Skip to Main Content

Privacy Policy

Notice of Privacy Practices

This notice describes how health medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. Effective: November 1, 2021

We are required by law to maintain the privacy of your protected health information (“PHI”) and to provide individuals with notice of our legal duties and privacy practices with respect to PHI. We are required to follow the practices described in this Notice. We reserve the right to change our privacy practices and the terms of this Notice at any time. If we change our Notice, we will post the revised Notice in our facilities and will have them available upon request. You can receive a copy of the current Notice at any time. This Notice describes how we have extended certain protections to your PHI and how, when, and why we may use and disclosure your PHI. With certain exceptions, we will use or disclose your PHI in the minimum necessary manner to accomplish the intended purpose of the use or disclosure. We will share PHI as is necessary to provide quality health care and receive reimbursement for those services as permitted by law. To the extent there is stricter State or federal law regulating the privacy of your PHI, we will comply with the more strict provisions of law.

We may post this Notice or revisions on our website.

We are required by law to abide by the terms of the notice currently in effect.

Right to a Paper Copy of this Notice

You have the right to receive a paper copy of this or any revised Notice and/or an electronic copy by email upon request to the Privacy Officer.

Right to File a Complaint

If you believe that we may have violated your privacy rights, or you disagree with a decision we made about access to your PHI, you may file a complaint with the Privacy Officer listed below. You may also file a written complaint with the Secretary of the U.S. Department of Health and Human Services at 200 Independence Avenue, SW, Washington D.C. 20201 or call 1-877-696-6775. There will be no retaliation for filing a complaint.

Right to provide an authorization for other uses and disclosures. We will obtain your written authorization for uses and disclosures that are not identified by this notice or permitted by applicable law. Any authorization you provide to us regarding the use and disclosure of your PHI may be revoked at any time in writing. After you revoke your authorization, we will no longer use or disclose your PHI for the reasons described in the authorization. Please note, we are required to retain records of your care.

Contact: Privacy Officer

If you have questions about this Notice or any complaints about our privacy practices, please contact our privacy officer at:

IAB Privacy Officer 445 East Dublin Granville Road, Worthington, OH 43085 614.844.3800 ext. 2064 iabprivacyofficer@iamboundless.org.

-OR-

Report a Concern Online: boundless.ethicspoint.com and select “Make a Report”

Toll-Free Hotline: 1-844-913-0617

Business Associates

It may be necessary for us to provide your health information to certain outside persons or entities that assist us with our operations, such as auditing, accreditation, legal services, etc. These business associates are required to properly safeguard the privacy of your health information.

Treatment Alternatives

We may use and disclose your PHI to tell you about possible treatment options or alternatives that may be of interest to you.

Individuals Involved in Your Care or Payment of Your Care

We may, subject to specific limitations, disclose your PHI to family or personal representatives involved in or who help pay for your care. We also may disclose your PHI as necessary in case of an emergency. If you are able and available to agree or object, we will give you the opportunity to do so prior to making this notification. If you are unable or unavailable to agree or object, we will use our best judgement in communication with your family and personal representatives.

Appointments, Services, and Fundraising

We may contact you to provide appointment reminders, information about treatment alternatives, or other health-related benefits and services that may be of interest to you. You have the right to request, and we will accommodate your reasonable requests, to receive communications regarding your health information from us by alternative means or at alternative locations. You may request such confidential communication by sending your written request to the Privacy Officer. We may contact you to support our fundraising efforts. You may opt-out of receiving any further fundraising communications from us by notifying our Privacy Officer at 614.844.3800 with your request to be removed from our fundraising mailing and contact lists.

THE FOLLOWING USES AND DISCLOSURES WILL BE MADE ONLY WITH YOUR AUTHORIZATION:

(i) uses and disclosures for marketing purposes; (ii) uses and disclosures that constitute the sale of PHI; (iii) uses and disclosures of psychotherapy notes, as applicable; and (iv) other uses and disclosures not described in this notice.

