Policies and Disclosures

---

Updated: February 2, 2026

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED OR DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

General

Florida Retina Institute® is a medical practice specializing in the treatment and surgical management of vitreo-retinal diseases and conditions and is owned by Cencora, Inc. Our website address is www.floridaretinainstitute.com.

Florida Retina Institute® (“Practice,” “FRI,” “we,” “our,” or “us”) recognizes the importance of protecting the privacy needs of users of our websites and social media pages (the “Service”) and through other interactions by email, surveys, or telephone. This Privacy Policy describes the types of personal information we may collect from you or that you may provide when you visit the Service, and our practices for collecting, using, maintaining, protecting, disclosing, and processing such personal information. As used in this Privacy Policy, “personal information” means information that identifies, relates to, or describes an identified or identifiable natural person.

This Privacy Policy does not apply to the personal information, including health information, that we collect in the course of providing treatment services. Please see our HIPAA Notice of Privacy Practices for information about how we receive and process that personal information.

Scope & Applicability

This Privacy Policy applies to information collected through our public website(s), web forms, scheduling pages, and official social media accounts, as well as through email and telephone communications. It also applies to data gathered by cookies and similar technologies used on the Service.

Because our audience can include visitors from California, Canada (including Quebec), and the EU/EEA, we have incorporated requirements from CCPA/CPRA, PIPEDA, Quebec Law 25, and GDPR + ePrivacy Directive where applicable. Under GDPR and the ePrivacy Directive, non‑essential cookies require prior, informed, granular consent before activation; under CCPA/CPRA, consumers must have an easy opt‑out of sale/sharing and we must honor Global Privacy Control (GPC) signals; PIPEDA emphasizes consent, transparency, and fair use; Quebec Law 25 requires express, clear consent and strengthened rights and obligations. [usercentrics.com], [verasafe.com], [secureprivacy.ai], [usercentrics.com], [cookieyes.com], [priv.gc.ca], [bclplaw.com], [cookiehub.com]

About This Notice

We are required by law to maintain the privacy of Protected Health Information and to give you this Notice explaining our privacy practices with regard to that information. You have certain rights - and we have certain legal obligations - regarding the privacy of your Protected Health Information, and this Notice also explains your rights and our obligations . We are required to abide by the terms of the current version of this Notice.

What is Protected Health Information?

"Protected Health Information" is information that individually identifies you and that we create or get from you or from another health care provider, health plan, your employer, or a health care clearinghouse and that relates to (1) your past, present, or future physical or mental health or conditions,(2) the provision of health care to you, or (3) the past, present, or future payment for your health care.

How We May Use and Disclose Your Protected Health Information

We may use and disclose your Protected Health Information in the following circumstances: For Treatment. We may use or disclose your Protected Health Information to give you medical treatment or services and to manage and coordinate your medical care. For example, your Protected Health Information may be provided to a physician or other health care provider (e.g., a specialist or laboratory) to whom you have been referred to ensure that the physician or other health care provider has the necessary information to diagnose or treat you or provide you with a service.

Information We Collect and Use

Through the Service and by Email and Telephone

We collect and store the following personal information and use it for typical business purposes (including security and anti‑fraud purposes), as described more specifically below.

• Personal identifiers. We receive personal identifiers (such as your name, phone number, cell phone number, date of birth, e‑mail address, mailing address, gender, and social media username) and use them to respond to your requests, and to communicate with you for appointments, marketing, surveys, and informational purposes. We may also collect and use this information to respond to feedback, complaints, and to provide information about our products and services.
• Message content. We receive messages you provide through email, by phone, or a Contact Us form on the Service, including in connection with customer service requests, appointment requests, surveys, and complaints. We use this information to respond to your requests and to improve the Service and our services. We may also use this information to post reviews on our Service.
• Appointment or curbside consult information. When you request to make an appointment or curbside consult online, we treat that information in accordance with the HIPAA Notice of Privacy Practices, not under this Privacy Policy.
• Business‑related information. We may receive business‑related information when you refer a patient (such as the name of your practice). We use this information to respond to your requests.
• Location information. We may use some of the information we collect, such as IP addresses, to estimate an approximate location of the device you are using to access our Service in order to enhance and personalize the features and functionality of the Service and service offerings.
• Survey information. We may receive survey responses that you submit to us. We use this information for research and other business purposes.
• Anonymous or aggregated information. We de‑identify or aggregate data we receive and may use and disclose it for any business purpose.
• Inferences. We may draw inferences from the categories of information described above. This information may be used so that we can improve future user experiences with the Practice and to provide a more personalized experience.

