HIPAA Notice of Privacy Practices

The Eastover Clinic
725 Providence Road, Suite 302
Charlotte, NC 28207
Phone: 980.785.4744 | Fax: 980.998.7524
Email: admin@theeastoverclinic.com

Effective Date: June 28, 2026

This Notice of Privacy Practices describes how The Eastover Clinic may use and disclose your health information, your rights regarding your health information, and our responsibilities under federal and state privacy laws. Please review it carefully.

The Eastover Clinic is committed to protecting the privacy and security of your health information. We are required by law to maintain the privacy of protected health information, provide this Notice, and follow the terms of the Notice currently in effect.

1. How We May Use and Disclose Your Health Information

We may use and disclose your health information for the following purposes:

Treatment

We may use and share your health information to provide, coordinate, or manage your medical care. This may include sharing information with other physicians, healthcare professionals, laboratories, pharmacies, consultants, or other providers involved in your care.

Examples include sending a biopsy specimen to a dermatopathology laboratory, sending a prescription to your pharmacy, communicating with another physician about your care, or reviewing your medical history before a procedure.

Payment

The Eastover Clinic is a direct-pay practice and does not bill commercial insurance or Medicare. However, we may use and disclose your health information as needed for payment-related purposes, such as processing payment, providing receipts, creating superbills when appropriate, managing your account, or responding to payment questions.

If you request a superbill for possible out-of-network reimbursement, it may include diagnosis codes, procedure codes, dates of service, and other health information. Patients who are enrolled in Medicare should understand that The Eastover Clinic has opted out of Medicare, and Medicare claims may not be submitted for services provided under a private contract.

Healthcare Operations

We may use and disclose your health information for practice operations. These activities help us run the practice, improve patient care, evaluate quality, train staff, manage scheduling, communicate with patients, conduct internal reviews, and support legal, compliance, accounting, and administrative functions.

Examples include reviewing patient feedback, improving our scheduling process, training team members, performing quality reviews, and working with service providers who help us operate the practice.

2. Other Ways We May Use or Disclose Your Information

We may also use or disclose your health information in the following situations, as permitted or required by law:

Appointment Reminders and Patient Communications

We may contact you about appointments, forms, follow-up care, test results, treatment plans, prescriptions, billing questions, or other matters related to your care. Communications may occur by phone, voicemail, text message, email, patient portal, mail, or other methods you authorize.

Standard email and text messaging may not be fully secure. By providing your email address or phone number and choosing to communicate with us this way, you understand and accept this risk unless you tell us that you do not want to be contacted in a certain way.

Health-Related Services and Treatment Options

We may contact you about treatment options, preventive care, skincare products, medications, procedures, follow-up care, or other health-related services that may be relevant to you.

Business Associates

We may share your health information with third-party service providers who help us operate the practice, such as electronic health record systems, scheduling platforms, payment processors, secure communication platforms, laboratories, IT vendors, accountants, attorneys, consultants, and other operational partners. These service providers are required to protect your health information.

Other Disclosures Permitted or Required by Law

We may use or disclose your health information when permitted or required by federal, state, or local law. This may include disclosures related to public health and safety, abuse or neglect reporting, health oversight activities, legal proceedings, law enforcement, serious threats to health or safety, workers' compensation, coroners or medical examiners, funeral directors, and certain specialized government functions.

3. Uses and Disclosures That Require Your Written Authorization

We will not use or disclose your health information for the following purposes without your written authorization, unless otherwise permitted by law:

Marketing communications that require authorization under HIPAA
Sale of your health information
Most uses and disclosures of psychotherapy notes, if applicable
Use of identifiable patient photos, videos, testimonials, or stories for marketing, website, social media, or promotional purposes

You may revoke an authorization at any time in writing, except to the extent we have already relied on it.

4. Clinical Photography

As part of dermatologic care, The Eastover Clinic may take clinical photographs to document your skin condition, monitor treatment progress, support diagnosis, assist with procedures, or communicate with other healthcare professionals involved in your care.

Clinical photographs that are part of your medical record are protected health information. We will not use identifiable photographs for marketing, social media, website, advertising, teaching outside of permitted healthcare operations, or other promotional purposes without your separate written permission.

5. Your Rights Regarding Your Health Information

You have the following rights regarding your protected health information:

Right to Access Your Records

You have the right to request access to inspect or receive a copy of your medical records and other health information we maintain about you. We may provide records electronically or in another format as required or permitted by law.

We may charge a reasonable, cost-based fee for copies, mailing, or other supplies associated with your request, as permitted by law.

Right to Request an Amendment

If you believe that information in your medical record is incorrect or incomplete, you may request that we amend it. Your request must be made in writing and explain why you believe an amendment is needed.

We may deny your request in certain circumstances, such as if we determine that the record is accurate and complete.

Right to an Accounting of Disclosures

You have the right to request a list of certain disclosures we have made of your health information. This list will not include disclosures made for treatment, payment, healthcare operations, disclosures you authorized, or certain other disclosures excluded by law.

Right to Request Restrictions

You have the right to request that we restrict certain uses or disclosures of your health information. We are not required to agree to all requested restrictions, except in certain circumstances required by law.

If you pay out of pocket in full for a service and ask us not to share information about that service with your health plan, we will honor that request unless disclosure is required by law.

Right to Request Confidential Communications

You have the right to request that we contact you in a specific way or at a specific location. For example, you may ask that we contact you only by phone, only through a patient communication platform, or at a particular mailing address.

We will accommodate reasonable requests.

Right to Receive a Paper Copy

You have the right to receive a paper copy of this Notice at any time, even if you have agreed to receive it electronically.

Right to Be Notified of a Breach

You have the right to be notified if we discover a breach of unsecured protected health information involving your information, as required by law.

Right to Choose Someone to Act for You

If you have given someone medical power of attorney or if someone is your legal guardian, that person may exercise your rights and make choices about your health information. We may verify that the person has this authority before taking action.

6. Your Choices

In certain situations, you may tell us how you want us to share your information.

Family, Friends, and Caregivers

You may give us permission to share relevant health information with a family member, friend, caregiver, or other person involved in your care or payment for your care.

If you are present and able to make decisions, we will generally ask for your permission before sharing information with others. If you are not present or are unable to make decisions, we may use professional judgment to determine whether sharing limited information is in your best interest.

Communications Preferences

You may tell us your preferred method of communication. You may also ask us not to communicate with you by certain methods, such as text message or email. We will make reasonable efforts to honor your request.

7. Minors

For patients who are minors, a parent or legal guardian generally has the right to access the minor's health information and make decisions regarding care, subject to applicable law. In some circumstances, minors may have rights to confidential care or records under state or federal law.

8. Our Responsibilities

The Eastover Clinic is required to protect the privacy and security of your protected health information, follow the terms of this Notice, provide you with a copy of this Notice, and notify you if a breach occurs that may have compromised the privacy or security of your information.

We will not use or disclose your information other than as described in this Notice unless you authorize us in writing or the law permits or requires us to do so.

9. Changes to This Notice

We may update this Notice from time to time. Any revised Notice will apply to the health information we already have about you as well as any information we receive in the future.

The current version of this Notice will be available on our website and upon request.

10. Questions or Complaints

If you have questions about this Notice or concerns about how your health information has been handled, please contact: