Notice of Privacy Practices



A copy of this notice can be found online:
Peak Health Privacy Officer Contact Information:

Peak Health Privacy Officer

1085 Van Voorhis Road, Suite 300

Morgantown, WV 26505

[email protected]


Effective date of this notice: January 1, 2024


Uses and Disclosures of Protected Health Information (PHI)

How do we use PHI?

We typically may collect, use or share your PHI without authorization as allowed or required by law, such as according to the Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA).  This includes the following purposes:

Treatment We can use and share your information with providers so you can receive medical care.

Example: Treatment activities include sharing PHI with your doctor or hospital so that they may treat you or using PHI to help you with services for chronic conditions or injuries.

Payment We can use your health information for payment activities.

Example: Payment activities include billing and claims payment for covered services provided to you by healthcare providers and for health plan

premium payments.

Health care operations We can use and share your health information to manage your benefits and services. Example: Health care operations activities include processing your enrollment, responding to your inquiries, coordinating your care, improving quality of care and services, and determining premiums.

How else can we use or share your health information?

In addition to treatment, payment, and operations activities, we are permitted or required to share your information without authorization in other ways. In some cases, we must meet many conditions in the law before we can share your information for these purposes, which include:

Disclosures to Your Employer as Sponsor of Your Health Plan To your employer as your health plan sponsor to permit them to perform plan administration functions such as eligibility, enrollment and disenrollment activities. We may share summary level health information about you with your plan sponsor in certain situations.
Parents and legal guardians If you are a minor or under a legal guardianship, we may release your PHI to your parents or legal guardians when we are permitted or required to do so under federal and applicable state law.
Individuals Involved in Your Care or Payment for Your Care We may disclose PHI about you to someone who assists in or pays for your care. Unless you write to us and specifically tell us not to, we may disclose your PHI to someone who has your permission to act on your behalf. We will require this person to provide adequate proof that he or she has permission to do so.
Public health or safety issues We may disclose PHI about you if we believe there is a serious public health or safety issue such as an FDA recall, natural disaster, or vaccination efforts.
Comply with law enforcement and legal actions We may disclose PHI about you as required by law, in a judicial or administrative proceeding or in response to a subpoena, warrant, summons or other appropriate process, and we will make an effort to notify you of the request. Occasionally, we may also disclose PHI to assist law enforcement with identification of relevant individuals, provide information about crime victims or decedents, and report a crime. We may also alert authorities in instances where we have a duty to report, such as abuses, neglect, or domestic violence.
Organ and tissue donations

We may disclose PHI about you in the procurement, banking, or transplantation of

organs, eyes, or tissue.

Work with a medical examiner or funeral director We may disclose PHI about you in coordination with a coroner, medical examiner, or funeral director in determining cause of death or other duties authorized by law.
Address workers’ compensation, law enforcement, and other government requests We may disclose your PHI to comply with workers’ compensation laws and programs.
Compliance programs and health oversight activities We may disclose your PHI to comply with regulatory or accrediting body compliance requirements including audits, reviews, and risk assessments.
Research purposes in limited circumstances Under certain circumstances, we may use and disclose PHI about you for research purposes. We will remove information that personally identifies you and obtain your written authorization to protect the privacy of your PHI.
For underwriting purposes While we can utilize your information for underwriting purposes, we are prohibited from using or disclosing PHI that is genetic information of an Individual for such purposes.

There are circumstances—such as the use or disclosure of psychotherapy notes and uses and disclosures for marketing purposes—in which we must obtain your written authorization before we can disclose your PHI.  Additionally, we will obtain your authorization for any other use or disclosure of PHI that is not contemplated in this Notice, unless we are permitted by an applicable law to make such use or disclosure. You may revoke these authorizations at any time by sending a written revocation to our Privacy Officer.


Under the law, you have rights regarding the PHI that we maintain about you.  We are also required by law to fulfill certain responsibilities to maintain the privacy of your PHI.

This section explains your rights and some of our responsibilities to help you.

Your Rights

  • You have the right to:
      • Request restrictions on certain uses and disclosures of PHI.
        • Peak Health is not required to agree to a requested restriction, except where Peak Health must agree to the request of an Individual to restrict the disclosure of PHI about the Individual to a health plan if:
          • The disclosure is for the purpose of carrying out payment or health care operations and is not otherwise required by law; and
          • The protected health information pertains solely to a health care item or service for which the Individual, or person other than the health plan on behalf of the Individual, has paid the covered entity in full.
      • Receive confidential communications of PHI, as applicable;
      • Inspect and copy PHI;
          • You can ask to see or get an electronic or paper copy of your medical record and other health information we have about you.
          • At Peak Health, this is also available through your MyPeak account.
          • If you require a paper copy of your health information, we may charge a reasonable, cost-based fee.
      • Amend PHI;
      • Receive an accounting of disclosures of PHI;
      • Obtain a paper copy of this Notice of Privacy Practices from Peak Health upon request, even if you previously agreed to receive it electronically;
      • File a complaint if you feel your rights have been or are being violated. You will not be retaliated against for filing a complaint.
          • You can either:
            • File a complaint at Peak Health by contacting our Privacy Officer at [email protected];
            • File a grievance by contacting Member Services at 1-855-962-7325.
            • File a complaint with the U.S. Department of Health and Human Services by sending your complaint to:


Our Responsibilities

We want to make sure you are able to find better health, and in doing so we are required to protect your health information. In particular, we:

  • are required by law to maintain the privacy of PHI
  • are required to provide you with notice of our legal duties and privacy practices with respect to PHI,
  • are required to notify you if we determine you are or may be affected following a breach of unsecured PHI,
  • are required to abide by the terms of this Notice of Privacy Practices currently in effect.

We will not use or share your information other than as described here unless you tell us we can in writing. You may change your mind at any time and let us know by contacting our Privacy Officer.

You may access our Notice of Privacy Practices (“NPP”) at any time by visiting our website:  From time to time, we may make revisions to this NPP that are effective for all PHI that we maintain, and we reserve the right to do so.  If we do, we will promptly revise and make available on our website the NPP whenever there is a material change to the uses or disclosures, your rights, our responsibilities, or other privacy practices stated in the NPP.  Except when required by law, we will not implement a material change to any term of the NPP prior to the effective date of the NPP in which such material change is reflected.