NOTICE OF PRIVACY PRACTICES
Effective date: September 1, 2013
Latest Revision: October 25, 2024
THIS NOTICE DESCRIBES:
PLEASE REVIEW IT CAREFULLY
Caris Life Sciences® (Caris) has specific duties regarding your medical information. We understand that medical information about you and your health is personal. We are committed to protecting medical information about you.
This notice describes our legal duties, privacy practices and your patient rights as determined by the Health Insurance Portability and Accountability Act (HIPAA) of 1996 as amended from time to time. We follow the terms of this Notice.
We are required by law to:
Caris also has a separate website privacy statement for how we collect and use information about you when you visit our website. This statement can be viewed and printed by visiting the following link: https://www.carislifesciences.com/website-privacy/
HOW CARIS MAY USE AND DISCLOSE YOUR HEALTH INFORMATION
We use your Protected Health Information (PHI) for treatment, payment, or healthcare operations purposes and for other purposes permitted or required by law. Not every use or disclosure is listed in this Notice, but all of our uses or disclosures of your health information will fall into one of the categories listed below.
For Treatment: Caris may provide medical test information about you to your personal physician. We may disclose medical information about you to the appropriate doctors, nurses and health care personnel who you have authorized.
For Payment: Caris may use and disclose medical information about you so that the treatment and services you receive may be billed to and payment may be collected from you, an insurance company, or a third party. For example, we may send a claim to an insurance company that identifies you and the procedures you received from us. Your diagnosis may also be disclosed.
For Health Care Operations: Caris may use and disclose medical information about you for operational reasons. These uses and disclosures are necessary for us to make sure that all of our patients receive quality care. For example, we may use medical information to review the quality of our services and to evaluate the performance of our staff.
Business Associates: We may provide your PHI to other companies or individuals to assist us in providing specific services requiring the use and disclosure of PHI. These other entities, known as “business associates,” are required to maintain the privacy and security of PHI. Our business associates must only use your health information for the services they perform on our behalf. For example, we may provide information to companies that assist us with billing of our services. We may also use an outside collection agency to obtain payment when necessary. As of February 17, 2010, business associates have independent HIPAA compliance obligations.
Caris may also use or disclose your medical information without your authorization or providing you the opportunity to agree or object in the following situations:
To Avert a Serious Threat to Health or Safety: We may use and disclose medical information about you when necessary to prevent a serious threat to your health and safety or the health and safety of the public or another person. Any disclosure, however, would only be to someone able to help prevent the threat.
To Do Research: We may use and disclose your medical information to do research.
Organ and Tissue Donation: If you are an organ donor, we may release medical information to organizations that handle organ procurement or organ eye or tissue transplantation or to an organ donation bank, as necessary to facilitate organ or tissue donation and transplantation.
Government Functions: Caris may disclose your health information to protect public officials as directed by law or as required by military command authorities.
Workers’ Compensation: Caris may release medical information about you for workers’ compensation or similar programs.
To Family, Friends, or Others: Caris may release medical information about you to family, friends, or others involved in your care or the payment of your care with your authorization.
Decedents: Caris may release medical information to a coroner, medical examiner, or funeral director as necessary to carry out their duties.
Health Oversight Activities: Caris may disclose medical information to a health oversight agency for activities authorized by law. These oversight activities may include audits, investigations, inspections, licensure and disciplinary actions. We may also share information about you if state or federal laws require it, including with the Department of Health and Human Services if it wants to see that we’re complying with federal privacy law.
Disaster Relief: Caris may release medical information in a disaster relief situation.
National Security: Caris may release medical information for national security purposes.
OTHER USES OF MEDICAL INFORMATION
Other uses and disclosures of medical information not covered by this notice or the laws that apply to us will be made only with your written permission. If you provide us permission to use or disclose medical information about you, you may revoke that permission, in writing, at any time. If you revoke your permission, we will no longer use or disclose medical information about you for the reasons covered by your written authorization. You understand that we are unable to take back any disclosures we have already made with your permission, and that we are required to retain our records of the care that we provided to you.
Marketing: We may provide information to you regarding treatment alternatives or other health-related benefits that may be of interest to you, but we must abide by strict limitations on third-party funding for such communications. Your written authorization will typically be required for most uses and disclosures for marketing.
Sale of PHI: We are prohibited from selling your PHI without your prior authorization.
YOUR RIGHTS REGARDING MEDICAL INFORMATION ABOUT YOU
You have the following rights regarding medical information we maintain about you:
Right to Request Restrictions: You have the right to request a restriction or limitation on the medical information we use or disclose about you for treatment, payment, or health operations. We are not required to agree to your request, and we may say “no” if it would be harmful or compromise your care.
If you pay for a service out-of-pocket in fully, you can ask us not to share that information that information for the purpose of payment or our operations with your health insurer. We will say “yes” unless a law requires us to share that information.
We are required to notify you if we fail to approve a restriction request.
Right to Request Confidential Communications: You have the right to request that we communicate with you about medical matters in a certain way or at a certain location.
Right to Receive Your Medical Information: You have the right to receive a copy of certain PHI that we have created, including test result reports and billing records. You may request a paper copy of your PHI or an electronic copy of your PHI that we maintain electronically, and you may also request that we transmit the information to you or to another individual or third party. We may charge you a reasonable, cost-based fee for providing these copies.
Right to Amend: If you feel that medical information, we have about you is incorrect or incomplete, you may ask us to amend the information.
Right to Accounting of Disclosures: You have the right to request a list of the disclosures we have made of medical information about you in the past six years from the date of your written request. We will include all the disclosures except for those about treatment, payment, and healthcare operations and certain other disclosures (such as any you asked us to make). We will provide one accounting a year for free but we may charge a reasonable, cost-based fee if you ask for another one within 12 months.
Right to a Paper Copy of This Notice: We will provide a paper copy of this notice upon request, even if you have agreed to receive a copy of this Notice electronically.
Right to an Electronic Copy of this Notice. We will provide an electronic copy of this notice upon request.
Right to Receive Notice in the Event of a Breach: In the event of a breach of your PHI, you have the right to be notified of the breach and to be provided, to the extent available, with a description of the breach, a description of the types of information involved in the breach, the steps you should take to protect yourself from potential harm, a brief description of what we are doing to investigate the breach, mitigate harm, and prevent further breaches, as well as contact information for questions or concerns regarding the breach.
WE RESERVE THE RIGHT TO CHANGE THIS NOTICE
We reserve the right to make the revised or changed notice effective for medical information we already have about you as well as any information we receive in the future. We will post a copy of the current Notice on our website and will update the effective date accordingly.
In the event of changes to our privacy practices, we will amend this Notice. We will post a copy of the current Notice on our website and will update the effective date accordingly.
COMPLAINTS
If you believe your privacy rights have been violated, you may file a complaint with Caris or with the Secretary of the Department of Health and Human Services, Office for Civil Rights. You will not be penalized for filing a complaint. Documentation relating to this Notice of Privacy Practices will be retained for six years from the date of creation or the last effective date, whichever is later.
CONTACT INFORMATION
If you have any questions or complaints, please contact:
Corporate Compliance Officer
750 West John Carpenter Freeway, Suite 800
Irving, TX 75039
(866) 771-8946 toll free
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checkbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |