BLUE ZONES HEALTH
THIS Notice of Privacy Practices (“NOTICE OF PRIVACY PRACTICES”, “NOTICE”, OR “NOPP”) DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.
In this Notice we use the terms “we”, “us”, and “our” to describe the Blue Zones Health entities listed in Section IV that create, receive, maintain, use, or disclose PHI as HIPAA covered entities or as participants in a legally permitted joint notice, affiliated covered entity, or organized health care arrangement (collectively, “BZH”). For more details, please refer to Section IV of this Notice.
- WHAT IS “PROTECTED HEALTH INFORMATION”?
Your protected health information (“PHI”) is individually identifiable health information, including demographic information, about your past, present, or future physical or mental health or condition, health care services you receive, and past, present, or future payment for your health care. Demographic information means information such as your name, social security number, address, and date of birth. PHI includes demographic and other individually identifiable information when created or received by BZH in connection with your health care, payment for health care, health plan coverage, or related health care operations. Where California law applies, medical information may also include information protected by the California Confidentiality of Medical Information Act (“CMIA”), including certain mental health application information, reproductive or sexual health application information, sensitive-services information, and, where collected with a patient’s medical history, immigration status, or place of birth.
PHI may be in oral, written, or electronic form. Examples of PHI include your medical record, claims record, enrollment or disenrollment information, and communications between you and your health care provider about your care.
If your PHI is de-identified in accordance with HIPAA standards, it is no longer PHI.
If you are a BZH patient or member and also an employee of any BZH company, PHI does not include the health information in your employment records.
- ABOUT OUR RESPONSIBILITY TO PROTECT YOUR PHI
By law, we must
- Maintain the privacy and security of your PHI;
- Tell you about your rights and our legal duties with respect to your PHI;
- Notify you following a breach of your unsecured PHI and, where applicable, a breach involving substance use disorder patient records subject to 42 CFR Part 2;
- Tell you about our privacy practices and follow our notice currently in effect; and
- Comply with HIPAA, CMIA, 42 CFR Part 2 where applicable, and other federal and state health information privacy laws that apply to BZH.
We take these responsibilities seriously and have put in place administrative safeguards (such as security awareness training and policies and procedures), technical safeguards (such as encryption and passwords), and physical safeguards (such as locked areas and requiring badges) to protect your PHI, and we will continue to take appropriate steps to safeguard the privacy of your PHI.
- YOUR RIGHTS REGARDING YOUR PHI
This Section tells you about your rights regarding your PHI and describes how you can exercise these rights.
- Your rights regarding substance use disorder patient records
To the extent BZH has substance use disorder patient records about you that are subject to 42 CFR Part 2, we will not use or disclose those records, or provide testimony based on those records, in civil, criminal, administrative, or legislative investigations or proceedings against you without your written consent or a court order and subpoena, as applicable.
- Your right to access and amend your PHI
Subject to certain exceptions, you have the right to view or get a copy of your PHI that we maintain in a designated record set, such as medical, billing, enrollment, payment, claims, case management, or other records we use to make decisions about you. Subject to certain exceptions, requests must be in writing. We will act on an access request no later than 30 calendar days after we receive it unless a one-time extension of up to 30 additional days is permitted by law and we provide you a written explanation of the delay and the date by which we will complete our response. We may charge you a reasonable, cost-based fee for the copies, summary, or explanation of your PHI.
If we do not have the record you asked for but we know who does, we will tell you who to contact to request it. In limited situations, we may deny some or all of your request to see or receive copies of your records, but if we do, we will tell you why in writing and explain your right, if any, to have our denial reviewed.
If the PHI you request is readily producible in the form and format you request, we will provide it in that form and format. If it is not readily producible in the form and format requested, we will work with you to provide a readable hard copy or another form and format that is mutually agreeable, as required by law.
