Notice of Privacy Practices

Notice Origination: 10/01/2001 

Notice Revised Effective: 09/23/2013

Notice Revised Effective: 09/17/2017

This notice describes how medical information about you may be used and disclosed, and how you can get access to this information. Please review it carefully.

1.         Privacy Practices Related to Protected Health Information 

In addition to the privacy practices described in our Privacy Policy (located at www.myeyedr.com/privacy-policy), we are required by law to maintain the privacy of protected health information, to provide individuals with notice of our legal duties and privacy practices with respect to protected health information, and to notify affected individuals following a breach of unsecured protected health information. This Notice of Privacy Practices (“Notice”) describes how we may use and disclose your protected health information.  It also describes your rights and our legal obligations with respect to your protected health information. 

For purposes of this Notice, “protected health information” is information that individually identifies you and that we create or get from you or from another health care provider, health plan, your employer, or a health care clearinghouse and that relates to (1) your past, present, or future physical or mental health or conditions; (2) the provision of health care to you; or (3) the past, present, or future payment for your health care.

  • Treatment, Payment & Health Care Operations

    • ​The most common reason why we use or disclose your protected health information is for treatment, payment, or health care operations. 

    • Examples of how we use or disclose information for treatment purposes include: 

      • Setting up an appointment for you;

      • Testing or examining your eyes;

      • Maintaining the Patient Portal;

      • Prescribing glasses, contact lenses, or eye medications and faxing them to be filled;

      • Referring you to another doctor or clinic for eye care or services; and

      • Getting copies of your protected health information from another professional that you may have seen before us. 

    • Examples of how we use or disclose your protected health information for payment purposes include: 

      • Asking you about your health or vision care plans, or other sources of payment;

      • reparing and sending bills or claims; and

      • Collecting unpaid amounts (either directly or through a collection agency or attorney). 

    • Examples of how we use or disclose your protected health information for health care operations include: 

      • Financial or billing audits;

      • Internal quality assurance;

      • Personnel decisions;

      • Participation in managed care plans;

      • Defense of legal matters;

      • Business planning; and

      • Outside storage of our records.  

  • Uses & Disclosures for Other Reasons Without Permission

    • ​In some limited situations, the law allows or requires us to use or disclose your protected health information without your permission. Not all of these situations will apply to us, and some may never come up at our office(s) at all. Such uses or disclosures include: 

      • When a state or federal law mandates that certain protected health information be reported for a specific purpose;

      • For public health purposes, such as contagious disease reporting, investigation or surveillance;

      • Notices to and from the federal Food and Drug Administration regarding drugs or medical devices;

      • Uses or disclosures of suspected abuse, neglect or domestic violence, if the patient agrees or if we are required or authorized by law to make the disclosure;

      • Uses and disclosures for health oversight activities, such as for the licensing of optometrists or audits by the Medicare or Medicaid programs;

      • Disclosures for law enforcement purposes, such as to provide information about someone who is or is suspected to be a victim of a crime;

      • To provide information about a crime in our office, or to report a crime that happened somewhere else;

      • Disclosures to avert a serious threat to health or safety;

      • Disclosures relating to worker's compensation programs; 

      • Disclosures or research under certain circumstances, or disclosures to “business associates” who perform services for us that involve the use or disclosure of your health information, such as billing or transcription services, and which commit to respect the privacy of your health information;

      • For organ and tissue donation;

      • For lawsuits and disputes;

      • For specialized government functions, such as military, veterans and national security functions;

      • To coroners, medical examiners and funeral directors so that they may carry out their duties; and

      • For inmates as permitted by law.  

    • Also, in the case of a breach of unsecured protected health information, we will use your protected health information to notify you of such breach as required by law.

  • Uses & Disclosures That Require Us to Give You an Opportunity to Object

    • ​Unless you object, we will also share relevant information about your care with your family or friends who are helping you with your eye care. 

    • We may also disclose your protected health information to disaster relief organizations to coordinate your care or notify family and friends of your location or conditions in a disaster. 

    • We will provide you with the opportunity to object or agree to such a disclosure whenever we practicably can do so.

  • Appointment Reminders & Treatment Alternatives & Services

    • ​We may use and disclose your protected health information to contact you to remind you that you have an appointment for medical care, to discuss the status of an order, or to contact you about possible treatment options, alternatives or services that may be of interest to you.

  • Other Uses & Disclosures

    • ​Uses and disclosures of your protected health information for marketing purposes and disclosures that constitute a sale of your protected health information will only be made with your written authorization. We will not make any other uses or disclosures of your protected health information unless you sign a written “authorization form” with content mandated by federal law. We may initiate the authorization process if the use or disclosure is our idea or you may initiate the process for us to send your information to someone else. Typically, in this situation you will give us a properly completed authorization form or you can use one that we provide.

