We love all of our clients at The Sandbar Beauty Company, and we want to make sure everyone always feels comfortable. That’s why we’ve set a few basic policies to make sure every client experience leaves them wanting to return time and again. Take a quick read. If you have any questions, just get in touch.
The Sandbar Beauty Company, P.L.L.C.
Notice of Privacy Practices
This notice describes how The Sandbar Beauty Company, P.L.L.C. may use and disclose your medical information. It also explains how you can get access to this information. Please review it carefully.
Privacy Practices in Summary
Î Patient Rights. You have the right to:
Get a copy of your paper or electronic medical record.
Correct your paper or electronic medical record.
File a complaint if you believe your privacy rights have been violated.
Ask us to limit the information we share about you.
Get a list of those with whom we’ve shared your information.
Get a copy of this Notice of Privacy Practices.
Request that we use only confidential communication methods with you.
Choose someone to act on your behalf.
Î Patient Choices. You have choices about how we use your information:
If we tell your family or friends about your conditions.
If we provide disaster relief services.
If we sell your information.
If we market our services.
Î Our Uses and Disclosures of Your Information. We may use your information when we conduct these activities:
Help with public health and safety issues.
Bill you or a third party for our services.
Comply with the law.
Address law enforcement.
Respond to lawsuits and legal actions.
Address other government requests.
Perform privacy reviews and audits.
Privacy Practices in Detail
Î Detailed Patient Rights. You have certain rights. This section explains some of your rights and some of our related responsibilities.
Obtain an electronic or paper copy of your medical record.
You may ask us to see or obtain an electronic or paper copy of your medical record and other health information we have about you. Ask us how to do this. Under most circumstances, we will provide you with a copy or a summary of your health information within 30 days of your request. We may charge a reasonable, costbased fee.
Ask us to correct the information in your medical record.
You may ask us to correct health information in your record that you believe is incorrect or incomplete. Ask us how to do this. If we deny your request, we will provide you a written explanation for that denial within 60 days.
Request confidential communications from us.
You may ask us to contact you in a specific way (e.g., cell phone only), or to send mail to a different address (e.g., a friend’s home).
We will comply with all reasonable requests.
Ask us to limit what information we use or share.
You may ask us to refrain from using or sharing certain health information for your treatment, in our operations, or to obtain payment for our services. We are not required to comply with your request, and we may decline your request if we reasonably believe that it would affect your care.
If you pay for our services or a healthcare item in full out-ofpocket, you may ask that we not share that information for the purpose of securing payment or sharing our healthcare operations with your health insurer. We will agree to this request unless a law requires us to share that information.
Request a copy of this Notice of Privacy Practices.
You may request a paper copy of this notice at any time, even if you have agreed to receive the notice electronically. We will provide you with a paper copy promptly.
Request a list of those with whom we have shared information about you.
You may request a list (called an accounting) of the times that we have shared your health information for the six years prior to the date of your request. The accounting will include the recipient and the reason your information was shared.
We will include all disclosures except for those relating to treatment, payment, healthcare operations, and certain other disclosures (e.g., those you asked us to make). We will provide you with one accounting per year at no cost, but we will charge a reasonable, cost-based fee if you request another within 12 months.
Choose someone to act on your behalf.
If you have given someone your medical power of attorney, or if someone is your legal guardian, that person may exercise your rights and make choices about your health information. We will verify that this person has this authority and can act for you before we take any action.
File a complaint if you feel your privacy rights are violated.
You may complain to our Privacy Officer if you believe we violated your rights. You may also file a complaint by sending a letter to:
U.S. Dept. of Health and Human Services
Office for Civil Rights
200 Independence Avenue, S.W. Washington, D.C. 20201
You may also call (877) 696-6675 or visit www.hhs.gov.
We will not retaliate against you for filing a complaint.
Î Detailed Patient Choices. You have some choices about how we use and disclose your information. If you have a clear preference for how we share your information in the situations described below, please discuss that with us so we may respect your wishes.
In these situations, you have a right and a choice to instruct us as to how you’d like us to:
y Share information with your family or others involved in your care. y Share information as we respond to a disaster relief situation.
If you cannot tell us your preference (e.g., if you are incapacitated), we may share your information as we believe is in your best interest. We may share your information when it is necessary to lessen a serious and imminent threat to health or safety.
In other situations, however, we will never share your information unless you provide us with your written permission:
y When we seek to use your information for our marketing purposes. y When we seek to sell your information.
y When we seek to share any patient notes or HIV-related information from your record.
Î Detailed Uses and Disclosures by our Practice. The most common ways we use or share your health information include when we:
We can use your health information and share it with other professionals who are treating you.
Operate our practice.
We can use and share your health information to run our practice, improve your care, and contact you.
Bill for our services.
We can use and share your health information to bill and obtain payment from health plans or other entities.
The less common ways we use or share your health information include when we:
Report suspected abuse, neglect, or domestic violence.
Report adverse medication reactions.
Assist with public health and safety.
Prevent or reduce a serious threat to anyone’s health or safety.
Prevent disease, including COVID-19.
Support government functions such as military, national security, and presidential protective services.
Contribute to the public good or assist with public health and research.
Respond to workers’ compensation claims.
Support health oversight agencies’ activities as authorized by law.
Comply with state or federal laws.
Respond to law enforcement requests.
Assist with product recalls.
Respond to lawsuits and legal actions.
Respond to court or administrative agency orders or subpoenas.
Demonstrate to HHS we are compliant with federal privacy laws.
We must comply with several conditions in the law before we can share your information for these purposes. For more information, see: hhs.gov/ocr/privacy/hipaa/understanding/consumers/index.html.
Detailed Practice Responsibilities.
The law requires us to maintain the privacy and security of your protected health information. We will alert you promptly if a breach occurs that may have compromised the privacy or security of your information.
We must comply with the duties and privacy practices described in this notice, and we must offer you a copy of this document. We will not use or share your information, other than as described here, without your express written permission. If you authorize a use or disclosure of your information, you may revoke that authorization in writing at any time.
For more information, visit HHS’ website at
About This Notice
This notice is effective January 2021. y Our Chief Privacy Officer is Rachel Polazzi. y We can change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available upon request. You can email us at firstname.lastname@example.org.