If you believe there is a mistake in your PHI or that important information is missing, you may request that we correct or add to the record. Requests must be in writing, tell us what corrections or additions you are requesting, and why the corrections or additions should be made. We will act on your amendment request no later than 60 days after we receive it unless a one-time extension of up to 30 additional days is permitted by law and we provide you a written explanation of the delay and the date by which we will complete our response. If we approve your request, we will make the correction or addition to your PHI. If we deny your request, we will tell you why and explain your right to file a written statement of disagreement. Your statement must be limited to 250 words for each item in your record that you believe is incorrect or incomplete. You must clearly tell us in writing if you want us to include your statement in future disclosures we make of that part of your record. We may include a summary instead of your statement.
We will not charge you a fee to request an amendment. If we accept an amendment, we will make reasonable efforts to inform persons you identify, and persons we know have received and may have relied on the information, as required by law.
Please submit all written requests to BZH to:
Blue Zones Health
ATTN: Compliance
3746 Foothill Boulevard #1183
Glendale, CA 91214
Or please call Member Services 833-LIV-BLUE (833-548-2583), TTY 711.
- Your right to choose how we send PHI to you or someone else
You may ask us to send your PHI to you at a different address (for example, your work address) or by different means (for example, fax instead of regular mail).
If your PHI is stored electronically, you may request a copy of the records in an electronic format offered by BZH. You may also make a specific written request to BZH to transmit a copy of your PHI to a designated third party. We may charge a reasonable, cost-based fee.
A request to send your PHI to a designated third party must be in writing, signed by you or your personal representative, and clearly identify the designated recipient and where the PHI should be sent, unless a different process is permitted by law.
- Your right to receive confidential communications
You have the right to request that we communicate with you about health matters at an alternative mailing address, email address, or telephone number.
You may provide us with an alternative address so that we may direct communications regarding your receipt of sensitive services (health care services related to mental or behavioral health, sexual and reproductive health, sexually transmitted infections, substance use disorder, gender affirming care, and intimate partner violence) directly to you. If you do not designate an alternative address, we will send all communication related to your receipt of sensitive services in your name at the address or telephone number on file.
Communications subject to this paragraph shall include the following written, verbal, or electronic communications:
- Bills and attempts to collect payment;
- A notice of adverse benefits determinations;
- An explanation of benefits notice;
- A health insurer’s request for additional information regarding a claim;
- A notice of a contested claim;
- The name and address of a provider, description of services provided, and other information related to a visit; or
- Any written, oral, or electronic communication from a health insurer that contains protected health information.
Where California law applies, you may request confidential communications at a specific mailing address, email address, or telephone number, or in another readily producible form and format. We will implement a confidential communications request within 7 calendar days after receiving an electronic or telephone request, or within 14 calendar days after receiving a request by first-class mail. Your request remains valid until you revoke it or submit a new confidential communications request. The request applies to all communications that disclose medical information or the provider name and address related to your receipt of medical services. We will not disclose medical information related to sensitive health care services to patients or the policyholder, primary subscriber, or other plan enrollees unless the protected individual expressly authorizes the disclosure in writing or the disclosure is otherwise permitted or required by law. If you contact us about the status of a confidential communications request, we will acknowledge receipt and advise you of the status of implementation. BZH will not condition enrollment or coverage on a waiver of confidential-communications rights.
To request confidential communications, please contact Member Services at 833-LIV-BLUE (833-548-2583), TTY 711 for a copy of the Confidential Communications Request form.
- Your right to an accounting of disclosures of PHI
You may ask us for a list of our disclosures of your PHI for the six years before the date of your request, or a shorter period that you request. Please contact Member Services at 833-LIV-BLUE (833-548-2583), TTY 711 for a copy of the Accounting of Disclosures form.
You are entitled to one disclosure accounting in any 12-month period at no charge. If you request any additional accountings less than 12 months later, we may charge a fee.
An accounting does not include certain disclosures, for example, disclosures:
- To carry out treatment, payment, and health care operations;
- For which BZH had a signed authorization;
- Of your PHI to you;
- For notifications for disaster relief purposes;
- To persons involved in your care and persons acting on your behalf; or
- Not covered by the right to an accounting.
- Your right to request limits on uses and disclosures of your PHI
You may request that we limit our uses and disclosures of your PHI for treatment, payment, and health care operations purposes. We will review and consider your request.
Please contact Member Services at 833-LIV-BLUE (833-548-2583), TTY 711 for more information.
We are not required to agree to your request, except to the extent that you request a restriction on disclosures to a health plan or insurer for payment or health care operations purposes and the items or services have been paid for out of pocket in full. This required restriction generally applies to provider disclosures to a health plan for payment or health care operations and does not prevent uses or disclosures for treatment, disclosures required by law, or other disclosures permitted by HIPAA and applicable state law. For requests to restrict your PHI for payment or health care operations purposes, please request the restriction prior to receiving services at the BZH clinic where you receive your care.
You can ask us not to use or share certain health information for treatment, payment, or our operations. We are not required to agree to your request, and we may say ‘no’ if it would affect your care. We will consider all submitted requests and, if we deny your request, we will notify you in writing.
If we agree to a restriction, we will comply with it except as permitted or required by law, including in an emergency.
- Your right to receive a paper copy of this Notice
You also have a right to receive a paper copy of this Notice upon request. Please contact Member Services at 833-LIV-BLUE (833-548-2583), TTY 711 for more information.
- BLUE ZONES HEALTH COMPANIES SUBJECT TO THIS NOTICE
This joint Notice applies to the following and other applicable BZH entities when they create, receive, maintain, use, or disclose PHI as HIPAA covered entities or as participants in a legally permitted joint notice, affiliated covered entity, or organized health care arrangement:
- BZ Health Network of California, Inc.;
- BZ Health of California, P.C.;
- BZ Health – Marina, Inc.;
- BZ Health – Santa Monica, Inc.; and
- BZ Health Centers of California, P.C.
These entities may share PHI with each other for treatment, payment, health care operations, and other purposes permitted by this Notice and applicable law. This Notice does not apply to BZH entities, products, services, employee records, or non-HIPAA activities that are not covered by this Notice, except as otherwise required by applicable law or another privacy notice.
Our health care delivery sites include clinics, Member Services call center, and our member and patient Websites and mobile applications, if applicable.
To provide you with the health care you expect, to treat you, to pay for your care, and to conduct our operations, such as quality assurance, accreditation, licensing, and compliance, these BZH companies share your PHI with each other.
Our personnel may have access to your PHI either as employees, physicians, professional staff members, and others authorized to enter information in a BZH medical record, volunteers, or persons working with us in other capacities.
- HOW WE MAY USE AND DISCLOSE YOUR PHI
Your confidentiality is important to us. Our physicians, nurses, and other health care personnel and employees are required to maintain the confidentiality of the PHI of our members and patients, and we have policies and procedures and other safeguards to help protect your PHI from improper use and disclosure. Sometimes we are allowed by law to use and disclose certain PHI without your written permission. We briefly describe these uses and disclosures below and give you some examples.
How much PHI is used or disclosed without your written permission will vary depending, for example, on the intended purpose of the use or disclosure. Sometimes we may only need to use or disclose a limited amount of PHI, such as to send you an appointment reminder or to confirm that you are a health plan member. At other times, we may need to use or disclose more PHI such as when we are providing medical treatment.
- Treatment: This is the most important use and disclosure of your PHI. For example, our physicians, nurses, and other health care personnel involved in your care use and disclose your PHI to diagnose your condition and evaluate your health care needs. Our personnel will use and disclose your PHI in order to provide and coordinate the care and services you need: for example, prescriptions, X-rays, and lab work. If you need care from health care providers who are not part of BZH, such as community resources to assist with your health care needs at home, we may disclose your PHI to them.
- Payment: Your PHI may be needed to determine our responsibility to pay for, or to permit us to bill and collect payment for, treatment and health-related services that you receive. For example, we may have an obligation to pay for health care you receive from an outside provider. When you or the provider sends us the bill for health care services, we use and disclose your PHI to determine how much, if any, of the bill we are responsible for paying.
