consent (e.g., unconscious or incapacitated) if such disclosure is necessary for immediate care.

G. Newly Enacted Laws Affecting PHI

  1. 21st Century Cures Act (2021-Present) – We must provide real-time access to your electronic health records (EHR) without unnecessary delays.
  2. HIPAA Safe Harbor Law (2021-Present) – If we experience a cybersecurity breach, penalties may be reduced if we follow government-recognized security best practices.
  3. Information Blocking Rule (2022-Present) – We cannot block or delay your PHI access unless legally required.

H. Right to Restrict Disclosures to Health Plans

  • You have the right to request that we not disclose your PHI to your health plan for items or services you paid for in full out of pocket. We are required to comply with this request unless otherwise required by law.

3. Your Rights Regarding Your PHI

Under HIPAA, you have the following rights:

  • Right to Request Restrictions on how we use and disclose your PHI.
  • Right to Confidential Communications (e.g., requesting contact via mail instead of phone).
  • Right to Inspect and Copy Your PHI, including receiving electronic copies.
  • Right to Request Amendments to incorrect or incomplete records.
  • Right to Receive an Accounting of Disclosures made over the past six years.
  • Right to Be Notified of a Breach within 60 days if your PHI is compromised.
  • Right to Restrict Disclosures to Health Plans for self-paid services, as described above.
  • Right to File a Complaint with us or the U.S. Department of Health & Human Services (HHS).

4. Acknowledgment of Receipt

By receiving care at SomaVie Wellness Center, you acknowledge that you have been given the opportunity to review this HIPAA Privacy Notice. A paper copy is available upon request.

                 I understand.  

Name:

Date: