|State of New York||Rev. 133C579|
Version Date: April 24, 2023
GATHERING, USE AND DISCLOSURE OF NON-PERSONALLY-IDENTIFYING INFORMATION
Users of the Website Generally
“Non-Personally-Identifying Information” is information that, without the aid of additional information, cannot be directly associated with a specific person. “Personally-Identifying Information,” by contrast, is information such as a name or email address that, without more, can be directly associated with a specific person. Like most website operators, Medical Group gathers from users of the Website Non-Personally-Identifying Information of the sort that Web browsers, depending on their settings, may make available. That information includes the user’s Internet Protocol (IP) address, operating system, browser type and the locations of the websites the user views right before arriving at, while navigating and immediately after leaving the Website. Although such information is not Personally-Identifying Information, it may be possible for Medical Group to determine from an IP address a user’s Internet service provider and the geographic location of the visitor’s point of connectivity as well as other statistical usage data. Medical Group analyzes Non-Personally-Identifying Information gathered from users of the Website to help Medical Group better understand how the Website is being used. By identifying patterns and trends in usage, Medical Group is able to better design the Website to improve users’ experiences, both in terms of content and ease of use. From time to time, Medical Group may also release the Non-Personally-Identifying Information gathered from Website users in the aggregate, such as by publishing a report on trends in the usage of the Website.
A “Web Beacon” is an object that is embedded in a web page or email that is usually invisible to the user and allows website operators to check whether a user has viewed a particular web page or an email. Medical Group may use Web Beacons on the Website and in emails to count users who have visited particular pages, viewed emails and to deliver co-branded services. Web Beacons are not used to access users’ Personally-Identifying Information. They are a technique Medical Group may use to compile aggregated statistics about Website usage. Web Beacons collect only a limited set of information, including a Web Cookie number, time and date of a page or email view and a description of the page or email on which the Web Beacon resides. You may not decline Web Beacons. However, they can be rendered ineffective by declining all Web Cookies or modifying your browser setting to notify you each time a Web Cookie is tendered, permitting you to accept or decline Web Cookies on an individual basis.
We may use third-party vendors, including Google, who use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize and serve ads based on your past activity on the Website, including Google Analytics for Display Advertising. The information collected may be used to, among other things, analyze and track data, determine the popularity of certain content and better understand online activity. If you do not want any information to be collected and used by Google Analytics, you can install an opt-out in your web browser (https://tools.google.com/dlpage/gaoptout/) and/or opt out from Google Analytics for Display Advertising or the Google Display Network by using Google’s Ads Settings (www.google.com/settings/ads).
Aggregated and Non-Personally-Identifying Information
We may share aggregated and Non-Personally Identifying Information we collect under any of the above circumstances. We may also share it with third parties and our affiliate companies to develop and deliver targeted advertising on the Website and on websites of third parties. We may combine Non-Personally Identifying Information we collect with additional Non-Personally Identifying Information collected from other sources. We also may share aggregated information with third parties, including advisors, advertisers and investors, for the purpose of conducting general business analysis. For example, we may tell our advertisers the number of visitors to the Website and the most popular features or services accessed. This information does not contain any Personally-Identifying Information and may be used to develop website content and services that we hope you and other users will find of interest and to target content and advertising.
We may provide you the option to connect your account on the Website to your account on some social networking sites for the purpose of logging in, uploading information or enabling certain features on the Website. When logging in using your social network credentials, we may collect the Personally-Identifying Information you have made publicly available on the social networking site, such as your name, profile picture, cover photo, username, gender, friends network, age range, locale, friend list and any other information you have made public. By connecting your account on the Website to your account on any social networking site, you hereby consent to the continuous release of information about you to us. We will not send any of your account information to the connected social networking site without first disclosing that to you. We will never send Protected Health Information (PHI) to a social networking site, however the social networking site will record the fact that you visited our site, and we do not have control over how that information will be used. Each social network may further allow you to set privacy controls around your information on their system, and our collection of information will always follow such controls and permissions. This feature is subject to continuous change and improvement by us and each social networking site involved, and therefore the available features and shared information are subject to change without notice to you. You always have the option of not using your social network login to access our site, and can instead register directly with our site.
We may use hyperlinks on the Website which will redirect you to a social network if you click on the respective links. However, when you click on a social plug-in, such as Facebook’s “Like” button, Twitter’s “tweet” button or the Google+, that particular social network’s plugin will be activated and your browser will directly connect to that provider’s servers. If you do not use these buttons, none of your data will be sent to the respective social network’s plugin provider. So for example, when you click on the Facebook’s “Like” button on the Website, Facebook will receive your IP address, as well as the browser version, screen resolution, and operating system of the device you have used to access the Website. Settings regarding privacy protection can be found on the websites of these social networks and are not within our control.
COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION
As defined above, Personally-Identifying Information is information that can be directly associated with a specific person. Medical Group may collect a range of Personally-Identifying Information from and about Website users. Much of the Personally-Identifying Information collected by Medical Group about users is information provided by users themselves when (1) registering for our service, (2) logging in with social network credentials, (3) participating in surveys or other features of our service, or responding to offers or advertisements, (4) communicating with us, (5) signing up to receive newsletters. That information may include each user’s name, address, email address and telephone number, and, if you transact business with us, financial information such as your payment method (valid credit card number, type, expiration date or other financial information). We also may request information about your gender, age, date of birth, username, and other demographic or relevant information as determined by Medical Group from time to time. Users of the Website are under no obligation to provide Medical Group with Personally-Identifying Information of any kind, with the caveat that a user’s refusal to do so may prevent the user from using certain Website features.
BY REGISTERING WITH OR USING THE WEBSITE, YOU CONSENT TO THE USE AND DISCLOSURE OF YOUR PERSONALLY-IDENTIFYING INFORMATION AS DESCRIBED IN THIS “COLLECTION, USE AND DISCLOSURE OF PERSONALLY-IDENTIFYING INFORMATION” SECTION.
Communications with Medical Group
We will use your email address to send you various notifications, including but not limited to notification that a secure message is waiting for you in the Website, or other non-medically related account notifications. We may also send emails asking about a visit you did not complete, or asking for feedback about your experience using our service. We may occasionally use your name and email address to send you notifications regarding new services offered by the Website that we think you may find valuable. We may also send you service-related announcements from time to time through the general operation of the service. Emails we send may contain information including but not limited to your name, email address, medical record number, status of your prescription(s), and the date of service. Generally, you may not opt out of such emails at the time of registration or through your account settings, as they are essential to provide medical care safely and efficiently. We reserve the right to send you notices about your account, such as service announcements and administrative messages. We may share your email and name with third party email platforms that assist us in sending you emails.
When you create an account on the Website, you are asked to provide an email address. If you give us an incorrect email address, we will unknowingly send an email to that incorrect address, which may contain Personally-Identifying Information.
We will use your telephone number to call you with any questions, leave voice messages, and in certain cases ask if the condition you were treated for is improving, or ask for feedback on your experience using our service. We will also send you text/SMS messages informing you that a prescription is ready or other notifications regarding the progress of your visit. It will be clear that the text/SMS is from Medical Group. No Protected Health Information (PHI) will be sent via email or text/SMS, as these modes of communication are not encrypted. Any emails containing PHI sent to our administrative email addresses will be immediately deleted and notification will be sent to you that your message was deleted. You should only contact the Provider directly using the secure messaging system on the Website.
Medical Group Disclosures
Medical Group will disclose Personally-Identifying Information under the following circumstances:
- Marketing Communications.Unless users opt-out from receiving Medical Group marketing materials upon registration, Medical Group may email users about products and services that Medical Group believes may be of interest to them. If you wish to opt-out of receiving marketing materials from Medical Group, you may do so by following the unsubscribe link in the email communications, by going to your account settings (if applicable) or contacting us using the contact information below.
- Third-Party Service Providers. We may share your Personally-Identifying Information, which may include your name and contact information (including email address) and your Protected Health Information (PHI) with our authorized service providers that perform certain services on our behalf. These services may include but are not limited to filling prescriptions, providing customer service, supporting the Website’s functionality and supporting other features offered through the Website. We may also share your name, contact information and credit card information with our authorized service providers who process credit card payments. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purpose.
How We Use and Disclose Your Protected Health Information (PHI):
Some of the health data the Website collects is protected by the Health Insurance Portability and Accountability Act (HIPAA). State and United States Federal law dictate the rights you have over your PHI. Please refer to the Notice of Privacy Practices for further information on how we use and disclose your PHI. We collect, use, and disclose your PHI to run health care operations and allow our Providers to render safe and effective care, improve our current services, collect payment, and comply with state and US federal regulations. We use multiple safeguards to protect your PHI. The website and all data contained within is encrypted and stored on a secure server, and all data is encrypted while being transmitted. We encrypt data on your device when necessary, however there is always a risk that some of your PHI data could be stored unencrypted on your device. We do take steps to prevent your PHI from being stored unencrypted on your device, but we cannot guarantee that these safeguards will be effective.
Only the minimum necessary Protected Health Information (PHI) will be sent via email or text/SMS, as these modes of communication are not encrypted. The information we send may include your name, date of birth and/or medical record number, date of using our Service, notification that a visit with us was completed and a prescription was sent and/or is ready, and a link to discharge instructions that can only be accessed by logging in to your MDAnywhere.com portal. Information that identifies the condition that was treated or the specific medications prescribed will not be sent. By using the Website, you consent to the transmission of this information to you via these means. Emails or text/SMS messages you send to the Medical Group through MDAnywhere.com staff are also not secure or encrypted, and there is a possibility that other people may gain access to these emails or text/SMS messages and thus any PHI, Personally-Identifying Information, or photos contained within them.
In order to provide treatment and support healthcare operations, we share your PHI with the Providers and certain select organizations that provide us with services, including but not limited to the online prescribing service that allows us to send your prescription electronically to your pharmacy and the pharmacy that will fill your prescription. We may also share your PHI with our staff to help provide you safe, appropriate and efficient care. It is also possible that PHI may be accessible by the staff who maintain the Website (i.e. programmers, technical support staff), which, due to the nature of online medical care, is sometimes necessary.
We share your Personally-Identifying Information and PHI (which includes payment information details), with our payment processor(s), who if you choose, may store your information to make future transactions faster and more convenient for you.
We use a company to help us communicate with you via text/SMS messages, and we will share your telephone number with them. We also share your telephone number with the telecommunication provider we use to communicate with you.
Any information you provide is stored in your medical record, and this applies to visits you have completed, or visits you have started and not completed. This includes any photos. All data is protected.
Rights You Have to Your Protected Health Information (PHI)
Please refer to the Notice of Privacy Practices for further information on your rights to your PHI.
Changing Personally-Identifying Information; Account Termination
COLLECTION AND USE OF INFORMATION BY THIRD PARTIES GENERALLY
We take the security of your Personally-Identifying Information and Protected Health Information (PHI) seriously and use reasonable electronic, personnel and physical measures to protect it from loss, theft, alteration or misuse. However, please be advised that even the best security measures cannot fully eliminate all risks. We cannot guarantee that only authorized persons will view your information. We are not responsible for third-party circumvention of any privacy settings or security measures. If we believe your Personally-Identifying Information or PHI has been improperly disclosed we will notify you by email.
We are dedicated to protect all information on the Website as is necessary. However, you are responsible for maintaining the confidentiality of your Personally-Identifying Information and PHI by keeping your password confidential. You should change your password immediately if you believe someone has gained unauthorized access to it or your account. If you lose control of your account, it is your responsibility to notify us immediately.