- Health care operations: We may use and disclose your PHI for certain health care operations—for example, quality assessment and improvement, training and evaluation of health care professionals, licensing, accreditation, and determining premiums and other costs of providing health care.
- Business associates: We may contract with business associates to perform certain functions or activities on our behalf, such as payment and health care operations. These business associates must agree to safeguard your PHI, use, or disclose PHI only as permitted by their agreements with us and applicable law, report breaches and security incidents as required, and ensure that subcontractors receiving PHI agree to appropriate protections.
- Appointment reminders: We may use your PHI to contact you about appointments for treatment or other health care you may need, subject to any confidential communications request or communication preference that applies.
- Identity verification: We may photograph you for identification purposes, storing the photo in your medical record. This is for your protection and safety, but you may opt out.
- Health Information Exchange: We may participate in health information exchanges (“HIE”) or similar electronic networks to share PHI with other health care providers, health plans, and participants for treatment, payment, health care operations, and other purposes permitted by law. We will apply applicable consent, authorization, opt-out, segmentation, and confidentiality requirements before exchanging information that is subject to special protections, including certain substance use disorder, mental health, HIV, genetic, reproductive, sexual health, gender-affirming care, and other sensitive-services information. You may contact us using the information in this Notice to learn more about any available choices regarding HIE participation.
- Specific types of PHI: There are stricter requirements for use and disclosure of some types of PHI—for example, mental health and drug and alcohol abuse patient information, HIV tests, and genetic testing information. However, there are still circumstances in which these types of information may be used or disclosed without your authorization.
If BZH maintains or receives substance use disorder patient records that are subject to 42 CFR Part 2, those records are subject to additional federal confidentiality protections. In all cases, we will not use or disclose Part 2 records, or provide testimony about those records, in civil, criminal, administrative, or legislative investigations or proceedings against you without your written consent or a court order and subpoena, as applicable.
- Underwriting: If applicable, we may use and disclose your PHI, to the extent permitted under applicable law, for underwriting purposes, including the determination of benefit eligibility and costs of coverage and to perform other activities. We are prohibited by law, including the Genetic Information Nondiscrimination Act (“GINA”), from using or disclosing genetic information for underwriting purposes. We also exclude from review or disclosure for underwriting purposes race/ethnicity, language, gender identity, sexual orientation, and pronoun data. Your genetic information includes information about your genetic tests, your family members’ genetic tests, and requests for or receipt of genetic services by you or any family members.
- Communications with family and others when you are present: Sometimes a family member or other person involved in your care will be present when we are discussing your PHI with you. If you object, please tell us and we won’t discuss your PHI.
- Communications with family and others when you are not present: There may be times when it is necessary to disclose your PHI to a family member or other person involved in your care because there is an emergency, you are not present, or you lack the decision-making capacity to agree or object. In those instances, we will use our professional judgment to determine if it’s in your best interest to disclose your PHI. If so, we will limit the disclosure to the PHI that is directly relevant to the person’s involvement with your health care. For example, we may allow someone to schedule an appointment for you.
- Disclosure in case of disaster relief: We may disclose your name, city of residence, age, gender, and general condition to a public or private disaster relief organization to assist disaster relief efforts, unless you object at the time.
- Disclosures to personal representatives: In most cases, we will treat your personal representative as we would treat you with respect to your PHI. A personal representative is a person who has authority under applicable law to act on your behalf in making decisions related to your health care, such as an agent named in your advance health care directive or health care power of attorney, or a court-appointed conservator or guardian. If you are deceased, we may treat the executor or administrator of your estate, or another person who has authority under applicable law to act on behalf of you or your estate, as your personal representative. We may ask your personal representative for reasonable proof of identity and authority before using or disclosing your PHI, and we will treat that person as your personal representative only with respect to the PHI that is relevant to the matters on which they are authorized to act. Consistent with federal and California law, where you have the right to control certain of your own health information, for example, an individual who has requested confidential communications for sensitive services, a personal representative’s access to that information may be limited. As permitted by law, we may decline to treat a person as your personal representative if we reasonably believe that you have been or may be subjected to domestic violence, abuse, or neglect by that person, or that treating the person as your personal representative could endanger you, and we determine in the exercise of professional judgment that doing so is not in your best interest.
- Disclosures to parents or guardians as personal representatives of minors: In most cases, we may disclose your minor child’s PHI to you. In some situations, however, we are permitted or even required by law to deny your access to your minor child’s PHI. Examples may include records related to services for which a minor may consent under applicable law, such as certain communicable disease, sexual and reproductive health, sexual assault, substance use disorder, outpatient mental health, gender-affirming care, or intimate partner violence-related services, as well as situations involving emancipated minors or minors otherwise authorized to make their own health care decisions. We will follow applicable federal and state law when determining whether a parent, guardian, or other representative may access a minor’s PHI.
- Research: BZH may engage in research. Research of all kinds may involve the use or disclosure of your PHI. Your PHI can generally be used or disclosed for research without your permission if an Institutional Review Board (“IRB”) or Privacy Board approves such use or disclosure or if another HIPAA research pathway applies, such as reviews preparatory to research, research on decedents’ information, use of a limited data set with a data use agreement, or use of de-identified information. In other cases, we will obtain your written authorization when required by law. An IRB is a committee that is responsible, under federal law, for reviewing and approving human subjects research to protect the safety of the participants and the confidentiality of PHI.
- Organ donation: We may use or disclose PHI to organ-procurement organizations to assist with organ, eye, or other tissue donations.
- Public health activities: Public health activities cover many functions performed or authorized by government agencies to promote and protect the public’s health and may require us to disclose your PHI.
- For example, we may disclose your PHI as part of our obligation to report to public health authorities certain diseases, injuries, conditions, and vital events such as births. We will apply special federal and state confidentiality rules when public-health reporting involves sensitive services, Part 2 records, HIV information, genetic information, reproductive or sexual health information, gender-affirming care information, or other specially protected information.
- The Food and Drug Administration (“FDA”) is responsible for tracking and monitoring certain medical products, such as pacemakers and hip replacements, to identify product problems and failures and injuries they may have caused. If you have received one of these products, we may use and disclose your PHI to the FDA or other authorized persons or organizations, such as the maker of the product.
- We may use and disclose your PHI as necessary to comply with federal and state laws that govern workplace safety.
- Health oversight: As health care providers and a health plan, we are subject to oversight conducted by federal and state agencies. These agencies may conduct audits of our operations and activities and in that process, they may review your PHI.
- Disclosures to your employer or your employee organization: If applicable, we may share certain PHI with your employer, employee organization, or group health plan sponsor without your authorization only when allowed by law and applicable plan documents. For example, we may disclose limited enrollment, disenrollment, eligibility, or premium-payment information, or information needed for workers’ compensation or legally required purposes. If a group health plan sponsor receives PHI for plan administration, the plan sponsor must agree to required safeguards and may not use or disclose the information for employment-related actions or decisions or for other benefits not connected to the group health plan, except as permitted by law. For other purposes, such as inquiries by your employer or employee organization on your behalf, we will obtain your authorization when necessary under applicable law.
- Workers’ compensation: We may use and disclose your PHI in order to comply with workers’ compensation laws. For example, we may communicate your medical information regarding a work-related injury or illness to claims administrators, insurance carriers, and others responsible for evaluating your claim for workers’ compensation benefits.
- Military activity and national security: We may sometimes use or disclose the PHI of armed forces personnel to the applicable military authorities when they believe it is necessary to properly carry out military missions. We may also disclose your PHI to authorized federal officials as necessary for national security and intelligence activities or for protection of the president and other government officials and dignitaries.
