Privacy Policy

Last revised: October 23, 2021

Notice of Privacy Policy

Serif Health is required by law to maintain the privacy of your protected health information. This information consists of all records related to your health, including demographic information, either created by Serif Health or received by Serif Health from other healthcare providers.

We are required to provide you with notice of our legal duties and privacy practices with respect to your protected health information. These legal duties and privacy practices are described in this Notice. Serif Health will abide by the terms of this Notice, or the Notice currently in effect at the time of the use or disclosure of your protected health information.

Serif Health reserves the right to change the terms of this Notice and to make any new provisions effective for all protected health information that we maintain. An individual may obtain a copy of the current Notice at any time.

Uses and Disclosures of Your Protected Health Information Not Requiring Your Consent

Serif Health may use and disclose your protected health information, without your written consent or authorization, for certain treatment, payment and healthcare operations.There are certain restrictions on uses and disclosures of treatment records, which include registration and all other records concerning individuals who are receiving, or who at any time have received services for mental illness, developmental disabilities, alcoholism, or drug dependence. There are also restrictions on disclosing HIV test results.

Treatment may include:

  • Providing, coordinating, or managing healthcare and related services by one or more healthcare providers
  • Consultations between healthcare providers concerning a patient
  • Referrals to other providers for treatment
  • Referrals to nursing homes, foster care homes, or home health agencies

For example, Serif Health may determine that you require the services of a specialist. In referring you to another doctor, Serif Health may share or transfer your healthcare information to that doctor.

Payment activities may include:

  • Activities undertaken by Serif Health to obtain reimbursement for services provided to you
  • Determining your eligibility for benefits or health insurance coverage
  • Managing claims and contacting your insurance company regarding payment
  • Collection activities to obtain payment for services provided to you
  • Reviewing healthcare services and discussing with your insurance company the medical necessity of certain services or procedures, coverage under your health plan, appropriateness of care, or justification of charges
  • Obtaining pre-certification and pre-authorization of services to be provided to you

For example, Serif Health will submit claims to your insurance company on your behalf. This claim identifies you, your diagnosis, and the services provided to you.

Healthcare operations may include:

  • Contacting healthcare providers and patients with information about treatment alternatives
  • Conducting quality assessment and improvement activities
  • Conducting outcomes evaluation and development of clinical guidelines
  • Protocol development, case management, or care coordination
  • Conducting or arranging for medical review, legal services, and auditing functions

For example, Serif Health may use your diagnosis, treatment, and outcome information to measure the quality of the services that we provide, or assess the effectiveness of your treatment when compared to patients in similar situations.

If you pay for your care or treatment completely out of pocket, with no use of any insurance, you may restrict the disclosure of your PHI for payment.

We may not disclose your protected health information to family members or friends who may be involved with your treatment or care without your written permission. Health information may be released without written permission to a parent, guardian, or legal custodian of a child; the guardian of an incompetent adult; the healthcare agent designated in a patient’s healthcare power of attorney or the personal representative or spouse of a deceased patient.

There are additional situations when Serif Health is permitted or required to use or disclose your protected health information without your consent or authorization. Examples include the following:

