Effective Date: January 11, 2026
This Notice of Privacy Practices (“Notice”) describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. Questions about this Notice can be directed to Protera Health Medical Group, PC and Protera Health Medical Group of Michigan, PC (together, “Protera Health”) at care@proterahealth.com.
This Notice describes the privacy practices of Protera Health, including its affiliated professional corporations, clinicians, employees, contractors, and other personnel involved in your care or supporting services. These practices apply when we provide care in person, by telehealth or virtual visits, and through our websites, patient portals, mobile applications, and related services.
We are required by federal law (HIPAA) to protect the privacy and security of your PHI. We will:
Below are examples of how we use and share your PHI without your written authorization, as permitted or required by law. Not every use or disclosure is listed, but all that we make will fall within these categories or as otherwise allowed by law.
We use and share your PHI to provide, coordinate, and manage your health care, including in-person and telehealth visits, consultations, follow-up care, referrals, and coordination with other providers. For example, we may share information with your primary care provider, specialists, pharmacies, labs, imaging centers, or other members of your care team. We may contact you about appointments, test results, prescriptions, or treatment options and health-related services that may be of interest to you.
We use and share your PHI to obtain payment for services we provide to you. For example, we may share information with your health plan to determine coverage, obtain prior authorization, receive payment, or bill you or a responsible party.
We use and share your PHI for activities necessary to operate our practice, improve quality, and support our business functions. For example, we may use PHI for quality assessment and improvement, patient safety, credentialing, training, audits, compliance programs, customer service, and other administrative purposes. We may also use de-identified information and limited data sets for health care operations, research, and public health, as permitted by law and under required agreements.
We may communicate with you by phone, mail, email, text message, patient portal, or through our telehealth and mobile applications, consistent with applicable law and your communication preferences.
We may share your PHI with companies or individuals that perform services on our behalf (such as billing, information technology, telehealth platforms, cloud hosting, analytics, or consulting). These business associates must sign written agreements requiring them to protect your PHI and use it only for the services they provide to us.
Where available, we may participate in electronic health information exchanges or similar networks to share your PHI with other health care providers and health plans involved in your care or payment for your care. You may have rights under applicable law to opt out of certain health information exchanges.
We may share your PHI for public health and safety purposes, such as reporting certain diseases or conditions, injuries, births, and deaths; reporting adverse events related to medications or medical devices; reporting suspected abuse, neglect, or domestic violence; and preventing or reducing a serious threat to anyone’s health or safety.
We may share your PHI with government agencies for activities authorized by law, such as audits, inspections, licensure, or investigations. We may also share PHI in response to a court or administrative order, subpoena, discovery request, or other lawful process, and for certain law enforcement purposes when the legal requirements are met.
We may use and share your PHI for research when the research has been approved by an institutional review board or privacy board, or when your information has been de-identified so it no longer identifies you. We may also share a limited data set with certain direct identifiers removed, under a data use agreement, for research, public health, or health care operations.
We may share PHI with organ procurement organizations, transplant centers, coroners, medical examiners, and funeral directors as necessary to carry out their duties, consistent with applicable laws.
We may share PHI for certain specialized government functions, such as military or veterans’ activities, national security, intelligence, or protective services, as permitted by law. We may also share PHI as authorized to comply with workers’ compensation or similar programs that provide benefits for work-related injuries or illness.
If you are in the custody of a correctional institution or law enforcement official, we may share PHI with the institution or official as necessary for your health and safety, the safety of others, or the operations of the correctional institution.
Unless you object, we may share limited PHI with a family member, friend, or other person you identify who is involved in your care or helps pay for your care, or to notify them of your location, general condition, or death. In an emergency or when you are unable to agree or object, we may share information that we believe is in your best interest, consistent with law.
For uses and disclosures not described in this Notice, we will obtain your written authorization before using or sharing your PHI, unless the use or disclosure is otherwise permitted or required by law.
You may revoke an authorization at any time in writing, except to the extent we have already acted in reliance on it.
In the case of fundraising, we may contact you for fundraising efforts, but you can tell us not to contact you again.
When it comes to your PHI, you have certain rights. These rights may be subject to limits under HIPAA and applicable state law.
You may ask to see or get an electronic or paper copy of your medical and billing records and other PHI we maintain about you. We will provide a copy or summary, usually within 30 days of your written request, and may charge a reasonable, cost-based fee as allowed by law.
If you believe information in your record is incorrect or incomplete, you may ask us in writing to correct or supplement it. We may deny your request in certain circumstances, but if we do, we will tell you why in writing within 60 days and explain your options.
You may ask us to limit how we use or share your PHI for treatment, payment, or health care operations, or with individuals involved in your care or payment. We are not required to agree to most requested restrictions. However, if you pay for a service or health care item out-of-pocket in full, you can ask us not to share that information with your health plan for payment or health care operations. We will honor that request unless a law requires us to share the information.
You may ask us to contact you in a specific way (for example, at a particular mailing address, phone number, or email) or to send mail to a different address. We will accommodate reasonable requests.
You may request a list of certain disclosures we have made of your PHI during a period of up to six years before the date of your request, excluding disclosures made for treatment, payment, health care operations, and certain other disclosures permitted by law. The first list in a 12-month period is free; we may charge a reasonable, cost-based fee for additional lists.
You may request a paper copy of this Notice at any time, even if you agreed to receive it electronically. The current version of this Notice will also be available in our offices and, if applicable, on our website or patient portal.
If you have given someone medical power of attorney or if someone is your legal guardian or otherwise authorized by law to act for you, that person may exercise your rights and make choices about your PHI, subject to verification and applicable law.
You have the right to be notified if we or one of our business associates discovers that your unsecured PHI has been compromised in a way that meets the legal definition of a breach.
Certain types of information may be subject to additional protections under federal or state law, such as information related to reproductive and sexual health, mental health treatment, substance use disorder treatment, HIV/AIDS status, genetic information, or services for minors who may consent to their own care. When these laws are more protective than HIPAA, we will follow the more protective requirements. We may also follow more restrictive state laws that limit disclosure of certain information without your written permission.
We may change our privacy practices and this Notice at any time, as long as the changes comply with applicable law. When we make a material change, the updated Notice will apply to all PHI we maintain, including information created or received before the change. We will post the current Notice in our offices and on our website (if applicable), and we will provide copies upon request. The effective date is listed at the top of this Notice.
If you have questions about this Notice, want to exercise your rights, or need help, please contact us at care@proterahealth.com. If you believe your privacy rights have been violated, you may file a complaint with Protera Health using the contact information above, or with the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint. A complaint to the Secretary should be filed within 180 days of the occurrence of the complaint or violation.
You may be asked to sign a separate form acknowledging that you received this Notice. Your treatment with us will not be conditioned on signing the acknowledgment.