- Required by law: In some circumstances federal or state law requires that we disclose your PHI to others. For example, the secretary of the Department of Health and Human Services may review our compliance efforts, which may include seeing your PHI. When a law, subpoena, warrant, court order, administrative request, law-enforcement request, or other legal process seeks PHI, BZH will review the request and will disclose PHI only as permitted or required by HIPAA, CMIA, 42 CFR Part 2 where applicable, and other federal and state laws. We will apply any special protections that apply to sensitive services, reproductive or sexual health information, gender-affirming care information, mental health information, substance use disorder information, HIV information, genetic information, and information protected from disclosure for immigration-enforcement or out-of-state/foreign penal civil action purposes.
- Lawsuits and other legal disputes: We may use and disclose PHI in responding to a court or administrative order, a subpoena, or a discovery request. We may also use and disclose PHI to the extent permitted by law without your authorization, for example, to defend a lawsuit or arbitration, subject to applicable limits and procedural protections under HIPAA, CMIA, 42 CFR Part 2 where applicable, and other federal and state laws.
- Law enforcement: We may disclose PHI to authorized officials for law enforcement purposes, for example, to respond to a search warrant, report a crime on our premises, or help identify or locate someone, but only as permitted or required by applicable law and subject to any special protections for sensitive services, Part 2 records, reproductive or sexual health information, immigration-enforcement requests, and other specially protected information.
- Serious threat to health or safety: We may use and disclose your PHI if we believe it is necessary to avoid a serious threat to your health or safety or to someone else’s.
- Abuse or neglect: By law, we may disclose PHI to the appropriate authority to report suspected child abuse or neglect or to identify suspected victims of abuse, neglect, or domestic violence, subject to applicable federal and state requirements, including any requirements to inform the individual or protect the individual from further harm when required by law.
- Coroners and funeral directors: We may disclose PHI to a coroner or medical examiner to permit identification of a body, determine cause of death, or for other official duties. We may also disclose PHI to funeral directors.
- Inmates: Under the federal law that requires us to give you this Notice, inmates do not have the same rights to control their PHI as other individuals. If you are an inmate of a correctional institution or in the custody of a law enforcement official, we may disclose your PHI to the correctional institution or the law enforcement official for certain purposes, for example, to protect your health or safety or someone else’s.
- De-Identification: We or a business associate with whom we have contracted may use PHI to de-identify it in accordance with HIPAA standards and may further disclose the de-identified data to third parties in connection with BZH operations. We will not attempt to re-identify information that has been de-identified except as permitted by law, and we will require business associates and recipients to comply with applicable de-identification, data-use, and confidentiality obligations.
- ALL OTHER USES AND DISCLOSURES OF YOUR PHI REQUIRE YOUR PRIOR WRITTEN AUTHORIZATION
Except for those uses and disclosures described above, we will not use or disclose your PHI without your written authorization. Some instances in which we may request your authorization for use or disclosure of PHI are:
- Marketing: We may ask for your authorization in order to provide information about products and services that you may be interested in purchasing or using. If a marketing communication requires authorization because BZH receives financial remuneration from a third party, the authorization will state that remuneration is involved. Note that marketing communications do not include our contacting you with information about treatment alternatives, prescription drugs you are taking, or health-related products or services that we offer or that are available only to our patients or members. Marketing also does not include any face-to-face discussions you may have with your providers about products or services.
- Sale of PHI: We may only sell your PHI if we received your prior written authorization to do so, and the authorization will state that BZH will receive remuneration, unless an exception applies under HIPAA or other applicable law.
- Psychotherapy Notes: If BZH maintains psychotherapy notes, we will use or disclose them only with your written authorization or as otherwise permitted or required by HIPAA or other applicable law. Federal privacy law defines “psychotherapy notes” specifically to mean notes recorded by a mental health professional documenting or analyzing the contents of counseling sessions, maintained separately from the rest of the medical record. Psychotherapy notes do not include medication prescription and monitoring information, counseling session start and stop times, treatment modalities and frequencies, clinical test results, diagnosis, functional status, treatment plan, symptoms, prognosis, or progress notes.
