Department of Health and Human Services Privacy Rule under HIPAA (Health Insurance Portability and
Accountability Act) in compliance with the September 23, 2013 Omnibus Rule This Notice of Privacy
describes how we may use and disclose your protected health information (PHI) to carry out treatment,
payment or health care operations and for other purposes that are permitted by law. It also describes your
rights to access and control your protected health information.

“Protected health information” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services. Uses and Disclosures of Protected Health Information Your protected health information may be used and disclosed by your Healthcare Provider, our office staff and others outside of our office that are involved in your care and
treatment for the purpose of providing health care services to you, to process your health care bills, to
support the operation of the Healthcare Provider’s practice, and any other use required by law.

Treatment:
We will use and disclose your protected health information to provide, coordinate, or mange your health care
and any related services. This includes the coordination or management of your health care with a third
party. For example, your protected health information may be provided to a Healthcare Provider to whom you
have been referred or whom referred to, ensure that the Healthcare Provider has the necessary information to
diagnose or treat you.

Payment:

Your protected health information will be used, as needed, to obtain payment for your health care services. For example, obtaining approval for hearing aids, or hearing testing may require that your relevant protected health information be disclosed to the health care plan to obtain approval for such services.

Healthcare Operations:

We respect, secure, and protect the privacy of our patients’ personal health information. When appropriate and necessary, we provide the minimum necessary to only those healthcare professionals in need of your health care information and treatment. We have indirect treatment relationships with hearing aid and earmold companies, and disclose personal information for purposes of payment, or health care products.

We may use or disclose your protected health information in the following situations without your authorization.

These situations include:

Public Health issues as required by law; Communicable diseases; Health Oversight; Food and Drug Administration requirements; Legal Proceedings; Military Activity and National Security; Workers’ Compensation; Hearing Aid
Manufacturers. Other Permitted and Required Uses and Disclosures: Other disclosures will be made only
with your consent, authorization or opportunity to object unless required by law.

Your Privacy Rights
Following is a statement of your rights with respect to your protected health information.

I. You have the right to inspect and request copies your protected health information. We support your full access to your personal medical records. You may request transmission of your medical records to a designated party in
any form, hard copy or electronically. In such cases, we will verify the identity of the individual making the
request and take reasonable steps to ensure that the email address of the recipient is correct. However,
under federal law, you may not inspect nor copy the following records: information compiled in reasonable
anticipation of, or use in, a civil, criminal, or administrative action or proceeding, and protected health
information that is subject to law that prohibits access to protected health information.

II. You have the right to request a restriction of your protected health information. This means you may ask us not to use or disclose any part of your protected health information for the purposes of treatment, payment or healthcare
operations. You may also request that any part of your protected health information not be disclosed to
family members or friends who may be involved in your care or for notification purposes as described in this
Notice of Privacy Practices. Your request must state the specific restriction requested and to whom you want
the restriction to apply. Our Healthcare Providers are not required to agree to a restriction that you may
request. If your Healthcare Provider believes it is in your best interest to permit use and disclosure of your
protected health information, your protected health information will not be restricted. You then have the right
to use another Healthcare Provider. It is your right to opt out of the use of your personal health information
for marketing purposes by Hearing Health Care Services, Inc. or its suppliers (Hearing Aid Manufacturers)

III. You may request transmission of your medical records to a designated party in any form, hard copy or
electronically. In such cases, we will verify the identity of the individual making the request and take
reasonable steps to ensure that the email address of the recipient is correct. Upon request, you have the
right to obtain a paper copy of this notice from us, even if you have agreed to accept this notice alternatively
(i.e. electronically). You may have the right to have your Healthcare Provider amend your protected health
information. If we deny your request for amendment, you have the right to file a statement of disagreement
with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such
rebuttal. You have the right to receive an accounting of certain disclosures we have made, if any, of your
protected health information. We reserve the right to change the terms of this notice and will inform you by
mail of any changes. You then have the right to object or withdraw as provided in this notice.

IV. Complaints
You may complain to our Practice Manager or to the Secretary of Health and Human Services if you believe
your privacy rights have been violated by us. We will not retaliate against your for filing a complaint. We are
required by law to maintain the privacy of, and provide individuals with, this notice of our legal duties and
privacy practices with respect to protected health information. If you have any objections to this form, please
ask to speak with our HIPAA Compliance Officer in person or by phone at (919) 489-0995. You may refuse to
consent to the use or disclosure of your personal health information. Under this law, we have the right to
refuse treatment should you choose not to disclose your personal health information.