Notice of Privacy Practices


The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is a federal statute that requires that all protected health information used or disclosed by Hooman Khorasani, MD PLLC (“Practice”) in any form, whether electronically, on paper, or orally, are kept confidential. Protected health information is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health care services (“PHI”).

As required by HIPAA, this Notice of Privacy Practices (“Notice”) describes how the Practice is required to maintain the privacy of your PHI and how it may use and disclose PHI. It also describes your rights to access and control your PHI.

Use and Disclosures of PHI

Your PHI is subject to use or disclosure by the Practice’s physicians, office staff, employees or other third parties that are involved in your care and treatment, including electronic disclosures. It is the Practice’s responsibility to ensure that all uses or disclosures are made in accordance with HIPAA and as further detailed below in this Notice and as further detailed below in this Notice.


Required Disclosures

The Practice is required to disclose PHI to you directly when requested in accordance with your rights described below or the Department of Health and Human Services when investigating or determining the Practice’s compliance with HIPAA


The Practice will use and disclose your PHI to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party, consultation between physicians relating to your care, or your referral for health care to another physician. For example, your PHI may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to provide you the proper care or to a pharmacy to fill a prescription


The Practice will use and disclose your PHI, as needed, as it relates to payment for your health care services. This may include obtaining reimbursement information for the health care services you are receiving, confirming coverage or co-pay amounts under your health plan, billing and collecting from you, an insurance company, or a third party for your health care services, or obtaining precertification or preauthorization for specific health care services. For example, the Practice may send a claim for payment to your insurance company and that claim may contain PHI such as a code describing your diagnosis or medical treatment.

Health Care Operations

The Practice will use and disclose your PHI, as needed, in order to support the business operations of the Practice. These activities include, but are not limited to, quality assessment and improvement activities, auditing functions, cost-management analysis, or training. For example, the Practice may use or disclose your PHI during an audit of its billing practice or HIPAA compliance. The Practice may use a sign-in sheet at the registration desk where you will be asked to sign your name and may also call you by name in the waiting room when your physician is ready to see you. The Practice may also contact you to provide appointment reminders or information about treatment alternatives or other health-related benefits and services that may be of interest to you. The Practice may also contact you for the Practice’s fundraising purposes which you will have the opportunity to opt-out.

Family Members & Friends

The Practice may disclose relevant PHI with family members or friends involved in your health care or payment for your health care, if you tell us that we can do so, if you do not object to sharing of the information, or if, using our professional judgment we believe that you do not object.

Business Associates

The Practice will use and disclose your PHI, as needed, to business associates. There are some services provided in the Practice through contracts with business associates (i.e., the Practice may disclose PHI to a company who bills insurance companies on the Practice’s behalf to enable that company to assist in obtaining payment for the healthcare services provided). To protect your PHI the Practice will require its business associates to appropriately safeguard the information.

Other Uses or Disclosures

The Practice may also disclose your PHI for the following additional purposes without your authorization: when required by law (statute, law enforcement, judicial or administrative order); for public health activities (to public health or legal authorities charged with preventing or controlling disease, injury, disability, child abuse or neglect, etc., as required by law); when there is a belief you are a victim of abuse, neglect, or domestic violence; for health oversight activities (to public agencies or legal authorities charged with overseeing the health care system, government programs in which health information is necessary to determine eligibility or compliance, or to enforce civil rights); for judicial or administrative proceedings (pursuant to court order or subpoena if assurances are received); for law enforcement purposes; to funeral directors, coroners, or organ procurement organizations; for research; if there is a belief of a serious threat to health and safety; for certain essential government functions (national security, military, etc.); to comply with workers’ compensation; and as part of a limited data set pursuant to a data use agreement for research, public health or health care operations


Any uses or disclosures outside the scope described above will be made only with your written authorization. Most uses or disclosures of psychotherapy notes, and of PHI for marketing purposes and the sale of PHI require an authorization. You may revoke such authorization in writing at any time and the Practice is required to honor and abide by that revocation, except to the extent that it has already taken actions relying on your authorization.

Your Rights for PHI

You have the right to obtain a paper copy of this Notice.

You have the right to make reasonable requests to receive confidential communications of your PHI from the Practice by alternative means or at alternative location.

You have the right to request restrictions on uses and disclosures of PHI for treatment, payment or healthcare operations, or disclosures to family members, other relatives, close personal friends, or any other person identified by you. Generally, the Practice is not legally required to agree to a requested restriction. However, if the request is made to restrict disclosure to a health plan for purposes of carrying out Payment or Health Care Operations and the PHI pertains solely to a health care item or service for which you have paid out of pocket in full, the Practice is legally required to agree to the requested restriction.

You have the right to read or obtain a copy of your PHI or choose to get a summary of your PHI in lieu of a copy. There are some reasons why the Practice may deny such a request which will be delivered to you in writing stating the reason. If a summary or a copy of your PHI is provided, you may have to pay a reasonable fee.

You have the right to request the Practice to amend or correct your PHI to the extent legally and ethically permissible. If the Practice denies the request, it will do so in writing and you will have the ability to file a statement of disagreement.

You have the right to receive an accounting of the disclosures of PHI by the Practice in the last six years but it will not include certain disclosures including those made for treatment, payment, healthcare operations or where you specifically authorized a use or disclosure.

You may exercise any of the rights described above by contacting the Practice and requesting to speak with the Privacy Officer.


You have recourse if you feel that the privacy of your PHI has been violated. If you feel there has been a violation, you have the right to file a complaint by submitting your complaint in writing by mail to the address above or by fax at the number above. You may also contact the Practice directly by telephone. For all complaints, please ask for or direct attention to the Privacy Officer. There will be no retaliation for filing a complaint.

You may also file a complaint with or contact the Department of Health and Human Services, Office for Civil Rights at: Office of Civil Rights, DHHS, by mail at Jacob Javits Federal Building 26 Federal Plaza – Suite 3312, New York, New York 10278, by telephone at (800) 368-1019 or (800) 537-7697 (TDD), or by facsimile at (202) 619-3818.

Effective Date

The Practice is required by law to maintain the privacy of your PHI, to provide you with notice of its legal duties and privacy practices with respect to PHI, and to notify affected individuals following a breach of unsecured PHI. This Notice is effective as of May 30th, 2020. The Practice reserves the right to change the terms of this Notice and to make any such changes or amendments effective for all PHI that it maintains. The Practice will periodically post from time to time, and you may request a written copy of, any updated versions of this Notice.

Peninsula Glow | Peninsula Glow Medical spa | Monterey, CA

Request A Consultation

To request a consultation contact Peninsula Glow Medical Spa office by phone at (831) 233-3143. For more information about how to get in touch:
Call Now Button