pixel
i

Surprise Billing Disclosure Notice

contact@ubortho.com

Find a Location

UBMD Orthopaedics & Sports Medicine Logo

716.204.3200

Schedule an Appointment
Member of UBMD Physicians Group

Patient
Portal

Patient
Survey

Pay Your
Bill Online

716.204.3200

Schedule an Appointment

Privacy Policy

NOTICE OF PRIVACY PRACTICES

UBMD ORTHOPAEDICS & SPORTS MEDICINE

THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

Effective Date: April 14, 2003
Revised Date: February 17, 2026

1. LEGAL OBLIGATIONS

We are required by law to maintain the privacy of your protected health information (PHI). This includes information that can identify you and relates to your past, present, or future health or condition, the health care provided to you, or payment for your health care.

We must provide you with this Notice of Privacy Practices (NPP) describing our legal duties and privacy practices regarding PHI. We are legally required to follow the terms of this notice and to post it in our facilities and on our website.

Special privacy protections apply to:

  • HIV/AIDS information
  • Alcohol and substance abuse treatment records
  • Mental health records
  • Genetic information

These protections are governed by stricter laws not fully described here.

We reserve the right to change this notice at any time. Revised notices will apply to all PHI we maintain and will be posted promptly.

If a breach occurs that compromises your PHI, we will notify you within 60 days of discovery.

2. HOW WE MAY USE OR DISCLOSE YOUR PHI

Treatment

We may use and disclose your PHI to provide, coordinate, or manage your health care. Example: sharing information with a specialist you are referred to.

Payment

We may use and disclose PHI to bill and collect payment from you, your insurance company, or a third party.

Health Care Operations

We may use PHI for business operations such as:

  • Quality assessment
  • Staff training
  • Medical record audits
  • Licensing and accreditation

Appointment Reminders

We may contact you by phone or mail to remind you of appointments.

Shared Electronic Records

Providers within UBMD Physicians’ Group share an integrated electronic medical record for coordinated care. Access is restricted to authorized personnel.

Business Associates

Contractors who help with billing or operations must protect your PHI under written agreements.

Uses Requiring Your Written Authorization

Other uses or disclosures require your written permission. You may revoke permission at any time in writing.

Uses Where You Can Agree or Object

Individuals Involved in Your Care

We may share PHI with family members or others involved in your care unless you object.

Disaster Relief

We may share PHI to assist disaster relief efforts.

Uses Allowed Without Consent

We may disclose PHI:

As Required by Law — Federal, state, or local laws

Public Health Activities — Disease control, reporting births/deaths, recalls, exposure notifications

Abuse or Neglect Reports — Reporting domestic violence or abuse

Health Oversight — Government audits, inspections, investigations

Legal Proceedings — Court orders, subpoenas

Law Enforcement — Criminal investigations, locating suspects, reporting crimes

Coroners & Funeral Directors — Cause of death determinations

Organ Donation — Organ procurement organizations

Serious Threats — Preventing serious harm

Government Functions — National security, protective services

Military — Military command requirements

Correctional Institutions — Inmate care and facility safety

Workers’ Compensation — Work-related injury claims

Product Recalls & Device Monitoring

Emergencies — When consent cannot be obtained

Communication Barriers — If communication is not possible

Research

PHI may be used for approved research projects under strict review processes.

Highly Confidential Information

Special federal and state protections apply to:

  • Substance use treatment records
  • HIV/AIDS
  • Genetic testing
  • Sexual assault
  • Abuse/neglect records

Authorization is required unless disclosure is legally permitted.

Reproductive Health Information

UBMD will not disclose PHI related to lawful reproductive health care without proper signed authorization and required attestations.

Marketing

We will not use PHI for marketing without your permission.

Fundraising

We may contact you for fundraising but you may opt out.

Sale of PHI

We do not sell PHI without written authorization.

De-identified Information

Information that cannot identify you may be shared.

Substance Use Disorder Records

Records protected under federal law (42 CFR Part 2) receive extra protections and require specific consent for most disclosures.

3. YOUR RIGHTS

Request Restrictions

You may request limits on PHI use or disclosure. We are not required to agree.

Confidential Communications

You may request contact by specific methods or locations.

Restrict Disclosures to Insurers

If you pay fully out-of-pocket, you may request we not share related PHI with insurers.

Inspect and Copy Records

You may review and obtain copies of medical and billing records.

Request Amendments

You may request corrections to inaccurate or incomplete PHI.

Accounting of Disclosures

You may request a list of certain disclosures made in the past six years.

Paper Copy of Notice

You may request a printed copy at any time.

4. CONTACT INFORMATION

Compliance Officer
UBMD
77 Goodell Street, Suite 310
Buffalo, New York 14203
Phone: 716-888-4705

5. COMPLAINTS

If you believe your privacy rights were violated, you may file a complaint with UBMD or with:

U.S. Department of Health & Human Services
Office of the Secretary
200 Independence Avenue, S.W.
Washington, DC 20201

You will not be penalized for filing a complaint.

Download PDF