Call Now!
Call Now!
Call Now!

NOTICE OF PRIVACY PRACTICES

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Effective Date: October 31, 2025

Covered Entity: Vista Wound Specialists, LLC ("Vista Wound Specialists," "we," "us," or "our")

Primary Location: Oklahoma

This Notice of Privacy Practices ("Notice") explains how we may use and disclose your Protected Health Information (PHI) and describes your rights and our legal duties with respect to PHI under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and applicable state law. Where state law provides stricter protections than HIPAA, we will follow state law.

This Notice applies to PHI related to your medical care and services. It is separate from our website Privacy Policy, which applies to information collected through our website that is not PHI.

1. Your Rights

  • Get an electronic or paper copy of your medical record: You can ask to see or get a copy of your medical record and other health information we have about you, including in an electronic format if readily producible. We will provide a copy or a summary, usually within 30 days of your request, and may charge a reasonable, cost-based fee as permitted by law.
  • Ask us to correct your medical record: If you believe your information is incorrect or incomplete, you may ask us to correct it. We may say “no” to your request, but we’ll tell you why in writing within 60 days.
  • Request confidential communications: You can ask us to contact you in a specific way (for example, by phone at a certain number) or to send mail to a different address. We will accommodate reasonable requests.
  • Ask us to limit what we use or share: You can ask us not to use or share certain PHI for treatment, payment, or health care operations. We are not required to agree, except that we must agree to your request not to disclose information about a specific service to your health plan if you pay for that service in full, out of pocket, and the disclosure is solely for the health plan’s payment or operations and is not otherwise required by law.
  • Get a list (an accounting) of disclosures: You can ask for an accounting of certain disclosures we made of your PHI for up to six years prior to the date of your request, excluding disclosures for treatment, payment, and health care operations, and certain other disclosures (for example, those you authorized).
  • Get a copy of this Notice: You can ask for a paper copy of this Notice at any time, even if you agreed to receive it electronically. A current version is also available on our website.
  • Choose someone to act for you: If you have given someone medical power of attorney or if someone is your legal guardian/personal representative, that person can exercise your rights and make choices about your health information, to the extent allowed by law.
  • File a complaint if you feel your rights are violated: You can complain to us or to the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.
  • Receive notice of a breach: You have the right to be notified following a breach of unsecured PHI that affects you.

2. Your Choices

For certain PHI, you can tell us your choices about what we share. If you have a clear preference for how we share your information, tell us and we will follow your instructions when the law allows.

  • With family, friends, or others involved in your care or who help pay for your care.
  • For disaster relief or emergency notification efforts.
  • Professional directories/locating you while you are in our care (if applicable).
  • Fundraising communications: If we contact you, you may opt out at any time; opting out will not affect your care.

If you cannot tell us your preference, for example if you are unconscious, we may share your information if we believe it is in your best interest. We may also share your information when needed to lessen a serious and imminent threat to health or safety.

We will never use or share your information for the following purposes unless you give us written authorization:

  • Marketing (except for face-to-face communications and limited prescription refill reminders of nominal value permitted by law)
  • Sale of PHI
  • Most uses of psychotherapy notes (we generally do not maintain psychotherapy notes)

You may revoke your authorization at any time in writing, except to the extent we have already relied on it.

3. Our Uses and Disclosures

We typically use or share your health information in the following ways:

  • Treatment: We can use your PHI and share it with other professionals who are treating you. Example: Sharing information with your primary care provider, a home health agency, a wound-care supplier, or a hospital to coordinate your care.
  • Payment: We can use and share your PHI to bill and get payment from health plans or other entities. Example: Sending information to your health plan to verify coverage or obtain prior authorization for services.
  • Health Care Operations: We can use and share your PHI to run our practice, improve your care, and contact you when necessary. Example: Using PHI for quality improvement, training, licensing, auditing, and business planning.
  • Appointment Reminders & Care Coordination: We may use your information to contact you with appointment reminders, follow-up instructions, or information about treatment alternatives and health-related benefits/services.
  • Business Associates: We may share PHI with third-party vendors who perform services on our behalf (e.g., billing, IT, analytics, secure messaging). They must safeguard PHI and use it only as permitted by law and our contracts.

4. Other Uses and Disclosures Permitted or Required by Law

We are allowed or required to share your information in other ways—usually to contribute to the public good, comply with the law, or support government functions. We must meet many conditions before we share your information for these purposes.

  • Public health and safety: Preventing disease; reporting adverse events; reporting abuse, neglect, or domestic violence; and preventing or reducing a serious threat to health or safety.
  • Health oversight activities: Audits, investigations, inspections, and licensure.
  • Research: Under strict oversight or with your authorization; we may use a limited data set with appropriate agreements or de-identified information that is not PHI.
  • Organ and tissue donation (if applicable).
  • Coroners, medical examiners, and funeral directors.
  • Workers’ compensation, law enforcement, and other government requests: For workers’ compensation claims; for law enforcement purposes; for health and safety regulatory agencies; for specialized government functions such as military and national security.
  • Judicial and administrative proceedings: In response to a court or administrative order, or in response to a subpoena, discovery request, or other lawful process, subject to required safeguards.
  • Inmates or individuals in custody: We may share your information as necessary for your health, the health and safety of others, or for the operation of the correctional institution.
  • Disaster relief: To organizations like the Red Cross to help in a disaster.
  • Incidental disclosures: Limited incidental disclosures may occur despite reasonable safeguards (e.g., calling your name in a waiting room). We minimize these disclosures.

Specially Protected Information: Certain categories of health information may be subject to additional protections under state or federal law (for example, HIV test results, genetic testing, certain mental health information, reproductive health, substance use disorder treatment records under 42 C.F.R. Part 2). Where these laws are more protective, we will follow them and may require your written authorization before disclosure, unless an exception applies. If we do not provide substance use disorder diagnosis, treatment, or referral, 42 C.F.R. Part 2 generally does not apply to us.

Genetic Information: We will not use or disclose genetic information for underwriting purposes.

5. Health Information Exchanges (HIE)

We do not participate in any Health Information Exchange (HIE) as of the Effective Date of this Notice. If our participation changes, we will update this Notice accordingly.

6. Communications by Email or Text (SMS)

We may communicate with you by email or text message for appointment reminders and similar purposes. We avoid including sensitive medical details in unencrypted messages. If you request that we communicate with you by unencrypted email or text after being advised of the risks, we will honor your request to the extent feasible.

Message and data rates may apply; message frequency varies; text STOP to opt out and HELP for help. Carriers are not responsible for delayed or undelivered messages.

7. Our Responsibilities

  • We are required by law to maintain the privacy and security of your PHI and to provide you with this Notice of our legal duties and privacy practices.
  • We will follow the duties and privacy practices described in this Notice and provide you a copy upon request.
  • We will notify you promptly if a breach occurs that may have compromised the privacy or security of your unsecured PHI.
  • We will not use or disclose your information other than as described here unless you tell us we can in writing. If you tell us we can, you may change your mind at any time by letting us know in writing.
  • We will not use or disclose genetic information for underwriting purposes and will not condition treatment on your signing an authorization, except as allowed by law.

8. Changes to This Notice

We may change our privacy practices and this Notice at any time. Changes will apply to all PHI we maintain, including PHI created or received before the changes. When we make material changes, we will update the Effective Date at the top of this Notice and post the updated Notice in our office and on our website. You may request a paper copy at any time.

9. Questions & Complaints

If you have questions about this Notice, want to exercise your rights, or want to file a complaint, contact our Privacy Officer:

You may also file a complaint with the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) at https://www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.

Accessibility & Language Assistance: This Notice is available in alternative formats or languages upon request.