  • As permitted or required by law. In certain circumstances we may be required to report individual health information to legal authorities, such as law enforcement officials, court officials, or government agencies. For example, we may have to report abuse, neglect, domestic violence or certain physical injuries. We are required to report gunshot wounds or any other wound to law enforcement officials if there is reasonable cause to believe that the wound occurred as a result of a crime. Mental health records may be disclosed to law enforcement authorities for the purpose of reporting an apparent crime on our premises.
  • For public health activities. We may release healthcare records, with the exception of treatment records, to certain government agencies or public health authorities authorized by law, upon receipt of written request from that agency. We are required to report positive HIV test results to the state epidemiologist. We may also disclose HIV test results to other providers or persons when there has been or will be risk of exposure.We are required by law to report suspected child abuse and neglect and suspected abuse of an unborn child, but cannot disclose HIV test results in connection with the reporting or prosecution of alleged abuse or neglect. We may release healthcare records including treatment records and HIV results to the Food and Drug Administration when required by federal law. We may disclose healthcare records except for HIV test results for the purpose of reporting elder abuse or neglect, provided the subject of the abuse or neglect agrees, or if necessary to prevent serious harm. Records may be released for the reporting of domestic violence if necessary to protect the patient or community from imminent and substantial danger.
  • For health oversight activities. We may disclose healthcare records including treatment records in response to a written request by any federal or state governmental agency to perform legally authorized functions, such as management audits, financial audits, program monitoring and evaluation, and facility or individual licensure or certification. HIV test results may not be released to federal or state governmental agencies without written permission except to the state epidemiologist for surveillance investigation or to control communicable diseases.
  • Judicial and Administrative Proceedings. Patient healthcare records, including treatment records and HIV test results, may be disclosed pursuant to a lawful court order. A subpoena signed by a judge is sufficient to permit disclosure of all healthcare records except for HIV test results.
  • For research. Under certain circumstances, and only after a special approval process, we may use and disclose your health information to help conduct research.
  • To avoid a serious threat to health or safety. We may report a patient’s name and other relevant data to the Department of Transportation if it is believed the patient’s vision or physical or mental condition affects the patient’s ability to exercise reasonable or ordinary control over a motor vehicle. Healthcare information, including treatment records and HIV test results, may be disclosed where disclosure is necessary to protect the patient or community from imminent and substantial danger.
  • For workers’ compensation. We may disclose your health information to the extent such records are reasonably related to any injury for which workers’ compensation is claimed.
  • For activities related to death. We may disclose patient healthcare records, except for treatment records, to a coroner or medical examiner for the purpose of completing a medical certificate or investigating a death. HIV test results may be disclosed under certain circumstances.
  • Serif Health will not make any other use or disclosure of your protected health information without your written authorization. You may revoke such authorization at any time, except to the extent that Serif Health has taken action in reliance thereon. Any revocation must be in writing.

Your Rights Regarding Your Protected Health Information

You are permitted to request that restrictions be placed on certain uses or disclosures of your protected health information by Serif Health to carry out treatment, payment, or healthcare operations. You must request such a restriction in writing. We are not required to agree to your request, but if we do agree, we must adhere to the restriction, except when your protected health information is needed in an emergency treatment situation. In this event, information may be disclosed only to healthcare providers treating you. Also, a restriction would not apply where we are required by law to disclose certain healthcare information.

You have the right to review and/or obtain a copy of your healthcare records, with the exception of psychotherapy notes or information compiled for use (or in anticipation for use) in a civil, criminal, or administrative action or proceeding. Serif Health may deny access under other circumstances, in which case you have the right to have such a denial reviewed. We may charge a reasonable fee for copying your records.

You may request that Serif Health send protected health information, including billing information, to you by alternative means or to alternative locations. You may also request that Serif Health not send information to a particular address or location or contact you at a specific location, perhaps your place of employment. This request must be submitted in writing. We will accommodate reasonable requests by you.

You have the right to request that Serif Health amend portions of your healthcare records, as long as such information is maintained by us. You must submit this request in writing, and under certain circumstances the request may be denied.

You may request to receive an accounting of the disclosures of your protected health information made by Serif Health for the six years prior to the date of the request, beginning with disclosures made after August 1, 2020.

You will be notified immediately if we receive information that there has been a breach involving your PHI.

You may request and receive a paper copy of this Notice, if you had previously received or agreed to receive the Notice electronically.

Any person or patient may file a complaint with Serif Health and/or the Secretary of Health and Human Services if they believe their privacy rights have been violated. To file a complaint with Serif Health, please contact the Privacy Officer:

Rafiq Ahmed, Privacy Officer
Serif Health
2261 Market Street #4944
San Francisco, CA 94114

It is the policy of Serif Health that no retaliatory action will be made against any individual who submits or conveys a complaint of suspected or actual non-compliance or violation of the privacy standards.

This notice of privacy practices is effective October 23, 2021.