The Children's Online Privacy Protection Act ("COPPA") protects the online privacy of children under 13 years of age. We do not provide care to patients under the age of 18, so we do not knowingly collect or maintain Personally-Identifying Information or Protected Health Information (PHI) from anyone under the age of 18. Any person who provides Personally-Identifying Information or PHI through the Website represents to us that he or she is 18 years of age or older. If we learn that Personally-Identifying Information or PHI has been collected from a user under 18 years of age on or through the Website, then we will take the appropriate steps to cause this information to be deleted. If you are the parent or legal guardian of a child under 18 who has become a member of the Website or has otherwise transferred Personally-Identifying Information to the Website, please contact Medical Group using our contact information below to have that child's account terminated and information deleted.
CALIFORNIA PRIVACY RIGHTS
California Civil Code Section 1798.83, also known as the "Shine The Light" law, permits our users who are California residents to request and obtain from us, once a year and free of charge, information about the Personally-Identifying Information (if any) we disclosed to third parties for direct marketing purposes in the preceding calendar year. If applicable, this information would include a list of the categories of the Personally-Identifying Information that was shared and the names and addresses of all third parties with which we shared Personally-Identifying Information in the immediately preceding calendar year. If you are a California resident and would like to make such a request, please submit your request in writing to our privacy officer as listed below.
Most web browsers and some mobile operating systems include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. Because there is not yet a common understanding of how to interpret the DNT signal, the Website currently does not respond to DNT browser signals or mechanisms.
COVID-19 ADDENDUM: MDAnywhere is not a not a publicly available contact tracing or status app and was not created specifically for the COVID-19 response.
Access Medical Associates, PLLC
Attn: Privacy Officer
P.O Box 397
Miller Place, NY 11764
You can also complain to the Office for Civil Rights (OCR).
The OCR office for New York is located at:
Office for Civil Rights
U.S. Department of Education
32 Old Slip, 26th Floor
New York, NY 10005-2500
FAX: 646-428-3843; TDD: 800-877-8339
To file a complaint in Texas:
Submit your complaint electronically via the Online Complaint Form, or print the COMPLAINT FORM (.PDF) and mail it in, or call the Complaint Hotline 1-800-201-9353 and follow the automated prompts to request a complaint form.
Click here for more information on the Texas Medical Board Enforcement Process.
To file a complaint in California:
- Call to have a Complaint Form mailed to you either through the toll-free line (1-800-633-2322) or by calling (916) 263-2424, OR
- Use the On-line Complaint Form, OR
- Download and Print a Complaint Form
We will not retaliate against anyone who files a complaint.
Notice of Privacy Practices
Access Medical Associates, PLLC
Your Information. Your Rights. Our Responsibilities.
This notice describes how medical information about you may be used and disclosed and how you can get access to this information.
Please review it carefully.
When it comes to your health information, you have certain rights.
This section explains your rights and some of our responsibilities to help you.
Get an electronic or paper copy of your medical record
- You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this.
- We will provide a copy or a summary of your health information, usually within 30 days of your We may charge a reasonable, cost-based fee.
Ask us to correct your medical record
- You can ask us to correct health information about you that you think is incorrect or incomplete. Ask us how to do this.
- We may say “no” to your request, but we’ll tell you why in writing within 60 days.
Request confidential communications
- You can ask us to contact you in a specific way (for example, home or office phone) or to send mail to a different address.
- We will say “yes” to all reasonable requests.
Ask us to limit what we use or share
- You can ask us not to use or share certain health information for treatment, payment, or our operations.
- We are not required to agree to your request, and we may say “no” if it would affect your care.
- If you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information for the purpose of payment or our operations with your health insurer.
- We will say “yes” unless a law requires us to share that information.
Get a list of those with whom we’ve shared information
- You can ask for a list (accounting) of the times we’ve shared your health information for six years prior to the date you ask, who we shared it with, and why.
- We will include all the disclosures except for those about treatment, payment, and health care operations, and certain other disclosures (such as any you asked us to make). We’ll provide one accounting a year for free but will charge a reasonable, cost-based fee if you ask for another one within 12 months.
