Good Methods Global Inc dba CareStack (CareStack) offers a range of products and services, such as an online service to help you locate dentists and other healthcare providers (“Healthcare Providers”), book appointments with the Healthcare Providers of your choice, and manage and forward certain health-related information that you share with us to your Healthcare Providers (“CareStack Services”). In addition, CareStack works with Healthcare Providers by providing to them practice management software and systems to manage their practices, including patient scheduling, intake, and communications.
In order to provide you with the CareStack Services, we may collect, use, share, and exchange your personal information–including your health-related information–and share it with the Healthcare Providers of your choosing.
Under the Health Insurance Portability and Accountability Act (“HIPAA”), individually identifiable information relating to your past, present, or future health status that is created, collected, transmitted, or maintained by or on behalf of a HIPAA-covered entity (for example, your Healthcare Provider) in relation to the provision of healthcare, payment for healthcare services, or use in healthcare operations is considered “Protected Health Information” or “PHI.”
When CareStack performs certain functions or activities on behalf of Healthcare Providers, CareStack is a “Business Associate” (as defined in HIPAA) of those Healthcare Providers. When CareStack is acting as the Business Associate of your Healthcare Providers, to the extent that your PHI is provided to CareStack, we will handle your PHI in accordance with the applicable HIPAA requirements. This means that CareStack will only use or disclose your PHI as consented to by you or as otherwise permitted under the law.
HIPAA requires HIPAA-covered entities and Business Associates to limit their use and disclosure of PHI. Under certain circumstances, HIPAA allows an individual to consent to things like how their data may be used and for how long, so that entities, like your Healthcare Provider(s), can disclose PHI to a third party.
Your Consent remains in effect until you provide written notice of revocation to CareStack.
YOU CAN CHANGE YOUR MIND AND REVOKE THIS CONSENT AT ANY TIME FOR ANY REASON OR NO REASON AT ALL.
If you wish to revoke this Consent, you must notify CareStack by contacting us at firstname.lastname@example.org. A revocation of this Consent is effective when received by CareStack, but it does not have any effect on CareStack’s actions taken prior to such revocation.
Once CareStack receives your revocation of this Consent, CareStack will only use and disclose your PHI as permitted in CareStack’s agreements with your Healthcare Provider(s) or as otherwise permitted by law. Your revocation of this Consent does not affect CareStack’s use of your Non-PHI.
We will make available to your Healthcare Provider(s), current and past, your agreement to or revocation of this Consent.