From Referring Physicians

If you use the Service to refer a patient, we may submit information about your practice and relating to the patient, including personal identifiers (such as their name, date of birth, phone number, and address), gender, patient insurance number, a description of the reason for the referral (such as diagnosis and symptoms), and any other information you may provide. We process the patient information received from referrals in accordance with the HIPAA Notice of Privacy Practices and not under this Privacy Policy.

Social Media

If you post information on our social media pages, we may use the information to respond to your post, to promote our business and services, and in the normal course of our business operations. We may collect personal identifiers, such as your social media username, and other personal characteristics that you have made publicly available on the social media website. Note: Third‑party operators of social media websites also receive such information and your posts, and their use of your personal information is governed by their own privacy policies.

Automatically Through the Service (Cookies & Similar Technologies)

When you visit our Service, we and our third‑party partners collect information by automated means. Such means include the use of cookies, web beacons, web server logs, scripts, and other similar technologies.

We may use such technologies to collect personal identifiers (such as your IP address), information about your device (such as your browser characteristics, device IDs and characteristics, operating system version, and language preferences) and information concerning your usage of our Service (including the link you used to reach a given webpage). We use this information to determine how many users have visited particular webpages, viewed particular content, or opened messages or alerts, and we may also use such information to improve the performance of the Service, improve our marketing activities, and to enforce our website service terms, prevent malicious conduct, and for anti‑fraud and security purposes.

We may use technologies and services such as Google Analytics (usage analytics), Google Tag Manager (tag orchestration), Google reCAPTCHA (security), Hotjar (behavioral analytics to understand user interactions and improve usability), and the UserWay ADA Accessibility Tool (to provide accessibility features and store related user preferences). Hotjar maintains GDPR‑readiness and requires controllers to disclose use and obtain consent where applicable; we implement consent through our banner/CMP prior to any non‑essential tracking. [hotjar.com], [simpleanalytics.com]

You may be able to change a web browser’s settings to block and delete cookies when you access the Service through that web browser. However, if you do that, the Service may not work properly; also, we will still receive basic information (such as last URL visited) when you navigate to the Service. Do Not Track and Global Privacy Control (GPC). Traditional browser Do Not Track (DNT) signals are not standardized, and our Service does not respond to legacy DNT signals. However, we honor Global Privacy Control (GPC) signals as opt‑out requests for sale/sharing of personal information in applicable jurisdictions (e.g., under CPRA) and adjust non‑essential tracking accordingly. [usercentrics.com], [cookieyes.com]

Cookie Policy

The Cencora Consent Management Platform (CMP) provides our cookie banner, granular controls by category, ongoing access to “Cookie Settings,” consent withdrawal, logging of consent choices, and a dynamic inventory of detected cookies. Under GDPR/ePrivacy, non‑essential cookies are disabled until you provide explicit, informed, granular consent; under CCPA/CPRA, opt‑out mechanisms and honoring GPC signals are required; under Quebec Law 25, express consent and privacy‑by‑default apply; under PIPEDA, consent must be meaningful and aligned with fair, lawful means. [usercentrics.com], [verasafe.com], [rcgt.com], [priv.gc.ca]

Important: Exact cookie names and durations may change as providers update services. The cookie banner/CMP reflects the current inventory and provides category‑level controls.