Get a copy of this privacy notice
- You can ask for a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
Choose someone to act for you
- If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your health information.
- We will make sure the person has this authority and can act for you before we take any action.
File a complaint if you feel your rights are violated
- You can complain if you feel we have violated your rights by contacting us using the information on the back page.
- You can file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/.
- We will not retaliate against you for filing a complaint.
For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, talk to us. Tell us what you want us to do, and we will follow your instructions.
In these cases, you have both the right and choice to tell us to:
- Share information with your family, close friends, or others involved in your care
- Share information in a disaster relief situation
- Include your information in a hospital directory
If you are not able to tell us your preference, for example if you are unconscious, we may go ahead and share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.
In these cases we never share your information unless you give us written permission:
- Marketing purposes
- Sale of your information
- Most sharing of psychotherapy notes
In the case of fundraising:
- We may contact you for fundraising efforts, but you can tell us not to contact you again.
Our Uses and Disclosures
How do we typically use or share your health information?
We typically use or share your health information in the following ways.
- We can use your health information and share it with other professionals who are treating you.
Example: A doctor treating you for an injury asks another doctor about your overall health condition.
Run our organization
- We can use and share your health information to run our practice, improve your care, and contact you when necessary.
Example: We use health information about you to manage your treatment and services.
Bill for your services
- We can use and share your health information to bill and get payment from health plans or other entities.
Example: We give information about you to your health insurance plan so it will pay for your services.
How else can we use or share your health information?
We are allowed or required to share your information in other ways – usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes. For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
Help with public health and safety issues
- We can share health information about you for certain situations such as:
- Preventing disease
- Helping with product recalls
- Reporting adverse reactions to medications
- Reporting suspected abuse, neglect, or domestic violence
- Preventing or reducing a serious threat to anyone’s health or safety
- We can use or share your information for health research.
Comply with the law
- We will share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
Respond to organ and tissue donation requests
- We can share health information about you with organ procurement organizations.
Work with a medical examiner or funeral director
- We can share health information with a coroner, medical examiner, or funeral director when an individual dies.
Address workers’ compensation, law enforcement, and other government requests
- We can use or share health information about you:
- For workers’ compensation claims
- For law enforcement purposes or with a law enforcement official
- With health oversight agencies for activities authorized by law
- For special government functions such as military, national security, and presidential protective services
Respond to lawsuits and legal actions
- We can share health information about you in response to a court or administrative order, or in response to a subpoena.
If your state or other laws require greater limits on disclosure of your health information, we will comply with these laws.
- We are required by law to maintain the privacy and security of your protected health information.
- We will let you know promptly if a breach occurs that may have compromised the privacy or security of your information.
- We must follow the duties and privacy practices described in this notice and give you a copy of it.
- We will not use or share your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.
For more information see: www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/noticepp.html.
Changes to the Terms of This Notice
We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request, in our office, and on our web site.
This Notice of Privacy Practices applies to the following organizations:
P.O. Box 397
Miller Place, NY 11764
Access Medical Associates, PLLC
131 Gary Way
Ronkonkoma, NY 11779
Effective date of this notice: 10/31/19
For a complete listing of all of our services, click the button below:
What we proudly are:
MDAnywhere is an affordable, patient centered telemedicine service that provides quick visits and treatment. A modern healthcare alternative. Easy visits, expert care, and low, transparent fees are our top priorities. 100% of the consultations are with board certified physicians and provided without appointments.
The MDAnywhere difference:
MDAnywhere is here for YOU. Our team strives to prescribe the lowest cost options whenever possible and takes great pride in delivering care when it is convenient for you. We offer extended service hours and short response times. We are not a pharmacy. We won't sell you on any medications. We do not sell, deliver, or profit from pharmaceuticals.
The MDAnywhere team provides accessible medical care and extended hours every day! The medical team reviews requests from 7am - 1am EST every day of the year. All medical evaluations are provided by Access Medical Associates, PLLC.
The content displayed on this page is for informational purposes only and is not medical opinion or advice.