REQUEST AN APPOINTMENT

706-314-8504

Call

Menu

Rome, GA

314 E 1st Ave
Rome, GA 30161
P: 706-314-8504
F: 706-223-3721
E: admin@shift.physio

Shift Therapy & Wellness

NOTICE of PRIVACY PRACTICES

Schedule Appointment

This Notice Describes How Medical Information About You May Be Used and Disclosed and How You Can Get Access to This Information. Please Review This Document Carefully.

About Protected Health Information (PHI).

In this Notice, “we,” “our,” or “us” means Shift Therapy and Wellness and our workforce of employees, contractors, and volunteers; “you” and “your” refer to each of our patients who are entitled to a copy of this Notice. We are required by federal and state law to protect the privacy of your health information. For example, federal health information privacy regulations require us to protect your information in the manner described in this Notice. Certain types of health information may specifically identify you. Because we must protect this health information, we refer to it as Protected Health Information — also known as “PHI.” In this Notice, we tell you about:

 

  • How we use your PHI
  • When we may disclose your PHI to others
  • Your privacy rights and how to use them
  • Our privacy duties
  • Whom to contact for more information or a complaint

Some of the ways we use (within the organization) or disclose (outside of the
organization) your Protected Health Information

We will use your PHI to provide you with care and treatment. We will use and disclose your PHI to obtain payment for your care and related services. We use or disclose your PHI for certain activities that we refer to as “healthcare operations.” We will also use or disclose your PHI as required or permitted by law. We will provide examples of each of these to help explain them; however, space does not allow for a comprehensive list of all uses or disclosures. If you have any questions, please do not hesitate to contact us.

1. Treatment

We use and disclose your PHI in the course of your treatment. For instance, once we have completed your evaluation, re-evaluation, or Plan of Care, we will send a copy or summary of our report to your referring/attending physician. We also maintain records detailing the care and services you receive at our facility, so that we can accurately and consistently provide the care you need. These records also help us meet specific legal requirements. These records may be used and/or disclosed by members of our workforce to ensure that proper and optimal care is rendered.

2. Payment Involving a Third-Party Payer

After we treat you, we will typically bill a third party for the services you receive. We will collect the treatment information, enter the data into our computer system, and then process the claim either on paper or electronically. The claim form will detail your health problem and the treatments you received. It will include your insurance policy number and other identifying details. If your Social Security number is required, the first five digits will be redacted. The third-party payer may also request a review of your medical records to ensure the services are medically necessary. When we use and disclose your information in this way, it enables us to receive payment for the care and treatment you receive.

3. Payment Exclusive of a Third-Party Payer (fully self-pay)

If you choose to pay for your services in full without involving a third party (such as an insurer or employer), you may request that we not disclose any information regarding those services for payment purposes. You will be provided with a Good Faith Estimate (GFE) for all self-paid visits or treatments, regardless of the reason. Exception: You will not receive a GFE if you are enrolled in Medicare Part A, B, or C, Medicaid, TRICARE, Veterans Affairs, or Indian Health Services.

4. Health Care Operations

We also use and disclose your PHI in our healthcare operations. For example, our therapists meet periodically to study clinical records and monitor the quality of care at our facility. Your records and PHI could be used in these quality assessments. Sometimes, we participate in student internship programs and use the PHI of actual patients to assess their skills and knowledge. Other operational tasks may include business planning and compliance monitoring, as well as investigating and resolving complaints.

5. Special Uses

We also use or disclose your PHI for purposes that involve your relationship with us as a patient. We may use or disclose your PHI to:

  • Update your workers’ compensation case worker or employer (you may not opt out of disclosure if you are a WC patient, if your state does not require your authorization).

You may opt out of any of the conditions below verbally or in writing:

  • Remind you of appointments.
  • Follow up on home programs that you have been taught.
  • Advise you of new or updated services or home supplies.
  • Release equipment and/or supplies to your designee.
  • Conduct follow-ups on your home programs or discharge planning.
  • Advise you on new or updated services or home supplies via telecommunication or via a newsletter.
  • Conduct research that does not directly identify you.
  • Communicate via electronic means at your request or with your authorization. We will only use secure transmission due to the risk of unauthorized access. We highly recommend securing communications involving sensitive information.
  • Conduct marketing functions, including providing nominal promotional gifts.
  • Contact you regarding fundraising projects that we are engaged in.