• Google Analytics opt‑out: https://tools.google.com/dlpage/gaoptout
• Google partner sites policy: https://policies.google.com/technologies/partner-sites
• Hotjar opt‑out: https://www.hotjar.com/legal/compliance/opt-out
• Consent & Preferences via Cencora CMP.
• Non‑essential cookies are not set until you provide consent via the banner (prior opt‑in for GDPR/ePrivacy) and with granular category controls. [usercentrics.com]
• You may withdraw or change consent at any time by clicking “Cookie Settings” (footer or banner). [usercentrics.com]
• We honor GPC signals (where applicable) as opt‑out requests under CCPA/CPRA and disable sale/sharing‑related tracking. [usercentrics.com], [cookieyes.com]
• The CMP logs consent (date/time, choices, policy version) for compliance documentation. [usercentrics.com]

How We Use Personal Information

We use personal information for the following purposes:

• Provide the Service and services: scheduling appointments, responding to inquiries, delivering features, and personalizing content.
• Operate, protect, and improve the Service: monitor performance, troubleshoot issues, maintain security, and prevent fraud or abuse.
• Communicate with you: send transactional notices, Service updates, and, where permitted, marketing communications (with opt‑out choices).
• Compliance and legal obligations: fulfill record‑keeping requirements, respond to lawful requests, and maintain consent logs.

Legal Bases for Processing (EU/EEA Only)

Where GDPR applies, we process personal data under the following legal bases:
• Consent (e.g., non‑essential cookies, certain marketing);
• Contract (e.g., responding to inquiries, providing requested information);
• Legal obligation (e.g., record‑keeping, responding to lawful requests);
• Legitimate interests (e.g., Service security, fraud prevention, analytics)—balanced against your rights. [usercentrics.com]

Information Disclosures

To Provide, Protect, and Improve Our Service and Services
We disclose personal information as necessary to operate our business, such as with third‑party providers, partner practices, and affiliates that help us provide services (e.g., scheduling, communications, analytics, security). Service providers must use personal information only for the contracted purpose and protect it appropriately.

We may access, preserve, and disclose information to comply with legal obligations or to protect our rights, property, users, and the public (e.g., sharing IP addresses for fraud detection).

To Comply with Law and Legal Process
We access, preserve, and disclose information when required by law or in response to legal processes.

Business Transfers
In the event of a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of assets, or transition of services, personal information and transaction histories associated with relevant business units may be transferred to the acquiring/assuming parties, as permitted by law.

Retention of Personal Information
We keep information only as long as necessary to fulfill the purposes for which it was collected, consistent with our retention policies and applicable law. Residual data may remain in backups, databases, and logs and will be retained/removed according to policy.

Consent Records
We maintain records of cookie consent choices (date/time, preferences, policy version) to demonstrate compliance under GDPR/ePrivacy and CCPA/CPRA expectations (including symmetrical, easy‑to‑understand choices and GPC). [usercentrics.com], [cookieyes.com]

Protection of Personal Information
We employ reasonable security measures designed to protect personal information. No method of electronic transmission or storage is 100% secure.

Links to Third‑Party Websites
The Service may contain links to other websites, and other websites may link to the Service. This Privacy Policy does not apply to personal information you submit to or that is collected by those third parties, even if linked from our Service. Review the privacy policies of third‑party websites before providing personal information.

No Use by Children Under the Age of 13
The Service is not intended for use by children under 13. If you are under 18, you may not use our Service. We do not knowingly collect personal information from children under 13. If we learn that information has been posted by a child under 13, we will promptly delete it. Parents may contact us using the methods set forth below to request removal of information concerning their child.

International Data Transfers
If you access the Service from outside the United States, your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate. We take steps consistent with applicable law to safeguard transfers (e.g., contractual measures). PIPEDA governs cross‑border transfers for commercial activities involving Canadian residents, while GDPR imposes transfer safeguards for EU/EEA residents.

Privacy Rights

U.S. State Rights (Including California)

Depending on your state, you may have rights to access, delete, and correct personal information, and to opt out of sale/sharing and targeted advertising (California and certain other states). We provide a “Do Not Sell or Share My Personal Information” link (in the footer and/or cookie banner). We honor GPC signals as opt‑out requests where required. [usercentrics.com], [cookieyes.com]

Canada (PIPEDA)

For commercial activities involving Canadian residents, PIPEDA requires organizations to collect, use, or disclose personal information with meaningful consent, by fair and lawful means, and only for stated and reasonable purposes; it also requires safeguarding personal information, limiting retention, and providing access/correction rights. [priv.gc.ca], [publications.gc.ca]

Quebec (Law 25)

Where Quebec Law 25 applies, organizations must implement privacy by default and design, obtain express, clear, informed consent before collecting personal information (including via cookies and tracking tools), provide transparent disclosures, maintain data governance, and honor strengthened rights (access, rectification, deletion/“right to be forgotten,” portability, restriction). Law 25 applies broadly to organizations carrying on an enterprise in Quebec or handling Quebec residents’ personal information and carries significant penalties for non‑compliance. [rcgt.com], [bclplaw.com]

EU/EEA (GDPR + ePrivacy Directive)

Where GDPR and the ePrivacy Directive apply, non‑essential cookies and similar technologies require valid, prior consent that is freely given, specific, informed, and unambiguous; controllers must provide granular choices, easy withdrawal, and avoid manipulative designs. Enforcement has intensified and consent standards remain strict across the EU/EEA. [usercentrics.com], [verasafe.com], [secureprivacy.ai]

Verification (All Jurisdictions). We may require information (e.g., name, email, ZIP/postal code) to verify your identity and jurisdiction before responding to privacy rights requests. If we cannot verify, we may ask for additional information. Authorized agents must provide written permission and verify their own identity; we may confirm authority directly with the consumer.

We will respond within the time period required by applicable law. In some cases, we may not be able to fully comply; we will inform you when required.

Notification of Change to the Privacy Policy

We may modify this Privacy Policy. When changed in a material manner, we will post notice on the Service for a reasonable period or provide notice using other means. Review this Privacy Policy periodically to stay informed. We will only use information in accordance with the Privacy Policy in effect at the time the information was collected, unless we obtain your consent.

For Payment. We may use and disclose your Protected Health Information so that we can bill for the treatment and services you receive from us and can collect payment from you, a health plan, or a third party. This use and disclosure may include certain activities that your health insurance plan may undertake before it approves or pays for the health care services we recommend for you, such as making a determination of eligibility or coverage for insurance benefits, reviewing services provided to you for medical necessity, and undertaking utilization review activities. For example, we may need to give your health plan information about your treatment in order for your health plan to agree to pay for that treatment.

For Health Care Operations. We may use and disclose Protected Health Information for our health care operations. For example,we may use your Protected Health Information to internally review the quality of the treatment and services you receive and to evaluate the performance of our team members in caring for you. We also may disclose information to physicians, nurses, medical technicians, medical students, and other authorized personnel for educational and learning purposes.

Appointment Reminders/Treatment Alternatives/Health-Related Benefits and Services. We may use and disclose Protected Health Information to contact you to remind you that you have an appointment for medical care, or to contact you to tell you about possible treatment options or alternatives or health related benefits and services that may be of interest to you.

Minors. We may disclose the Protected Health Information of minor children to their parents or guardians unless such disclosure is otherwise prohibited by law.

