NOTICE OF PRIVACY PRACTICES

Expert Tinnitus & Audiology

Effective Date: January 15, 2026

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

OUR COMMITMENT TO YOUR PRIVACY

Expert Tinnitus & Audiology is committed to protecting the privacy of your health information. We are required by law to:

•       Maintain the privacy of your Protected Health Information (PHI)

•       Provide you with this Notice of our legal duties and privacy practices

•       Follow the terms of the Notice currently in effect

•       Notify you if we are unable to agree to a requested restriction on how we use or disclose your PHI

•       Accommodate reasonable requests to communicate health information by alternative means or locations

WHAT IS PROTECTED HEALTH INFORMATION (PHI)?

PHI is individually identifiable health information that we create, receive, maintain, or transmit. This includes information about:

•       Your past, present, or future physical or mental health

•       Healthcare services provided to you

•       Payment for healthcare services

PHI includes information in any form: written, oral, or electronic.

HOW WE MAY USE AND DISCLOSE YOUR PHI

The following describes the ways we may use and disclose your PHI. Not every possible use or disclosure is listed, but all permitted uses and disclosures will fall within one of these categories.

1. FOR TREATMENT

We may use and disclose your PHI to provide, coordinate, or manage your healthcare. This includes:

•       Consultations with other healthcare providers

•       Referrals to specialists

•       Coordination with partner clinics for hearing aid fittings

•       Sharing information with pharmacies or device manufacturers as needed for your care

Example: We may share your hearing test results with a partner clinic to coordinate hearing aid fitting services.

2. FOR PAYMENT

We may use and disclose your PHI to obtain payment for services. This includes:

•       Billing and collection activities

•       Providing superbills for insurance reimbursement

•       Responding to insurance company inquiries

Example: We may provide a superbill with diagnosis codes and service details for you to submit to your insurance company.

3. FOR HEALTHCARE OPERATIONS

We may use and disclose your PHI for our business operations, including:

•       Quality improvement activities

•       Training and education

•       Business planning and development

•       Customer service

Example: We may review patient records to improve our tinnitus management protocols.

4. APPOINTMENT REMINDERS

We may contact you to remind you of appointments via phone, email, or text message. You may request that we contact you using a specific method or at a specific location.

5. HEALTH-RELATED COMMUNICATIONS

We may contact you about treatment alternatives, health-related benefits, or services that may be of interest to you.

6. BUSINESS ASSOCIATES

We may share your PHI with third-party service providers who perform services on our behalf, such as:

•       Electronic health record system (CarePatron)

•       Email and communication platforms (Google Workspace)

•       Payment processing services

These service providers sign Business Associate Agreements requiring them to protect your PHI.

USES AND DISCLOSURES THAT REQUIRE YOUR AUTHORIZATION

The following uses and disclosures require your written authorization:

•       Marketing communications (except appointment reminders and health-related information)

•       Sale of your PHI

•       Most uses and disclosures of psychotherapy notes (if applicable)

•       Other uses not described in this Notice

You may revoke any authorization in writing at any time. The revocation will not affect disclosures already made based on your authorization.

OTHER PERMITTED AND REQUIRED USES

We may use or disclose your PHI without your authorization in the following situations:

•       As Required by Law: When required by federal, state, or local law

•       Public Health Activities: To public health authorities for disease prevention or reporting

•       Victims of Abuse or Neglect: To appropriate authorities if we reasonably believe you are a victim

•       Health Oversight Activities: To health oversight agencies for audits, investigations, or inspections

•       Judicial and Administrative Proceedings: In response to court orders or subpoenas

•       Law Enforcement: To law enforcement officials as required by law

•       To Avert Serious Threat: To prevent or lessen a serious threat to health or safety

•       Workers' Compensation: For workers' compensation or similar programs

•       Coroners and Medical Examiners: To coroners or medical examiners for identification purposes

•       Research: For research purposes when approved by an institutional review board

•       Military and Veterans: To military command authorities if you are a member of the armed forces

YOUR RIGHTS REGARDING YOUR PHI

You have the following rights regarding your health information:

1. RIGHT TO ACCESS

You have the right to inspect and obtain a copy of your PHI. Requests must be made in writing. We may charge a reasonable fee for copying and mailing costs.

2. RIGHT TO AMENDMENT

You have the right to request that we amend your PHI if you believe it is incorrect or incomplete. Requests must be made in writing and include a reason. We may deny your request under certain circumstances.

3. RIGHT TO ACCOUNTING OF DISCLOSURES

You have the right to receive a list of certain disclosures we have made of your PHI. This does not include disclosures for treatment, payment, or healthcare operations.

4. RIGHT TO REQUEST RESTRICTIONS

You have the right to request restrictions on how we use or disclose your PHI. We are not required to agree to your request, but if we do, we will comply with the restriction unless the information is needed for emergency treatment.

5. RIGHT TO CONFIDENTIAL COMMUNICATIONS

You have the right to request that we communicate with you about your health information in a specific way or at a specific location. We will accommodate reasonable requests.

6. RIGHT TO A PAPER COPY OF THIS NOTICE

You have the right to receive a paper copy of this Notice at any time, even if you previously agreed to receive it electronically.

7. RIGHT TO BE NOTIFIED OF A BREACH

You have the right to be notified if your unsecured PHI is breached.

HOW TO EXERCISE YOUR RIGHTS

To exercise any of these rights, please submit a written request to:

Expert Tinnitus & Audiology

Privacy Officer: Erika Kay, Au.D., CH-TM

15111 8th Ave SW, Ste 300

Burien, WA 98166

Phone: (206)588-5886

Email: info@experttinnitus.com

COMPLAINTS

If you believe your privacy rights have been violated, you may file a complaint with us or with the U.S. Department of Health and Human Services Office for Civil Rights.

To file a complaint with us: Use the contact information above.

To file a complaint with HHS:

Office for Civil Rights

U.S. Department of Health and Human Services

200 Independence Avenue, S.W.

Washington, D.C. 20201

Phone: 1-877-696-6775

Website: www.hhs.gov/ocr/privacy/hipaa/complaints/

You will not be penalized or retaliated against for filing a complaint.

CHANGES TO THIS NOTICE

We reserve the right to change this Notice. Any changes will apply to PHI we already have as well as any information we receive in the future. We will post the current Notice on our website and provide copies upon request. The effective date will be displayed at the top of the Notice.