RIVERHEAD WELLNESS MD
Nathan B. Miller, MD
199 Spotnap Road, Suite 6-A, Charlottesville, VA 22911
PATIENT NOTICE OF PRIVACY PRACTICES
As Required by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH Act), and Associated Regulations
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED OR DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
If you have any questions about this notice or need more information, please contact:
Effective Date: March 2026
About This Notice
We understand that health information about you is personal, and we are committed to protecting your information. We create a record of the care and services you receive at Riverhead Wellness MD. We need this record to provide you with quality care (treatment), for payment of care provided, for health care operations, and to comply with certain legal requirements. This Notice will tell you about the ways in which we may use and disclose health information about you. It also describes your rights and certain obligations we have regarding the use and disclosure of health information. We are required by law to follow the terms of this Notice that is currently in effect.
What Is Protected Health Information (PHI)?
PHI is information that individually identifies you and that we create or receive from you or from another health care provider, health plan, your employer, or a health care clearinghouse that relates to:
– Your past, present, or future physical or mental health or conditions
– The provision of health care to you
– The past, present, or future payment for your health care
How We May Use and Disclose Your PHI
We may use and disclose your PHI in the following circumstances:
– Treatment. We may use or disclose your PHI to provide you with medical treatment or services and to manage and coordinate your medical care. For example, your PHI may be provided to a physician, specialist, laboratory, or partner pharmacy (such as MedQuest/Belmar or Akina Pharmacy) to ensure they have the information necessary to diagnose, treat, or fulfill prescriptions for you.
– Payment. We may use and disclose your PHI so that we can bill for the treatment and services you receive and can collect payment from you or a third party.
– Health Care Operations. We may use and disclose PHI for our health care operations, such as quality review, team performance evaluation, or training.
– Appointment Reminders, Treatment Alternatives, and Health-Related Services. We may use and disclose PHI to contact you to remind you of appointments, to tell you about possible treatment options or alternatives, or to inform you about health-related benefits and services that may be of interest to you.
– As Required by Law. We will disclose PHI about you when required to do so by federal, state, or local law.
– To Avert a Serious Threat to Health or Safety. We may use and disclose PHI when necessary to prevent a serious threat to your health or safety or the health or safety of others.
– Business Associates. We may disclose PHI to our business associates who perform functions on our behalf or provide us with services if the PHI is necessary for those functions or services. For example, we may share PHI with our electronic health record provider (Optimantra), billing services, or partner pharmacies. All of our business associates are obligated, under contract with us, to protect the privacy and ensure the security of your PHI.
– Workers’ Compensation. We may use or disclose PHI for workers’ compensation or similar programs.
– Public Health Risks. We may disclose PHI for public health activities, including to prevent or control disease, injury, or disability.
– Abuse, Neglect, or Domestic Violence. We may disclose PHI to the appropriate government authority if we believe a patient has been the victim of abuse, neglect, or domestic violence.
– Health Oversight Activities. We may disclose PHI to a health oversight agency for activities authorized by law.
– Data Breach Notification. We may use or disclose your PHI to provide legally required notices of unauthorized access to or disclosure of your health information.
– Lawsuits and Disputes. If you are involved in a lawsuit or dispute, we may disclose PHI in response to a court or administrative order, or in response to a subpoena, discovery request, or other legal process.
– Law Enforcement. We may disclose PHI for law enforcement purposes, so long as applicable legal requirements are met.
– Coroners, Medical Examiners, and Funeral Directors. We may disclose PHI to a coroner, medical examiner, or funeral director so that they can carry out their duties.
Uses and Disclosures That Require an Opportunity to Object
– Individuals Involved in Your Care. Unless you object in writing, we may disclose to a member of your family, a relative, a close friend, or any other person you identify, your PHI that directly relates to that person’s involvement in your health care.
– Payment for Your Care. Unless you object in writing, you may exercise your rights under HIPAA to request that your healthcare provider not disclose information about services received when you pay in full out of pocket for the service.
– Disaster Relief. We may disclose your PHI to disaster relief organizations to coordinate your care, or to notify family and friends of your location or condition in a disaster.
Uses and Disclosures That Require Your Written Authorization
Other uses and disclosures of PHI not covered by this Notice or the laws that apply to us will be made only with your written authorization. This includes most uses and disclosures of psychotherapy notes, uses and disclosures of PHI for marketing purposes, and disclosures that constitute a sale of your PHI. If you give us an authorization, you may revoke it at any time by submitting a written revocation to our Privacy Officer.
Your Rights Regarding Your PHI
– Right to Inspect and Copy. You have the right to inspect, receive, and copy PHI that may be used to make decisions about your care or payment for your care. We have up to 30 days to make your PHI available to you and we may charge a reasonable fee for the costs of copying, mailing, or other supplies associated with your request.
– Right to Electronic Copy of Electronic Medical Records. If your PHI is maintained in an electronic format, you have the right to request that an electronic copy of your record be given to you or transmitted to another individual or entity.
– Right to Receive Notice of a Breach. You have the right to be notified upon a breach of any of your unsecured PHI.
– Right to Request Amendments. If you feel that the PHI we have is incorrect or incomplete, you may ask us to amend the information.
– Right to an Accounting of Disclosures. You have the right to ask for a list of the disclosures we made of your PHI. The first accounting within any 12-month period will be free.
– Right to Request Restrictions. You have the right to request a restriction or limitation on the PHI we use or disclose about you for treatment, payment, or health care operations.
– Right to Request Confidential Communications. You have the right to request that we communicate with you only in certain ways to preserve your privacy.
Telehealth Services and Privacy
Riverhead Wellness MD provides telehealth services via Optimantra, a HIPAA-compliant platform. A Business Associate Agreement (BAA) is maintained with Optimantra. All telehealth consultations are conducted over encrypted audio-video connections. No unsecured platforms are used for clinical encounters. Your telehealth records are maintained with the same privacy protections as in-person visit records.
Prescription Fulfillment and Pharmacy Partners
Riverhead Wellness MD transmits prescriptions to licensed partner compounding pharmacies for fulfillment, including direct-to-patient mail-order delivery. Your PHI shared with partner pharmacies is limited to the minimum necessary for prescription fulfillment and is governed by Business Associate Agreements. Our current pharmacy partners are MedQuest Pharmacy (Belmar) and Akina Pharmacy. You may request an alternative pharmacy at any time.
Changes to This Notice
We reserve the right to change this Notice. We reserve the right to make the changed Notice effective for PHI we already have as well as for any PHI we create or receive in the future. A copy of our current Notice is posted in our office and on our website at
riverheadwellnessmd.com.
Complaints
If you believe your privacy rights have been violated, you may file a complaint with Riverhead Wellness MD at the address listed at the beginning of this Notice, or with the Secretary of the U.S. Department of Health and Human Services.
Secretary of the U.S. Department of Health and Human Services
200 Independence Avenue, S.W., Washington, D.C. 20201
Phone: (202) 619-0257 or toll-free (877) 696-6775
Website:
www.hhs.gov/ocrYou will not be penalized for filing a complaint.
By using our services, you acknowledge that you have received this Notice of Privacy Practices.