Research. We may use and disclose your Protected Health Information for research purposes, but we will only do that if the research has been specially approved by an authorized institutional review board or a privacy board that has reviewed the research proposal and has set up protocols to ensure the privacy of your Protected Health Information. Even without that special approval, we may permit researchers to look at Protected Health Information to help them prepare for research, for example, to allow them to identify patients who may be included in their research project, as long as they do not remove, or take a copy of, any Protected Health Information. We may use and disclose a limited data set that does not contain specific readily identifiable information about you for research. However,we will only disclose the limited data set if we enter into a data use agreement with the recipient who must agree to (1) use the data set only for the purposes for which it was provided, (2) ensure the confidentiality and security of the data, and (3) not identify the information or use it to contact any individual.

As Required by Law. We will disclose Protected Health Information about you when required to do so by international, federal , state, or local law.

To Avert a Serious Threat to Health or Safety. We may use and disclose Protected Health Information when necessary to prevent a serious threat to your health or safety or to the health or safety of others. But we will only disclose the information to someone who may be able to help prevent the threat. Business Associates. We may disclose Protected Health Information to our business associates who perform functions on our behalf or provide us with services if the Protected Health Information is necessary for those functions or services. For example, we may use another company to do our billing, or to provide transcription or consulting services for us. All of our business associates are obligated, under contract with us, to protect the privacy and ensure the security of your Protected Health Information.

Organ and Tissue Donation. If you are an organ or tissue donor,we may use or disclose your Protected Health Information to organizations that handle organ procurement or transplantation - such as an organ donation bank - as necessary to facilitate organ or tissue donation and transplantation.

Military and Veterans. If you are a member of the armed forces, we may disclose Protected Health Information as required by military command authorities. We also may disclose Protected Health Information to the appropriate foreign military authority if you are a member of a foreign military.

Workers' Compensation. We may use or disclose Protected Health Information for workers' compensation or similar programs that provide benefits for work-related injuries or illness.

Public Health Risks. We may disclose Protected Health Information for public health activities. This includes disclosures to: (1) a person subject to the jurisdiction of the Food and Drug Administration ("FDA") for purposes related to the quality, safety or effectiveness of an FDA­ regulated product or activity; (2) prevent or control disease, injury or disability; (3) report births and deaths; (4) report child abuse or neglect; (5) report reactions to medications or problems with products; (6) notify people of recalls of products they may be using; and (7) a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition.

Abuse, Neglect, or Domestic Violence. We may disclose Protected Health Information to the appropriate government authority if we believe a patient has been the victim of abuse, neglect, or domestic violence and the patient agrees or we are required or authorized by law to make that disclosure.

Health Oversight Activities. We may disclose Protected Health Information to a health oversight agency for activities authorized by law. These oversight activities include, for example, audits, investigations, inspections, licensure, and similar activities that are necessary for the government to monitor the health care system, government programs, and compliance with civil rights laws.

Data Breach Notification Purposes. We may use or disclose your Protected Health Information to provide legally required notices of unauthorized access to or disclosure of your health information.

Lawsuits and Disputes. If you are involved in a lawsuit or a dispute, we may disclose Protected Health Information in response to a court or administrative order. We also may disclose Protected Health Information in response to a subpoena , discovery request, or other legal process from someone else involved in the dispute, but only if efforts have been made to tell you about the request or to get an order protecting the information requested. We may also use or disclose your Protected Health Information to defend ourselves in the event of a lawsuit.

Law Enforcement. We may disclose Protected Health Information, so long as applicable legal requirements are met, for law enforcement purposes.

Military Activity and National Security. If you are involved with military, national security or intelligence activities or if you are in law enforcement custody,we may disclose your Protected Health Information to authorized officials so they may carry out their legal duties under the law. Coroners, Medical Examiners, and Funeral Directors. We may disclose Protected Health Information to a coroner, medical examiner, or funeral director so that they can carry out their duties.

Inmates. If you are an inmate of a correctional institution or under the custody of a law enforcement official, we may disclose Protected Health Information to the correctional institution or law enforcement official if the disclosure is necessary (1) for the institution to provide you with health care; (2) to protect your health and safety or the health and safety of others; or (3) the safety and security of the correctional institution.

