Kno2’s Pursuit for QHIN Designation

Notice of Privacy Practices

KNO2 LLC DESIGNATED NETWORK

PRIVACY POLICY

Hosted at: https://kno2.com/Notice-of-Privacy-Practices/

Welcome to this website (the “Site”) of Kno2 LLC.  This Privacy Policy (the “Policy”) applies to all Participants and Subparticipants in the Kno2 LLC Designated Network (the “Designated Network”) and that may provide, make available, or request health information through the Designated Network.

1. COMPLIANCE WITH LAW

All disclosures of health information through the Designated Network and the use of information obtained from the Designated Network shall be consistent with all applicable federal, state, and local laws and regulations and shall not be used for any unlawful discriminatory purpose. If applicable law requires that certain documentation exist or that other conditions be met prior to using or disclosing health information for a particular purpose, the requesting Participant or Subparticipant shall ensure that it has obtained the required documentation or met the requisite conditions and shall provide evidence of such at the request of the disclosing institution.

2. REQUESTS FOR HEALTH INFORMATION FROM THE DESIGNATED NETWORK

A Participant or Subparticipant may request health information through the Designated Network only for purposes permitted by applicable law. Each Participant and Subparticipant shall provide or request health information through the Designated Network only to the extent necessary and only for those purposes that are permitted by applicable federal, state, and local laws and regulations and this Policy.  Information may not be requested for marketing or marketing related purposes as defined under The Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”) without specific patient authorization. Under no circumstances may information be requested for a discriminatory purpose. In the absence of a permissible purpose, a Participant may not request information through the Designated Network.

3. PARTICIPANT AND SUBPARTICIPANT POLICIES

Each Participant and Subparticipant shall refer to and comply with its own internal policies and procedures regarding disclosures of health information and the conditions that shall be met and documentation that shall be obtained, if any, prior to making such disclosures.

4. ACCOUNTING OF DISCLOSURES

Each Participant and Subparticipant disclosing health information through the Designated Network shall work towards implementing a system to document the purposes for which such disclosures are made, as provided by the requesting Participant or Subparticipant, and any other information that may be necessary for compliance with the HIPAA Privacy Rule’s accounting of disclosures requirement.  Each Participant and Subparticpiant is responsible for ensuring its compliance with such requirement and may choose to provide individuals with more information in the accounting than is required. Each requesting Participant and Subparticipant shall provide information required for the disclosing Participant or Subparticipant to meet its obligations under the HIPAA Privacy Rule’s accounting of disclosures requirement.

5. AUDIT LOGS

The Designated Network shall maintain an audit log documenting which Participants and Subparticipants posted and accessed information about an individual through the Designated Network and when such information was posted and accessed.

6.  AUTHENTICATION

Each Participant and Subparticipant shall implement commercially reasonable authentication requirements that comply with all applicable requirements of law for verifying and authenticating those within their institutions who shall have access to, as well as other Participants and Subparticipants who request access to, information through the Designated Network.

7. MINIMUM NECESSARY REQUESTS AND DISCLOSURES

Each Participant and Participant shall request and disclose through the Designated Network only the minimum amount of health information as is necessary for the purpose of the request or disclosure. Requests and Disclosures to a health care provider for treatment purposes and disclosures required by law are not subject to this minimum necessary policy.

8. CHANGES TO THE PRIVACY POLICY

The Site and Policy may change from time to time. As a result, we may change this Policy at any time. When we do, we will post an updated version on this page, unless another type of notice is required by the applicable law. By continuing to visit our Site after we have posted an updated Privacy Policy, or notified you by other means if applicable, you consent to the revised Policy and practices described in it.

9. CONTACT US

If you have any questions about our Policy or information practices, please feel free to contact us at our designated request address: [email protected].