Note:
If we receive direct or indirect financial remuneration from a third party for marketing a product or item, or for any fundraising we are engaged in, we will advise you in advance and offer you the opportunity to opt out of receiving any of these materials. We will obtain written authorization before using PHI for marketing purposes when required by law.

6. Uses & Disclosures Required or Permitted by Law

Several laws and regulations govern our use of your PHI, which may either require or permit us to use or disclose it. Here is a list of the federal health information privacy regulations describing required or permitted uses and disclosures:

Permitted without Authorization:

  • If you do not object verbally, we may share some of your PHI with a family member or friend who participates in your care.
  • We may use your PHI in an emergency if you are unable to communicate.
  • If we receive certain assurances that protect your privacy, we may use or disclose your PHI for research purposes. This facility will always obtain your authorization, even though it is permitted without it.
  • If you are a workers’ compensation patient, we may update your workers’ compensation case worker or employer, unless state law requires your authorization.

Required Without Authorization:

    • When required by law, for example, when ordered by a court to disclose certain types of your PHI, we must comply.
    • For public health activities, such as reporting a communicable disease or an adverse reaction to the Food and Drug Administration.
    • To report neglect, abuse, or domestic violence.
    • When government regulators or their agents need to determine whether we comply with applicable rules and regulations.
    • For judicial or administrative proceedings, such as a response to a valid subpoena.
    • When properly requested by law enforcement officials or in response to other legal requirements, such as reporting gunshot wounds.
    • To avert a health hazard or to respond to a threat to public safety, such as an imminent crime against another person.
    • Deemed necessary by appropriate military command authorities if you are in the Armed Forces.
    • In connection with certain types of organ donor programs.

Required Use and Disclosure Exception:

  • When there are substance use disorder records, you must authorize the release of any disorder history or treatment records according to 42 CFR Part 2 (Substance Use Disorder Records) unless required by federal law.

Part 2 permits disclosure without your authorization only in limited circumstances, such as:

  • Medical emergencies
  • Scientific research under strict safeguards
  • Audits or program evaluations
  • Court orders that meet specific legal requirements
  • Reporting suspected child abuse or neglect as required by law
  • Crimes committed on program premises or against program staff

7. Your Authorization May Be Required

In the circumstances noted in number six above, we have the right to use and Disclose your PHI; however, if you change your mind at a later date, you may revoke your authorization or opt out of the disclosure, if permitted by law.

8. Your Privacy Rights and How to Exercise Them

Note: his facility will provide patients with a written Notice regarding the risks of transmitting protected health information (PHI) via unsecured email or messaging platforms. Patient authorization will be obtained before initiating or responding to any such electronic communication.

You have specific rights under our federally required privacy program. Each of them is summarized below:

  • Your Right to Request Limited Use or Disclosure
    You have the right to request that we do not use or disclose your PHI in a particular way. However, we are not obligated to comply with your request. If we agree to your request, we must abide by the agreement. We will exercise this right by requiring your request to be in writing.
  • Your Right to Confidential Communication
    You have the right to receive confidential communications from us at a location or phone number that you specify. We reserve the right to request that your request be in writing, including the alternative address or phone number, and confirmation that it will not interfere with your payment method. We will exercise this right by requiring your request to be in writing.
  • Your Right to Inspect and Copy Your PHI
    You have the right to inspect and copy your PHI. If we maintain our records on paper, that will be the format used; however, if we maintain our records electronically, you have the right to review and/or obtain copies in an electronic format. Should we decline, we must provide you with a resource person to assist you in reviewing our decision to refuse. We must respond to your request within 30 days, as required by our state’s prevailing law. We may charge reasonable fees for copying and labor time related to copying, and we may need an appointment for record inspection. We have the right to ask for your request in writing and will exercise that right.
  • Your Right to Revoke Your Authorization
    If you have authorized us to use or disclose your PHI, you may revoke that authorization at any time in writing. Please understand that we relied on the validity of your permission before the revocation and used or disclosed your PHI within its scope.
  • Your Right to Amend Your PHI
    You have a right to request an amendment of your record. We reserve the right to request the request in writing, and we will exercise this right. We may deny the request if the record is accurate and/or if this facility did not create the record. If we accept the amendment, we must notify you and make an effort to inform others who have the original record.
  • Your Right to Know Who Else Sees Your PHI
    You have the right to request an accounting of certain disclosures that we have made over the past six years. We do not have to account for all disclosures, including those made directly to you, those involving treatment, payment, or healthcare operations, those to family or friends involved in your care, and those involving national security. You have the right to request an annual accounting. We reserve the right to request written confirmation and to charge for any accounting requests that occur more than once per year. We must notify you of any charges, and you have the right to withdraw your request or pay to proceed.
  • Your Right to be Informed of a Breach of Your Protected Health Information
    We are required to notify the patient by first-class mail or by email (if indicated a preference to receive information by email) of any breaches of unsecured Protected Health Information as soon as possible, but in any event, no later than 30 days or as soon as possible following the discovery of the breach. “Unsecured Protected Health Information” is information that is not secured through the use of a technology or methodology identified by the Secretary of the U.S. Department of Health and Human Services to render the Protected Health Information unusable, unreadable, and undecipherable to unauthorized users. The Notice is required to include the following information:
    • A description of the breach, including the date of the breach and the date of its discovery, if known.
    • A description of the type of unsecured protected health information involved in the breach.
    • Instructions regarding the measures the patient should take to protect him/her from potential harm resulting from the breach.
    • Correction action {{Facility_Name}} has/will take to investigate the breach, mitigate losses, and protect the patient from further breaches.
    • {{Facility_Name}} ‘s contact information, including a toll-free telephone number, email address, website, or postal address, to facilitate additional questions.
  • Your Right to Complain