Uses and Disclosures That Require Us to Give You an Opportunity to Object and Opt Out.

Individuals Involved in Your Care or Payment for Your Care. Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your Protected Health Information that directly relates to that person's involvement in your health care. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment.

Disaster Relief. We may disclose your Protected Health Information to disaster relief organizations that seek your Protected Health Information to coordinate your care, or notify family and friends of your location or condition in a disaster. We will provide you with an opportunity to agree or object to such a disclosure whenever we practicably can do so.

Fundraising Activities. While we do not anticipate doing so, we may use or disclose your Protected Health Information, as necessary, in order to contact you for fundraising activities. You have the right to opt out of receiving fundraising communications. If you do not want to receive these materials, please submit a written request to the Privacy Officer.

Your Written Authorization is Required for Other Uses and Disclosures

The following uses and disclosures of your Protected Health Information will be made only with your written authorization:
Most uses and disclosures of psychotherapy notes (although we do not maintain these in the normal course of business;
HIV and/or mental health information;
Uses and disclosures of Protected Health Information for marketing purposes;
and Disclosures that constitute a sale of your Protected Health Information.

Other uses and disclosures of Protected Health Information not covered by this Notice or the laws that apply to us will be made only with your written authorization. If you do give us an authorization, you may revoke it at any time by submitting a written revocation to our Privacy Officer and we will no longer disclose Protected Health Information under the authorization. But disclosure that we made in reliance on your authorization before you revoked it will not be affected by the revocation.

Your Rights Regarding Your Protected Health Information

You have the following rights, subject to certain limitations, regarding your Protected Health Information: Right to Inspect and Copy.You have the right to inspect and copy Protected Health Information that may be used to make decisions about your care or payment for your care. We have up to 30 days to make your Protected Health Information available to you and we may charge you a reasonable fee for the costs of copying, mailing or other supplies associated with your request.

We may not charge you a fee if you need the information for a claim for benefits under the Social Security Act or any other state or federal needs-based benefit program. We may deny your request in certain limited circumstances. If we do deny your request, you have the right to have the denial reviewed by a licensed healthcare professional who was not directly involved in the denial of your request, and we will comply with the outcome of the review.

Right to a Summary or Explanation. We can also provide you with a summary of your Protected Health Information, rather than the entire record, or we can provide you with an explanation of the Protected Health Information which has been provided to you, so long as you agree to this alternative form and pay the associated fees.

Right to an Electronic Copy of Electronic Medical Records.If your Protected Health Information is maintained in an electronic format (known as an electronic medical record or an electronic health record), you have the right to request that an electronic copy of your record be given to you or transmitted to another individual or entity.

We will make every effort to provide access to your Protected Health Information in the form or format you request, if it is readily producible in such form or format. If the Protected Health Information is not readily producible in the form or format you request your record will be provided in either our standard electronic format or if you do not want this form or format, a readable hard copy form. We may charge you a reasonable, cost-based fee for the labor associated with transmitting the electronic medical record.

Right to Get Notice of a Breach. You have the right to be notified upon a breach of any of your unsecured Protected Health Information.

Right to Request Amendments. If you feel that the Protected Health Information we have is incorrect or incomplete, you may ask us to amend the information. You have the right to request an amendment for as long as the information is kept by or for us. A request for amendment must be made in writing to the Privacy Officer at the address provided at the beginning of this Notice and it must tell us the reason for your request. In certain cases,we may deny your request for an amendment. If we deny your request for an amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal.

Right to an Accounting of Disclosures. You have the right to ask for an "accounting of disclosures," which is a list of the disclosures we made of your Protected Health Information. This right applies to disclosures for purposes other than treatment , payment or healthcare operations as described in this Notice. It excludes disclosures we may have made to you, for a resident directory, to family members or friends involved in your care, or for notification purposes. The right to receive this information is subject to certain exceptions, restrictions and limitations.

