PHI Privacy Practices
This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
The terms of this Notice of Privacy Practices apply to Central Wellness which includes our licensed professionals seeing and treating patients at our facility.
We are required by law to maintain the privacy of our patients’ protected health information (PHI) and to provide patients with notice of our legal duties and privacy practices with respect to your protected health information. We are required to abide by the terms of this Notice so long as it remains in effect. We reserve the right to change the terms of this Notice of Privacy Practices as necessary and to make the new Notice effective for all protected health information maintained by us. You may receive a copy of any revised notices at Central Wellness or a copy may be obtained by mailing a request to: Central Wellness Privacy Officer, 1010 Central Avenue, Ste S Billings, MT 59102.
Examples of Disclosure for Treatment, Payment and Health Operations
Central Wellness will use your protected health information for your treatment: For instance, doctors and nurses, and other professionals involved in your care will use information in your medical record and information that you provide about your symptoms and reactions to plan a course of treatment for you that may include procedures, medications, tests, etc. We may contact you to provide appointment reminders, test results or information about treatment alternatives or other health-related benefits and services that may be of interest to you.
We will use your health information for payment: For instance, we may forward information regarding your medical procedures and treatment to your insurance company to arrange payment for the services provided to you or we may use your information to prepare a bill to send to you or to the person responsible for your payment.
We may from time to time use your protected health information to communicate with you about health products and services necessary for your treatment, to advise you of new products and services we offer, and to provide general health and wellness information.
Permitted Uses and Disclosures
Your Authorization: Except as outlined below, we will not use or disclose your protected health information for any purpose unless you have signed a form authorizing the use or disclosure. You have the right to revoke that authorization in writing unless we have taken any action in reliance on the authorization.
Business Associates: Certain aspects and components of our services are performed through contracts with outside persons or organizations, such as auditing, accreditation, legal services, etc. At times it may be necessary for us to provide certain aspects of your protected health information to one or more of these outside persons or organizations who assist us with our healthcare operations. In all cases, we require these business associates to appropriately safeguard the privacy of your information.
Required Uses and Disclosures
We are permitted or required by law to make certain other uses and disclosures of your protected health information without your consent or authorization, including but not limited to the following:
- We may release your protected health information for any purpose required by law.
- We may release your protected health information for public health activities, such as required reporting of disease, injury, and birth and death, and for required public health investigations.
- We may release your protected health information as required by law if we suspect child abuse or neglect; we may also release your protected health information as required by law if we believe you to be a victim of abuse, neglect or domestic violence.
- We may release your protected health information to the Food and Drug Administration if necessary to report adverse events, product defects or to participate in product recalls.
- We may release your protected health information to your employer when we have provided healthcare to you at the request of your employer to determine workplace-related illness or injury; in most cases you will receive notice that information is disclosed to your employer.
- We may release your protected health information if required by law to a government oversight agency conducting audits, investigations, or civil or criminal proceedings.
- We may release your protected health information if required to do so by subpoena or discovery request; in some cases, you will have notice of such release.
- We may release your protected health information to law enforcement officials as required by law to report wounds and injuries and crimes.
- We may release your protected health information to coroners and/or funeral directors consistent with the law.
- We may release your protected health information if necessary to arrange an organ or tissue donation from you or a transplant for you.
- We may release your protected health information if, in limited instances, we suspect a serious threat to health or safety.
- We may release your protected health information if you are a member of the military as required by armed forces services; we may also release your protected health information if necessary for national security or intelligence activities.
- We may release your protected health information to workers’ compensation agencies if necessary for your workers’ compensation benefit determination.
Your Health Information Rights
Although your health record is the physical property of Central Wellness, the information belongs to you. You have the right:
- To copy and/or inspect much of the protected health information that we retain on your behalf. All requests for access must be made in writing and signed by you or your representative. You may obtain an access request form from Central Wellness Health Information Management, 1010 Central Avenue, Ste S Billings MT 59102.
- To request in writing that protected health information that we maintain about you be amended or corrected. We are not obligated to make all requested amendments but will give each request careful consideration. All amendment requests, in order to be considered by us, must be in writing, signed by you or your representative, and must state the reasons for the amendment/correction request. If an amendment or correction you request is made by us, we may also notify others who work with us and have copies of the uncorrected record if we believe that such notification is necessary. You may obtain an amendment request form from Central Wellness 1010 Central Avenue, Ste S Billings, MT 59102.
WEBSITE PROPERTIES PRIVACY STATEMENT
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address, and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products, and other updates.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use, or disclosure of your information, at any time, by contacting us at email@example.com or mailing us at:
1010 Central Avenue, Ste S Billings, MT 59102
You may also opt out of any email correspondence by clicking the link to unsubscribe from emails from inside the email you received from us.
SECTION 3 – DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 – WEBSITE
Our store is hosted on WordPress & Zenoti. They provide us with an online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through their data storage, databases, and Zenoti application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Zenoti stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS).
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
Other Third-Party Processors used by Central Wellness include HubSpot.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
SECTION 6 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so that you can choose if you want to opt out of cookies or not.
_session_id, unique token, sessional, Allows WordPress & Zenoti to store information about your session (referrer, landing page, etc).
_wszenoti_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_zenoti_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
PREF, persistent for a very short period, is Set by Google and tracks who visits the store and from where.
SECTION 8 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
SECTION 10 – Additional info for The General Data Protection Regulation (GDPR)
“We use technologies, such as cookies, to customize content and advertising, to provide social media features, and to analyze traffic to the site. We also share information about your use of our site with our trusted social media, advertising and analytics partners.
Some of the advertising platforms we utilize include Facebook’s Ad Network, Google’s Ad Network including Display, AdWords, YouTube, Search and Email marketing. We may also employ native ad networks such as Outbrain, Taboola, RevContent and will employ their pixels for the purpose of measuring the success of those campaigns at driving traffic to our content, products, and site content as well as displaying relevant offers to our site visitors based on pages, content, and products they have demonstrated an interest in based on prior site visits and engagement and consent.
We also employ and may employ in the future, tools and web apps for measuring and tracking the effectiveness of our site. Those tools presently include:
SECTION 11 Data Retention Time.
In general, our Facebook audience retention maxes out at 365 days for most audiences and others at 180 days. Those audiences are mostly used for exclusions. For example, if you engaged with a product but did not purchase after a week or month you would no longer be on our retargeting audience list to see ads relevant to our offer as we would assume that after two weeks if you have not purchased, then you are likely not interested in purchasing and therefore would be excluded from seeing additional offers from us as long as you are within that 365 audiences as having already been shown an ad within the last 365 days. Once that audience expires it is possible that you would see another ad from us, it is not 100% guaranteed that you will not see an ad if you are on an excluded audience list. To opt out of seeing ads, you can control all of those cookies on your own devices by simply going to your browser settings and deleting any cookies for any site. Anytime you re-engage with our site, landing pages, or apps you can have cookies placed on your device for our tracking and marketing purposes. By using our site, apps, and content you are agreeing to our terms of service and those tools we employ including cookies, pixels, and other data management systems for the purpose of providing you your account, access to your purchases, and or free, promotional, and content for which you have engaged.
Here is a helpful site for understanding how cookies work and how to Opt-Out of various advertisers’ cookies.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at firstname.lastname@example.org or by mail at
1010 Central Avenue, Ste S
Billings, MT 59102
To obtain additional copies of the Notice of Privacy Practices upon request.
You will be asked to sign an acknowledgment form that you received this Notice of Privacy Practices.
Effective October 1, 2015
Revised July 1, 2021;