Privacy Policy

NOTICE OF PRIVACY PRACTICES

Effective Date: January 1, 2026

THIS NOTICE DESCRIBES HOW PROTECTED HEALTH INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

GENERAL INFORMATION

The Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as amended by the Health Information Technology for Economic and Clinical Health Act (“HITECH Act”) and the HIPAA Omnibus Rule (2013), is a federal law that requires covered entities to protect the privacy and security of certain health information.

This Notice of Privacy Practices (“Notice”) describes how The Orthopaedic and Spine Center of Southern Colorado (“OSCSC,” “we,” “us,” or “our”) may use and disclose your Protected Health Information (“PHI”) and describes your rights regarding that information.

We are required by law to:

Maintain the privacy and security of your PHI
Provide you with this Notice of our legal duties and privacy practices
Comply with the terms of this Notice currently in effect
Notify you following a breach of unsecured PHI

“Protected Health Information” means information about you, including demographic information, that may identify you and that relates to your past, present, or future physical or mental health condition, the provision of healthcare to you, or payment for that care.

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION

Your PHI may be used and disclosed by your physician, our office staff, and others outside our office who are involved in your care for purposes of treatment, payment, and healthcare operations (“TPO”), as well as for other purposes permitted or required by law.

Treatment

We may use and disclose your PHI to provide, coordinate, or manage your healthcare and related services. This includes sharing information with other healthcare providers involved in your care or to whom you are referred.

Payment

We may use and disclose your PHI, as necessary, to obtain payment for healthcare services provided to you, including billing, claims management, eligibility verification, and prior authorization activities.

Healthcare Operations

We may use and disclose your PHI to support the business activities of CSOG. These activities include but are not limited to: quality assessment and improvement activities, employee review and training, accreditation, licensing, auditing, and administrative functions.

As part of healthcare operations, we may:

Use sign-in sheets at the registration desk
Call you by name in waiting areas
Contact you by phone, mail, text, or electronic means regarding appointments, follow-up care, or treatment-related matters
We may call your phone and leave a message (either on voicemail or with the person answering the phone) to remind you of an upcoming appointment, the need to reschedule a new appointment or to call our office.

You may request alternative methods for communications.

USES AND DISCLOSURES WITHOUT AUTHORIZATION

We may use or disclose your PHI without your authorization in the following circumstances, as permitted or required by law:

As required by federal, state, or local law
Public health activities
Health oversight activities
Reporting abuse, neglect, or domestic violence
Food and Drug Administration (FDA) activities
Judicial and administrative proceedings
Law enforcement purposes
Coroners, medical examiners, funeral directors, and organ donation
Research activities (subject to applicable safeguards)
To avert a serious threat to health or safety
Military, national security, and intelligence activities
Workers’ compensation claims
Inmate and correctional institution situations
Compliance investigations by the U.S. Department of Health and Human Services

USES AND DISCLOSURES REQUIRING AUTHORIZATION

All other uses and disclosures of your PHI not described in this Notice will be made only with your written authorization. You may revoke such authorization in writing at any time, except to the extent that action has already been taken in reliance on it.

We will not:

Sell your PHI
Use or disclose your PHI for marketing purposes without your written authorization

YOUR RIGHTS REGARDING PROTECTED HEALTH INFORMATION

You have the right to:

Inspect and obtain a copy of your PHI in paper or electronic format within 30 days of a written request
Request an amendment to your PHI. We will respond within 60 days of your request
Request restrictions on certain uses or disclosures of your PHI
Restrict disclosure to a health plan for services paid in full out-of-pocket
Request confidential communications by alternative means
Receive an accounting of disclosures of your PHI
Receive a paper copy of this Notice upon request
Be notified following a breach of your unsecured PHI
File a complaint if you believe your privacy rights have been violated

We are not required to agree to all restriction requests. If a restriction is denied, you may seek care from another provider.

SAFEGUARDS FOR PROTECTED HEALTH INFORMATION

We maintain physical, administrative, and technical safeguards designed to protect the privacy and security of your PHI in accordance with HIPAA, the HIPAA Omnibus Rule, and applicable state law. These safeguards include, but are not limited to:

Secured office locations and restricted access areas
Password-protected electronic systems
Locked filing cabinets and storage areas
Workforce training and written privacy policies
Limiting access to PHI to workforce members who require it to perform their job duties

BREACH NOTIFICATION

In the event of a breach of unsecured PHI, as defined under HIPAA and the HIPAA Omnibus Rule, we will notify affected individuals without unreasonable delay and no later than 60 days following discovery of the breach, in accordance with applicable law.

CHANGES TO THIS NOTICE

We reserve the right to change the terms of this Notice and to make the revised Notice effective for all PHI we maintain. Any revised Notice will be made available upon request and posted in our offices.

COMPLAINTS AND CONTACT INFORMATION

If you believe your privacy rights have been violated, you may file a complaint with:

OSCSC Privacy Officer
The Orthopaedic and Spine Center of Southern Colorado
4110 Briargate Parkway, Suite 200
Colorado Springs, CO 80920
Phone: (719) 282-8888

Email: cbesch@jointandspineasc.com

CALL TODAY: (719) 282-8888

NOTICE OF PRIVACY PRACTICES

GENERAL INFORMATION

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION

Treatment

Payment

Healthcare Operations

USES AND DISCLOSURES WITHOUT AUTHORIZATION

USES AND DISCLOSURES REQUIRING AUTHORIZATION

YOUR RIGHTS REGARDING PROTECTED HEALTH INFORMATION

SAFEGUARDS FOR PROTECTED HEALTH INFORMATION

BREACH NOTIFICATION

CHANGES TO THIS NOTICE

COMPLAINTS AND CONTACT INFORMATION

“So far this surgery center is the best one I have been to. My family and I were treated with the highest level of respect. I was very calm due to the knowledge and top-notch abilities of all staff members. Fantastic facility.”

Patient Stories

CALL TODAY: (719) 282-8888

Privacy Policy

NOTICE OF PRIVACY PRACTICES

GENERAL INFORMATION

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION

Treatment

Payment

Healthcare Operations

USES AND DISCLOSURES WITHOUT AUTHORIZATION

USES AND DISCLOSURES REQUIRING AUTHORIZATION

YOUR RIGHTS REGARDING PROTECTED HEALTH INFORMATION

SAFEGUARDS FOR PROTECTED HEALTH INFORMATION

BREACH NOTIFICATION

CHANGES TO THIS NOTICE

COMPLAINTS AND CONTACT INFORMATION

Footer

“So far this surgery center is the best one I have been to. My family and I were treated with the highest level of respect. I was very calm due to the knowledge and top-notch abilities of all staff members. Fantastic facility.”

Patient Stories