Additionally, limitations are different for electronic health records. The first accounting of disclosures you request within any 12-month period will be free. For additional requests within the same period,we may charge you for the reasonable costs of providing the accounting. We will tell what the costs are, and you may choose to withdraw or modify your request before the costs are incurred.

Right to Request Restrictions. You have the right to request a restriction or limitation on the Protected Health Information we use or disclose for treatment , payment, or health care operations. You also have the right to request a limit on the Protected Health Information we disclose about you to someone who is involved in your care or the payment for your care, like a family member or friend. To request a restriction on who may have access to your Protected Health Information, you must submit a written request to the Privacy Officer. Your request must state the specific restriction requested and to whom you want the restriction to apply.

We are not required to agree to your request, unless you are asking us to restrict the use and disclosure of your Protected Health Information to a health plan for payment or health care operation purposes and such information you wish to restrict pertains solely to a health care item or service for which you have paid us "out-of-pocket" in full. If we do agree to the requested restriction,we may not use or disclose your Protected Health Information in violation of that restriction unless it is needed to provide emergency treatment.

Out-of-Pocket-Payments. If you paid out-of-pocket (or in other words, you have requested that we not bill your health plan) in full for a specific item or service, you have the right to ask that your Protected Health Information with respect to that item or service not be disclosed to a health plan for purposes of payment or health care operations, and we will honor that request. Right to Request Confidential Communications.You have the right to request that we communicate with you only in certain ways to preserve your privacy. For example, you may request that we contact you by mail at a specific address or call you only at your work number. You must make any such request in writing and you must specify how or where we are to contact you. We will accommodate all reasonable requests. We will not ask you the reason for your request.

Right to a Paper Copy of This Notice. You have the right to a paper copy of this Notice, even if you have agreed to receive this Notice electronically. You may request a copy of this Notice at any time.

How to Exercise Your Rights

To exercise your rights described in this Notice, send your request, in writing, to our Privacy Officer at the address listed at the beginning of this Notice. We may ask you to fill out a form that we will supply. To exercise your right to inspect and copy your Protected Health Information, you may also contact your physician directly. To get a paper copy of this Notice, contact our Privacy Officer by phone or mail.

Changes To This Notice

We reserve the right to change this Notice. We reserve the right to make the changed Notice effective for Protected Health Information we already have as well as for any Protected Health Information we create or receive in the future. A copy of our current Notice is posted in our office and on our website.

Complaints

You may file a complaint with us or with the Secretary of the United States Department of Health and Human Services if you believe your privacy rights have been violated.

To file a complaint with us, contact our Privacy Officer at the address listed at the beginning of this Notice. All complaints must be made in writing and should be submitted within 180 days of when you knew or should have known of the suspected violation. There will be no retaliation against you for filing a complaint.

To file a complaint with the Secretary, mail it to: Secretary of the U.S. Department of Health and Human Services, 200 Independence Ave S.W., Washington, D.C. 20201.
Call (202) 619-0257 or toll free (877) 696-6775 or go to the website of the Office for Civil Rights, www.hhs.gov/ocr/hipaa/ for more information. There will be no retaliation against you for filing a complaint.

I have been given the opportunity to read the Florida Retina Institute's Notice of Privacy Policy concerning how my personal information may be used. I give my permission to use my personal information in accordance with this policy.

This page / signature sheet will remain in the patient's chart as record of acceptance and the Notice of Privacy Practice is for the patient (or patient's representative) to keep his/her records.

SIGNATURE (Patient of Authorized Representative): ___________________

Relationship to Patient if other than self: _________________________ Date:________________

* Please print and sign. You may receive a copy of Florida Retina Insti tute 's Notice of Privacy Policy upon request at check-in. Thank You.

---

Contact Us

If you have any questions or need assistance, please contact us as follows:
Jacksonville 800.237.3846
Daytona Beach 800.555.6590
Orlando | Lake Mary 877.357.3846