    • If we initiate the process and ask you to sign an authorization form, you do not have to sign it. If you do not sign the authorization, we cannot make the use or disclosure. If you do sign the authorization form, you may revoke it at any time unless we have already acted in reliance upon it.  Revocations must be in writing to the Compliance Officer at the address shown below in the Section entitled ‘Contact Us’.

  • Your Rights Regarding Your Health Information

    • The law gives you certain rights regarding your protected health information. You can:

    • Ask us to restrict our uses and disclosures of your protected health information for purposes of treatment, payment or health care operations.  You have the right to request restrictions on certain uses and disclosures of your protected health information by a written request specifying what information you want to limit, and what limitations on our use or disclosure of that information you wish to have imposed.  If you ask us not to disclose information to your health plan concerning health care items or services for which you paid for in full out-of-pocket, we will abide by your request.  We reserve the right to accept or reject any other request, and will notify you of our decision. To ask for a restriction, you must send a written request to the Compliance Officer at the address shown below in the section entitled ‘Contact Us’.

    • Ask us to communicate with you in a confidential way, such as by phoning you at work rather than at home.  We will accommodate these requests if they are reasonable. If you want to ask for confidential communications, you must send a written request to the Compliance Officer at the address shown below in the section entitled ‘Contact Us’.

    • Ask to see or get copies of your protected health information.  We generally have up to 30 days to make your protected health information available to you (although we may have one 30-day extension if we send you written notice of the extension). We may charge you a reasonable fee for the costs of copying, mailing or other supplies associated with your request to the extent permitted by state and federal law. We may deny your request in certain limited circumstances. If we do deny your request, you have the right to have the denial reviewed by a licensed healthcare professional who was not directly involved in the denial of your request, and we will comply with the outcome of the review. If your records are contained within an electronic medical records system, you have the right to receive your information electronically. We will try to provide access to your protected health information in the form or format that you request, if it is readily producible in such form or format. If the protected health information is not readily producible in the form or format you request your record will be provided in either our standard electronic format or if you do not want this form or format, a readable hard copy form. We may charge you a reasonable, cost-based fee for the labor associated with transmitting the electronic medical record. If you want to review or get paper or electronic copies of your health information, you must send a written request to the Compliance Officer at the address shown below in the section entitled ‘Contact Us’.

    • Ask us to amend your protected health information if you think that it is incorrect or incomplete.  If we do not agree with your request, you can write a statement of your position, and we will include it with your health information along with any rebuttal statement that we may write. Once your statement of position and/or our rebuttal is included in your protected health information, we will send it along whenever we make a permitted disclosure of your health information. If you want to ask us to amend your protected health information, you must send a written request that includes your reasons for the amendment, to the Compliance Officer at the address shown below in the section entitled ‘Contact Us’.

    • Obtain a list (called an "accounting") of certain disclosures that we have made of your protected health information within the past six years (or a shorter period if you want).  By law, the list will not include: (1) disclosures for purposes of treatment, payment or health care operations; (2) disclosures with your authorization; (3) incidental disclosures; (4) disclosures required by law; and (5) some other limited disclosures. The first accounting you request within any 12-month period will be free. If you want more frequent lists, you will have to pay for them in advance. We will tell you the costs in advance and you may choose to withdraw or modify your request before the costs are incurred. If you want a list of the disclosures, you must send a written request to the Compliance Officer at the address shown below in the section entitled ‘Contact Us’.

    • Receive a paper copy of this Notice at any time.  If you want a paper copy of this Notice, you must send a written request to our Compliance Officer at the address shown below in the section entitled ‘Contact Us’.

  • Retention of Protected Health Information

    • By law, we will retain all of your protected health information for at least seven (7) years after the last date of your encounter with one of our doctors. After this time your health information may be shredded or disposed of in another confidential method

  • Additional Rights Under State Law & Other Federal Laws

    • ​If another state or federal law requires us to give more protection to your protected health information than stated in this Notice, we will comply with that law.

  • Changes to this Notice

    • By law, we must abide by the terms of this Notice until we revise it. We reserve the right to change this Notice at any time as allowed by law.  If we change the Notice, the new privacy practices will apply to your protected health information that we already have as well as to such information that we may generate in the future. If we change our Notice, we will post the new Notice in our office, make copies available and post it on our Website.

2.         Contact Us

If you have questions and would like additional information, you may contact our Compliance Officer, Alyssa Voorhies, at

1950 Old Gallows Rd.

Suite 520

Vienna, VA 22182

(703) 847-8899 x 244

If you believe your privacy rights have been violated, you can file a complaint with us by contacting our Compliance Officer. You may also report a complaint with the Office for Civil Rights of the U.S. Department of Health and Human Services (OCR). There will be no retaliation for filing a complaint with either our practice or the OCR.