As Required by Law. We will disclose your PHI when required to do so by federal, state or local law.

Boundless may participate in health information exchanges (HIE) for the purposes of improving the overall quality of health care services provided through the coordination of care. The HIE would be responsible for implementing administrative, physical and technical safeguards to ensure the confidentiality, integrity and availability of the data it receives, creates, maintains, or transmits.

SPECIAL USE AND DISCLOSURE SITUATIONS

We may use or disclose health information about you without your prior authorization for several other reasons. Subject to certain requirements, we may give out your health information without prior authorization for public health purposes, accrediting organizations, required abuse or neglect reporting, health oversight audits or inspections, research studies, funeral arrangements and organ donations, worker’s compensation purposes, and emergencies.

We also disclose health information when required by law, such as in response to a request from law enforcement in specific circumstances or in response to valid judicial or administrative orders.

YOUR RIGHTS REGARDING YOUR HEALTH INFORMATION AND HOW TO EXERCISE YOUR RIGHTS

Restrictions on Use and Disclosure of Individual Health Information

You have the right to request that we restrict how we use and disclosure your health information. You may ask us not to disclose a part of your PHI if you have paid for the services related to that treatment when we might otherwise have billed someone else for those services. You may also request that a part of your PHI not be disclosed to family members or others involved in your care. These restrictions must be made in writing to our Privacy Officer and signed by you or your representative. Any request must specify the specific restriction requested and the persons that the restriction applies to. We are not required to agree to your restrictions. We cannot agree to limit uses/disclosures that are required by law. In the event of a termination of an agreed-to restriction by us, we will notify you of such termination. You may terminate, in writing or orally, any agreed-to restriction by sending such termination notice to the Privacy Officer.

Access to Individual Health Information

You have the right to inspect and copy your health information. All such requests must be made in writing to our Privacy Officer and signed by you or your representative. Under some circumstances, you may not be able to review your PHI such as psychotherapy notes, records related to legal proceedings, or as otherwise restricted by law. We must make PHI available in electronic format upon request and where available. We may charge a fee for the costs of copying, mailing, labor and supplies associated with your request. We may deny your request to inspect and/or copy in certain limited circumstances; however, you may request a review of our denial.

Amendments to Individual Health Information

You have the right to request that your health information be amended or corrected. We will respond within 60 days unless an extension is taken. In certain cases, we may deny your request for amendment and you will be given written notice that will explain the basis and your right to appeal. You may also submit a statement of disagreement and we may prepare a rebuttal that will be provided to you. All amendment requests must be in writing, signed by you or your representative, and must state the reasons for the amendment. If we make an amendment, we may notify others who work with us and have copies of the un-amended record if we believe that such notification is necessary. You may obtain a Request for Amendment form from the Privacy Officer.

Accounting for Disclosures of Individual Health Information

You have the right to receive an accounting of certain disclosures of your health information made by us after April 14, 2003. Requests must be made in writing and signed by you or your representative. Request for Accounting forms are available from the Privacy Officer. The right to receive this information is subject to certain exceptions, restrictions, and limitations. Some fees may apply.

Notification of Breach. We will comply with the requirements of applicable privacy laws related to notifying you in the event of a breach of your PHI.

USES AND DISCLOSURES OF YOUR PROTECTED HEALTH INFORMATION

We are committed to maintaining the confidentiality of your health information. Your health information may be used and disclosed for purposes of treatment, payment, and health care operations. Outside of these permitted uses, we must have your written and signed authorization unless the law permits or requires the use or disclosure without your authorization. You have the right to revoke that authorization in writing except to the extent any action has been taken in reliance on the authorization.

Treatment

We may use your PHI to provide you with medical treatment or services. For example, we may disclose medical information about you to doctors, psychologists, pharmacists, nurses, social workers, therapists, technicians or other personnel involved in providing services to you. Different departments of I Am Boundless, and its affiliates may also share medical information about you in order to coordinate the different services you need.

