Martinez Heart & Home Care Logo
πŸ”’ HIPAA • RCW 70.02 • Washington State Compliant

Privacy Policy

Martinez Heart & Home Care is committed to protecting your privacy and the security of your health information. This policy explains your rights and our obligations under federal and Washington State law.

Effective Date: January 1, 2025 • Last Updated: July 1, 2026 • Version 1.0

πŸ”’ Privacy Policy

Martinez Heart & Home Care • Washington State Licensed Home Care Agency • LPN-Supervised

βœ… Effective January 1, 2025 • Last Updated July 1, 2026

πŸ“‹ Privacy at a Glance

πŸ”’
We Protect Your PHIYour health information is protected under HIPAA and Washington State law (RCW 70.02).
🚫
We Don't Sell Your DataWe never sell, rent, or trade your personal or health information.
βœ‹
You Have RightsYou have the right to access, correct, and control your health information.
πŸ“‹
Limited SharingWe share your information only as needed to provide care and as required by law.
🌐
Website PrivacyOur website collects minimal data. No PHI is collected through public web forms.
πŸ“ž
Contact Us AnytimeQuestions? Call our Privacy Officer at (XXX) XXX-XXXX.

1 Who We Are & Scope of This Policy

Martinez Heart & Home Care is a Washington State licensed in-home care agency operating under Home Care Agency License pursuant to WAC 246-335, supervised by a Licensed Practical Nurse (LPN). We provide non-skilled and LPN-level in-home care services to clients in Washington State.

This Privacy Policy describes how we collect, use, disclose, and protect your personal information and protected health information (PHI). It applies to all clients, prospective clients, family members, authorized representatives, website visitors, and all employees and caregivers of the Agency.

ℹ️ HIPAA Covered EntityMartinez Heart & Home Care is a HIPAA covered entity. We are required by law to maintain the privacy of your protected health information, provide you with this Notice, and follow the terms of this Notice currently in effect.

2 Information We Collect

2.1 Protected Health Information (PHI)

CategoryExamplesHow Collected
Identifying InformationName, date of birth, address, phone, emailClient intake forms, in-person assessment
Medical HistoryDiagnoses, surgical history, hospitalizationsClient assessment, physician records
Medication InformationCurrent medications, dosages, allergiesClient assessment, pharmacy records
Vital Signs & Clinical DataBlood pressure, weight, Oβ‚‚ saturationLPN assessment visits
Functional StatusADL abilities, mobility, cognitive statusClient assessment form
Insurance & PaymentMedicaid ID, insurance policy numbersIntake forms, insurance verification
Care DocumentationVisit notes, plan of care, progress notesCaregiver documentation, LPN notes

2.2 Personal Information (Non-PHI)

Through our website and public forms, we collect limited personal information that does not constitute PHI β€” contact information, general care preferences, and referral source information. Our public forms are designed to collect contact information only, not medical diagnoses or sensitive health data.

βœ… Our Public Forms Do Not Collect PHIOur public website forms collect contact information and general care preferences only. PHI is collected only through secure, HIPAA-compliant channels after a client relationship is established.

3 How We Use Your Health Information

3.1 Treatment

We use your health information to provide, coordinate, and manage your care, including sharing information with your physicians, specialists, pharmacists, and other healthcare providers involved in your care.

3.2 Payment

We may use and disclose your health information to obtain payment for services, including submitting claims to Medicaid (Apple Health), Medicare, long-term care insurance, or the VA.

3.3 Healthcare Operations

We may use your health information for quality assurance, caregiver training and supervision, compliance audits, and business planning.

3.4 Other Permitted Uses Without Authorization

  • As Required by Law: Mandatory reporting under RCW 74.34 (suspected abuse, neglect, or exploitation)
  • Public Health Activities: Reporting communicable diseases to public health authorities
  • Health Oversight: Responding to audits or inspections by DSHS, DOH, or other regulatory agencies
  • Emergency Situations: To prevent or lessen a serious and imminent threat to health or safety
  • Workers' Compensation: As authorized by Washington State workers' compensation laws
❀️ We Never Sell Your InformationMartinez Heart & Home Care does not sell, rent, trade, or otherwise transfer your personal information or protected health information to third parties for commercial purposes.

4 Your Rights Regarding Your Health Information

πŸ“‹ Right to Access

You have the right to inspect and obtain a copy of your health records within 30 days of your request.

✏️ Right to Amend

You may request corrections to your health information if you believe it is inaccurate or incomplete.

πŸ“Š Right to an Accounting

You may request a list of disclosures we have made of your PHI for the past 6 years.

🚫 Right to Restrict

You may request restrictions on how we use or disclose your PHI.

πŸ”’ Right to Confidential Communications

You may request that we communicate with you in a specific way or at a specific location.

↩️ Right to Revoke Authorization

You may revoke any authorization you have given us at any time in writing.

πŸ“„ Right to a Copy of This Notice

You have the right to receive a paper copy of this Notice at any time.

βš–οΈ Right to File a Complaint

You may file a complaint with us or with HHS if you believe your privacy rights have been violated. We will not retaliate.