- Substance Use Disorder Patient Records Subject to 42 CFR Part 2:
- Your SUD records, or testimony relaying the content of your SUD records, will not be used or disclosed in any civil, administrative, criminal, or legislative proceedings against you unless we have your specific written consent or a court order accompanied by a subpoena or other similar legal mandate, as applicable.
- Your SUD records will only be used or disclosed based on a court order after notice and an opportunity to be heard is provided to you or the holder of the record.
- A court order authorizing use or disclosure must be accompanied by a subpoena or other similar legal mandate compelling disclosure before your SUD record is used or disclosed.
When your authorization is required and you authorize us to use or disclose your PHI for some purpose, you may revoke that authorization by notifying us in writing at any time. Please note that the revocation will not apply to any authorized use or disclosure of your PHI that took place before we received your revocation. Also, if you gave your authorization to secure a policy of insurance, including health care coverage from us, you may not be permitted to revoke it until the insurer can no longer contest the policy issued to you or a claim under the policy.
BZH will not condition treatment, payment, enrollment, or eligibility for benefits on whether you sign an authorization, except as permitted by law. Other federal or state laws may require authorization or consent for uses and disclosures of certain specially protected information even when HIPAA would otherwise permit the use or disclosure.
- HOW TO CONTACT US ABOUT THIS NOTICE OR TO COMPLAIN ABOUT OUR PRIVACY PRACTICES
If you have questions about this Notice, need help exercising your rights, or want to file a complaint about our privacy practices, contact:
- Phone: Call Member Services 833-LIV-BLUE (833-548-2583), TTY 711
- Email: The Privacy Officer at compliance@bluezoneshealth.com
- Write:
Blue Zones Health
ATTN: Privacy Officer
3746 Foothill Boulevard #1183
Glendale, CA 91214
You may also file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights. If your complaint involves substance use disorder patient records subject to 42 CFR Part 2, you may file a Part 2 complaint with the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”).
You may contact OCR at:
Office for Civil Rights
U.S. Department of Health and Human Services
200 Independence Avenue, S.W.
Washington, D.C. 20201
Phone: 1-800-368-1019; TDD 1-800-537-7697
Online: File a complaint through the OCR Complaint Portal at https://ocrportal.hhs.gov/ocr/ or learn more at www.hhs.gov/hipaa/filing-a-complaint.
If California law provides additional complaint or regulatory remedies for your coverage or services, you may also use those processes.
We will not retaliate against you for filing a complaint or exercising any privacy right.
- CHANGES TO THIS NOTICE
We may change this Notice and our privacy practices at any time, as long as the change is consistent with applicable state and federal law. Any revised notice will apply both to the PHI we already have about you at the time of the change, and any PHI created or received after the change takes effect. If we make an important change to our privacy practices, we will promptly change this Notice and make the new notice available on our Web site at https://bluezoneshealth.com/nopp. Where required by HIPAA, CMIA, or other applicable law, BZH will distribute the revised Notice, post it on applicable websites, make it available at service-delivery sites, and provide copies upon request. For health plan functions, BZH will provide revised notices or information about material changes as required by HIPAA. For provider functions with direct treatment relationships, BZH will make the Notice available as required by HIPAA and will make a good-faith effort to obtain acknowledgement of receipt when required. Except for changes required by law, we will not implement an important change to our privacy practices before we revise this Notice.
- EFFECTIVE DATE OF THIS NOTICE
This Notice is effective on February 1, 2026.
We take our responsibility to protect the health information of all our members and patients seriously and will continue to take appropriate steps to protect that information. Thank you for entrusting your health care to BZH.
Free language assistance services, auxiliary aids and services, and information in alternative formats are available to eligible individuals. If you need help understanding this Notice, need this Notice in another language or format, or need another accommodation, please contact Member Services at 833-LIV-BLUE (833-548-2583), TTY 711.
Si necesita ayuda en su idioma, llame a Servicios para Miembros al 833-LIV-BLUE (833-548-2583), TTY 711.
