HIPAA NOTICE OF PRIVACY PRACTICES

EFFECTIVE DATE: APRIL 19, 2024

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

EFFECTIVE DATE: APRIL 19, 2024

Who Abides by this Notice

Kento Health Inc. (“Kento Health”, “Company”) offers you wellness coaching services by collaborating with health mentors and other healthcare professionals (referenced as “we”, “our”, or “us”) when you engage with or join our Kento Health programs (the “Services”). This is a unified declaration of our data privacy practices (“Notice”).

The parties adhering to this Notice include:

  • Health practitioners who cater to your needs via Kento Health.
  • Health professionals using our Services to render remote coaching to you.
  • Our workforce, associates, and partners, inclusive of auxiliary support entities.

We will share protected health information (“PHI”) of patients as necessary to provide the Services and carry out payment as permitted by law. Should you have queries about this Notice, our contact details are available at the end of this document.

Our Pledge to Privacy

Preserving the privacy, integrity and authenticity of the PHI you entrust us with during your engagement with our Services is paramount. PHI encompasses health information about you which could be used to identify you and which we keep or transmit in electronic, oral, or written form. PHI includes identifiable details about you such as your name or address, your past, present, or future health conditions (whether physical, mental, or medical), health care provided, medications prescribed, or payment histories. This data is vital for furnishing high-quality care and meeting regulatory mandates.

By law, we’re obligated to uphold the privacy of PHI and acquaint you with our statutory duties and privacy protocols pursuant to the Federal Health Insurance Portability and Accountability Act (“HIPAA”). We are required to and will promptly notify you in the event of a breach of your PHI.

We are also required to inform you that there may be a provision of applicable state law that relates to the privacy of your health information that may be more stringent than a standard or requirement under HIPAA. We follow state privacy laws when they are applicable and stricter or more protective of your PHI than HIPAA.

We are required to abide by the terms of this Notice for as long as it remains in effect. We reserve the right to change the terms of this Notice as necessary and to make a new notice of privacy practices for all PHI held by us. The revised notice will be available on request, in our office, and on our website. In the event of a material revision of the terms of this Notice, the revised notice will be sent to you via email, or you will receive notification that the revised notice has been posted to our website. A copy of any revised notice or information pertaining to a specific state law may be obtained by mailing a request to the Privacy Officer at the address below.

The details within this Notice pertain to the records of the services availed through Kento Health. Independent practices or notices might be adopted by your healthcare providers. We are happy to elucidate any aspect of this Notice to you or your kin.

Permissible Uses and Disclosures of Protected Health Information

Your PHI’s confidentiality is non-negotiable. With a robust framework of policies, procedures, and safeguards, we work tirelessly to protect your PHI. Below are categories showcasing varied ways we use and share your PHI internally and externally. Not every disclosure is listed, but all actions fall within these categories. Specific actions might also necessitate your express consent.

  1. With Your Authorization and consent: Except as outlined below, we will not use or disclose your PHI for any purpose other than treatment, payment or health care operation unless you have signed a form authorizing such use or disclosure. Upon your request, we might share relevant details. Such disclosures might need your written consent. If you wish for us to share your PHI with anyone or any organization, you may give us authorization in writing to do so.
  2. For Treatment: The most pivotal use of your PHI will be for treatment. PHI (like your medical history and symptoms) could be used or shared with healthcare providers like doctors or nurses so that they can deliver the right care to you. Moreover, we might use the PHI in order to send you reminders, alternative treatment options, or other health insights. Other care providers, such as technicians, medical students, or hospital personnel involved in your care, might also access this information.
  3. For Payment: We will make uses and disclosures of your PHI as necessary for payment purposes. During the normal course of business operations, we may forward information regarding your medical procedures and treatment to your insurance company to arrange payment for the services provided to you. We may also use your PHI to prepare a bill to send to you or to the person responsible for your payment.
  4. For Healthcare Operational Needs and Activities: Your PHI will be used and disclosed as necessary, and as permitted by law for our healthcare operations. It helps in our organizational planning, streamlining administration, and enhancing the quality and cost-efficiency of care. Examples include quality checks, disease management initiatives, surveys, data compilation, and training – all with the purpose of improving treatment and patient care.
  5. Business Collaborations: At times, third-party business associates will assist us in delivering our services. Such entities, including quality assurance agencies or billing services, may access your PHI to complete their tasks. To secure your PHI, such associates will be required to commit to stringent data protection standards.
  6. Research: In limited circumstances, we may use and disclose your protected PHI for research purposes. In cases where your specific authorization is not required by law, your privacy will be protected by strict confidentiality requirements applied by an Institutional Review Board which oversees the research or by representatives of the research that limit their use and disclosure of your information.

Special Situations Where Disclosure Does Not Require Your Authorization at Kento Health

The below categories outline particular circumstances in which Kento Health may disclose or utilize your PHI without obtaining your explicit consent:

  1. Public Health Initiatives: Kento Health can share your PHI to:
  • Prevent or monitor diseases, injuries, or disabilities.
  • Report events like births and deaths.
  • Address reports of child, elder, or dependent adult abuse or neglect.
  • Address reactions to medications or issues with medical products.
  • Inform individuals about product recalls that might impact them.
  • Alert individuals who might be at risk of disease exposure or transmission.
  • Notify emergency responders about potential HIV/AIDS exposure, as aligned with federal and state laws.
  • Abuse or Domestic Violence Victims: Should we reasonably ascertain that you are facing abuse or neglect, your PHI can be shared with legal authorities or protective service agencies.
  • Health Supervision Activities: For activities such as audits, inspections, investigations, and licensure, we might share your PHI with health oversight agencies.
  • Legal Proceedings: During lawsuits or legal disputes, your PHI may be used or disclosed in alignment with court or administrative orders, subpoenas, or discovery requests.
  • Engaging with Law Enforcement: We may provide your PHI to law enforcement:
    • In response to legal processes like warrants or subpoenas.
    • To aid in identifying or locating suspects or witnesses.
    • When discussing victims of crime under specific conditions.
    • When discussing potential criminal activities at Kento Health.
    • In emergencies to report details about a crime.

  • Upon Passing: Your PHI can be provided to coroners, medical examiners, or funeral directors.
  • Government-Related Functions: For specific governmental tasks, like military functions or intelligence activities, your PHI may be disclosed.
  • Incarceration: If you are incarcerated or in police custody, your PHI might be shared if it is necessary for your healthcare or the safety of others within the correctional facility.
  • Workers’ Compensation: If needed, and only where required by state law, we may share your PHI in line with workers’ compensation laws.
  • As Mandated by Law: Outside of the scenarios mentioned above, we might need to share your PHI if other laws require it.

Your Choices

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations described below, please contact us using the contact information below, and we will make reasonable efforts to follow your instructions.

In these cases, you have both the right and choice to tell us whether to:

  • Share information, such as your PHI, with your family, close friends, or others involved in your care;
  • Share information in a disaster relief situation;

If you are not able to tell us your preference, for example, if you are unconscious, we may share your information if we believe it is in your best interest, according to our best judgment. We may also share your information when needed to lessen a serious and imminent threat to health or safety.

Situations Requiring Your Explicit Authorization at Kento Health

For any other use of your PHI not covered above, we will obtain your written consent. If you previously authorized a specific use of your PHI and wish to revoke it, you can do so. We, however, cannot reverse any previous disclosures.

In the following cases, we will NOT share your PHI unless you give us your written permission:

  • Most sharing of a mental health care professional’s notes (psychotherapy notes);
  • Marketing purposes;
  • Selling or otherwise receiving compensation for disclosing your PHI.

Your Rights Concerning Your PHI at Kento Health

You have specific rights concerning your PHI. To learn more or exercise these rights, contact Kento Health using the contact information provided below.

  • Right to Request Limitations: You can ask for limits on how we use and share your PHI:
  1. For treatment, payment, and healthcare processes.
  2. With people involved in your care or payment for your care.
  3. To identify your location and condition to people involved in your care or payment for your care.

Although we'll consider all restriction requests, we're not obliged to agree, unless it concerns a health plan payment, and the PHI is about a service that has been fully paid for out-of-pocket. Please submit your requests in writing. If approved, we'll abide by it unless there's an emergency or prior disclosure.

  • Confidential Communications: You can request that we communicate with you about your PHI in a specific way or at a particular location (e.g., only at work). Submit this request in writing. We won’t ask why and will try to fulfill all reasonable requests.
  • Access to Records: You have a right to access the medical, health and billing files we maintain about you. While you can inspect and get copies of these, there might be rare times we might decline. If denied, you can ask for a review by another healthcare professional we pick. To access, write to us. If records are digital, you can request an electronic version or ask us to send it to a designated person/entity.
  • Costs: For paper copies, we will charge based on copying, mailing, and supply expenses. For electronic versions, any charges will be based on our labor costs.
  • Amending Records: You can request changes to your PHI in our records by writing to us and stating your reasons for making the request. You will need to sign your request or have a legal representative sign it. Rest assured that we will always give your request careful consideration. However, we may decline to accept the amendment if we believe the current information is accurate or due to another specific reason. You can then add a disagreement note to your records. We may include our reasons for refusal in your record as well. If we make the amendment, we may communicate the changes to others who work for us if we feel the notification is necessary.
  • Right to Addendum: You can append an addendum to your medical records.
  • Right to a Paper Copy: You have a right, even when you have consented to receive electronic notices, to obtain a paper copy of this Notice. To do so, please submit a request to the Support Office using the email below
  • Accounting of Disclosures: By writing to us, you can get a report of certain times we’ve shared your PHI with outside entities over the past six years. Specify the format you prefer to receive the accounting in (e.g., paper or electronic). The first request in any 12-month period will be free, but subsequent requests within a year might come with charges. You will not be charged the fee until after being notified of what it will be, and after being given an opportunity to rescind or modify your request.
  • Choose Someone to Act for You: If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your PHI.
  • Make a Complaint: You have the right to complain if you feel we have violated your rights by using the information provided below.
  • Not to be Subject to Retaliation: You have the right not to be subjected to retaliation for exercising your rights. We will not retaliate against you for filing a complaint or for exercising any of your rights.
  • Right to be Informed of Breaches: You have a right to be informed if there's ever a breach of your PHI security. We are required by law to protect the privacy and security of your PHI through the use of appropriate safeguards. We will promptly notify you in the event a breach occurs involving or potentially involving your PHI and inform you of what steps you may need to take to protect yourself.

Minimum Necessary Protocol at Kento Health

In line with legal mandates, Kento Health ensures that any request or sharing of your PHI is limited to the minimum necessary information. This commitment helps safeguard your privacy.

Notice Amendments

Kento Health may update this Notice periodically. Updated terms will be applicable to all PHI.

Getting in Touch with Kento Health, Addressing Concerns or Filing Complaints

For more details on your privacy rights or any concerns about your privacy rights, to submit a request pursuant to this Notice, or if you believe your privacy rights have been violated, reach out to our Privacy Officer using the contact information hereinbelow.

Kento Health Inc.

Attn: Privacy Officer

Email: support@kentohealth.com

Mailing Address:

12280 av. Wilfrid-Lazure Montréal (Québec)

H4K2W9 Canada

For formal complaints, contact the U.S. Department of Health and Human Services, Office of Civil Rights. Rest assured, we will never retaliate against any complaints.

This Notice is also available on our web page at https://www.kentohealth.com/privacy .