ℹ️ How to Exercise Your RightsSubmit a written request to our Privacy Officer at: privacy@martinezheartandhomecare.com or call (XXX) XXX-XXXX. We will respond within the timeframes required by law.

5 How We Protect Your Information

5.1 Administrative Safeguards

  • Designated Privacy Officer responsible for HIPAA compliance
  • Staff training on privacy and security policies
  • Access controls limiting PHI access to authorized personnel only
  • Business Associate Agreements (BAAs) with all vendors who handle PHI

5.2 Physical Safeguards

  • Secure storage of paper records in locked files
  • Secure disposal of PHI (shredding of paper records)
  • Device and media controls for electronic PHI

5.3 Technical Safeguards

  • SSL/TLS encryption for all web-based data transmission
  • Password-protected access to electronic health records
  • Encrypted email for PHI communications

5.4 Breach Notification

In the event of a breach of unsecured PHI, we will notify affected individuals, HHS, and if required, the media, in accordance with the HIPAA Breach Notification Rule (45 CFR Part 164, Subpart D) and Washington State data breach notification law (RCW 19.255.010) within 60 days of discovery.

6 Record Retention

Record TypeRetention PeriodLegal Basis
Client Health Records (PHI)Minimum 6 yearsHIPAA 45 CFR Β§164.530(j); WAC 246-335
HIPAA Authorizations6 years from date of signatureHIPAA 45 CFR Β§164.508(b)(6)
This Privacy Notice6 years from effective dateHIPAA 45 CFR Β§164.520(e)
Caregiver Employment Records3 years after terminationRCW 49.12; federal employment law
Billing & Payment Records7 years (Medicaid: 10 years)IRS; Medicaid regulations
Incident Reports6 years minimumWAC 246-335; RCW 74.34

7 Website Privacy & Cookies

When you visit our website, we may automatically collect non-personal information including IP address, browser type, pages visited, and device type. This information is used solely to improve our website and is not linked to your personal identity.

Our website may use essential cookies required for the website to function and analytics cookies to understand how visitors use our site. You may disable cookies through your browser settings.

Information submitted through our public consultation request form is transmitted using SSL/TLS encryption and collects contact information only β€” not protected health information.

8 Washington State Privacy Rights

Washington Health Care Information Act (RCW 70.02)

Washington State law provides strong protections for health care information. Under RCW 70.02, you have the right to access your health care information within 15 business days of request, request corrections, restrict disclosure, and file a complaint with the Washington State Department of Health.

Washington My Health MY Data Act (RCW 70.372)

Washington State's My Health MY Data Act provides additional protections for consumer health data. We comply with all applicable requirements of this law, including restrictions on the collection, sharing, and sale of consumer health data.

Vulnerable Adult Protections (RCW 74.34)

As a home care agency serving vulnerable adults, we are mandatory reporters under RCW 74.34. We are required by law to report suspected abuse, neglect, financial exploitation, or abandonment of vulnerable adults to Adult Protective Services and law enforcement.

9 Changes to This Privacy Policy

We reserve the right to change this Privacy Policy at any time. We will post the revised Notice on our website and make it available in our office. We will notify existing clients of material changes by posting the updated Notice with a new effective date and providing a copy at the next scheduled care visit.

10 Contact Us & How to File a Complaint

πŸ“ž Privacy Officer Contact

πŸ“ž Phone: (XXX) XXX-XXXX

πŸ“§ Email: privacy@martinezheartandhomecare.com

πŸ• Hours: Mon–Fri 8am–6pm • Sat 9am–3pm

To file a complaint:

  • Martinez Heart & Home Care Privacy Officer: (XXX) XXX-XXXX
  • HHS Office for Civil Rights: 1-800-368-1019 • hhs.gov/hipaa/filing-a-complaint
  • Washington State DOH: 1-800-525-0127
  • DSHS Complaint Resolution: 1-800-562-6078
βœ… No RetaliationWe will not retaliate against you for filing a complaint with us or with any government agency.

✍️ Privacy Policy Acknowledgment

Please confirm you have read and understood this Privacy Policy β€” then sign below

❀️ Why We Ask for Your Acknowledgment As a HIPAA-covered entity, Martinez Heart & Home Care is required to provide clients with a Notice of Privacy Practices and make a good-faith effort to obtain written acknowledgment of receipt per 45 CFR §164.520.
βœ“

Acknowledgment Recorded!

Thank you for reviewing and acknowledging our Privacy Policy. Your acknowledgment has been securely recorded.

Reference #: PP-000000
βœ… Acknowledged By
β€”
β€”

A copy of this acknowledgment is retained in your client file per HIPAA requirements (minimum 6 years).

⚠️ Please fix the following:
    I acknowledge the following (check all boxes): *
    Please check all acknowledgment boxes.
    Please type your full legal name.
    Required.
    Required.
    Sign above this line
    Draw with mouse or touch screen
    πŸ“ Acknowledgment Preview
    Your name will appear here as you type...
    Acknowledged on: β€”
    Reference: Will be assigned on submission
    πŸ‘οΈ Witness / Agency Staff β€” For Office Use Only

    πŸ”’ Secure • HIPAA-Compliant • Retained per 45 CFR Β§164.520 • Minimum 6-year retention