You have the right to complain if you feel your privacy rights have been violated. You may complain directly to us by contacting our HIPAA officer, noted in Section 10, or to the following:

U.S. Department of Health and Human Services Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/

We will not retaliate against you if you file a complaint about us. Your complaint should provide sufficient specific detail to enable us to investigate your concern.

  • Your Right to Receive a Copy of the Privacy Notice
    We are obligated to provide our patients with a copy of our Notice of Privacy Practices and to post the Notice in a conspicuous place and on our website, so patients can readily review it. We reserve the right to modify the Notice to comply with policy, rules, or regulatory changes. We are obligated to provide new notices to current and subsequent patients as changes are made. We are required to maintain each version of a Privacy Notice for a minimum of six (6) years.
  • Your Right to Expect Protection of Any Substance Use Disorder or Treatment Records According to 42 CFR Part 2 (Substance Use Disorder Records) {{Facility_Name}} is required by federal law to protect the privacy of your substance use disorder (SUD) treatment records. These records are protected by 42 CFR Part 2, which provides additional confidentiality safeguards beyond those required by HIPAA. Part 2 protects any information that identifies you as having a substance use disorder or receiving SUD treatment services from us, including your diagnosis, treatment, medications for SUD, appointment information, billing records, and any other information that could identify you as a patient of a SUD program. We may not use or disclose your SUD treatment records without your written consent unless federal law allows it. Part 2 permits disclosure without your consent only in limited situations, such as:
    • Medical emergencies
    • Scientific research under strict safeguards
    • Audits or program evaluations
    • Court orders that meet specific legal requirements
    • Reporting suspected child abuse or neglect as required by law
    • Crimes committed on program premises or against program staff

You may authorize us to disclose your SUD treatment information to others, including for treatment, payment, or healthcare operations. Your authorization must meet the requirements of 42 CFR Part 2. You may revoke your authorization at any time unless we have already acted on it.

Any recipient of your SUD treatment information is prohibited from redisclosing it unless you give written permission or the disclosure is otherwise permitted by Part 2. Federal law does not protect information if you voluntarily disclose it to others who are not bound by Part 2. You have the right to:

  • Request restrictions on how your SUD information is used or disclosed.
  • Request an accounting of disclosures of your Part 2–protected information.
  • Receive a copy of this Notice and any updates.
  • File a complaint if you believe your privacy rights have been violated, and we are prohibited from retaliation against you for filing a complaint.

9. Some of Our Privacy Obligations and How We Perform Them

We are required by law to maintain the privacy and security of your protected health information.

We will notify you promptly if a breach occurs that may have compromised the privacy or security of your information.
We must follow the duties and privacy practices described in this Notice and provide you with a copy.
We will not use or share your information, except as described, unless you provide us with written consent. If you tell us we can, you may change your mind at any time. Let us know in writing if you change your mind.

If we update our Notice of Privacy Practices, we will provide you with our revised Notice when you next seek treatment from us.

Contact Information

If you have questions about this Notice, or if you have a complaint or concern, please contact:

Shift Therapy & Wellness, HIPAA Officer
314 E 1st Ave
STE 701
Rome, GA 30161

Effective Date: 2/12/2026