Payment

We may use and disclose your PHI in order to bill and collect payment for the services and items you may receive from us. For example, we may contact your health insurer to certify that you are eligible for benefits (and for what range of benefits), and we may provide your insurer with details regarding your treatment to determine if your insurer will cover, or pay for, your treatment. Also, we may use your PHI to bill you directly for services and items, as appropriate. We may disclose your PHI to other health care providers and entities to assist in their billing and collection efforts.

Health care operations

We may use and disclose your PHI to operate our business. For example, we may use personal health information to evaluate our services and the performance of our staff. We may also use personal health information for training purposes or to develop new policies, procedures, or programs that may benefit you or other individuals that we support. We may disclose your PHI to other health care providers and entities to assist in their health care operations as permitted by law.

Overview

I Am Boundless, Inc. and its affiliates recognize the importance of privacy to visitors of this website. This privacy policy explains what type of information is collected from you when you visit any of the pages within the Boundless website.

Visitors under the age of 18 must obtain permission from their parents or guardians before sending any personal identifying information to any page within the Boundless website.

Boundless is committed to ensuring the privacy and accuracy of your confidential information. We do not actively share personal information gathered from our Web servers. This means that while we do not actively share information, in some cases we may be compelled by law to release information gathered from our Web servers.  Boundless also complies with Boundless’ policy concerning privacy and release of individuals medical records. 

What Information is Collected?

All Boundless pages use the Google Analytics service to track IP address information. This assists Boundless in improving functionality and content, and in monitoring the website's performance. Data is used to provide answers to specific questions about the usage and performance of the website or individual Web pages; however, no personally identifying information is collected during the process. Except as defined above, no IP address data is shared with parties external to the university. Google Analytics may also track non-identifying demographic data that it has access to, including age, gender, and affinity/interest categories.

Some pages within the Boundless website require personal information in order to provide online services. Personal information is gathered and stored in a secure manner to prevent monitoring or interception. Boundless and its designated online service providers do not share personal information with third parties except as defined above. 

Boundless prioritizes the privacy and security of your credit card information. Credit card payments made through our public website are securely processed by a trusted third-party payment processor. This information is transmitted directly to the processor and is not accessed, stored, or retained on any Boundless servers, including those that host our public website. 

All payment processing partners comply with the Payment Card Industry Data Security Standard (PCI DSS), which strictly governs the collection, use, and sharing of payment-related personal information. Boundless is also committed to meeting PCI DSS requirements to ensure the highest level of security for all transactions. 

Like all other Web servers, Boundless servers automatically create log files for each visitor who accesses our website. These "access logs" allow us to make our website more useful to visitors. The access logs do not record a visitor's name, address, phone number, credit card numbers, or any other personal identifying information. Rather, they contain some or all of the following information:

  • The Internet Protocol Address (IP Address) of machines which accessed our website
  • The date of the visit
  • The time of the visit
  • The path taken through our website
  • The browser being used
  • A list of files downloaded or viewed
  • Any errors encountered

All of the information collected by Boundless is used for internal purposes only and is not distributed to any other charitable, cultural, nonprofit organizations, or third parties outside Boundless. 

Updates and Contact Information

Boundless reserves the right to change this policy. Any changes to this policy will be posted to this page as soon as reasonably possible, so please check this page periodically. Use of any Boundless Web pages constitutes consent to any policy then in effect.

Disclaimer of Liability

The information contained in this policy explains the Internet privacy policy and practices that Boundless has adopted for its official Web pages. In legal terms, it shall not be construed as a contractual promise, and Boundless reserves the right to amend it at any time without notice. Neither Boundless nor any of its programs, employees, agents, or individual trustees shall be held liable for any improper or incorrect use of the information described and/or contained in the website and assumes no responsibility for anyone's use of the information.

How to Contact Us

If you have any questions about this privacy statement, the practices of this website, or your dealings with this website, please contact us info@iamboundless.org.

Stay involved by joining our mailing list!