We’ll be conducting routine maintenance on Saturday, August 3rd.
Our phone system will be unavailable during this time, but you’ll be able to chat with our live agents 24/7 or you can email Support.

HIPAA Notice

NOOM, INC.
Notice of Privacy Practices

THIS NOTICE DESCRIBES HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW IT CAREFULLY.

This Notice of Privacy Practices is mandated by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”). It describes how we may use and disclose your protected health information to carry out treatment, payment or health care operations and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition; related health care services; or related to the past, present, or future payment for the provision of health care to you.

We are required to abide by the terms of this Notice of Privacy Practices. We may change the terms of our notice at any time. Any such new notice will be effective for all protected health information that we maintain at that time. Upon your request, you may obtain any revised Notice of Privacy Practices by calling us and requesting that a revised copy be sent to you in the mail or asking for one at the time of your next visit. You acknowledge receipt of this notice by accepting Terms & Conditions for using the Services provided by Noom.

1. Uses and Disclosures of Protected Health Information

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION BASED UPON YOUR WRITTEN CONSENT

Your protected health information may be used and disclosed by Noom, Inc. and its affiliates (collectively, “Noom”) and others outside Noom that are involved in your care and treatment for the purpose of providing health care services to you. Your protected health information may also be used and disclosed as necessary to pay health care bills and to otherwise support the operation of Noom.

Set forth below are examples of the types of uses and disclosures of your protected health care information that Noom is permitted to make. These examples are not meant to be exhaustive, but rather to describe for you the types of uses and disclosures that may be made by Noom,

Payment: Your protected health information may be used, as needed, to obtain payment for your health care services. For example, obtaining approval for a hospital stay may require that your relevant protected health information be disclosed to by our health plan to obtain approval for the hospital admission.

Healthcare Operations: We may use or disclose, as needed, your protected health information in order to support the normal business activities of Noom. Examples of these activities include, but are not limited to, quality assessment activities, employee review activities, training, licensing, and conducting or arranging for other business activities.

We also may need to share your protected health information with certain of our “business associates” or other third parties that perform various activities (e.g., billing, coordinating care, transcribing records) for Noom. Whenever an arrangement between Noom and a business associate involves the use or disclosure of your protected health information, we will have in place the legally required safeguards to protect the privacy of your health information.

USES AND DISCLOSURES OF PROTECTED HEALTH INFORMATION BASED UPON YOUR WRITTEN AUTHORIZATION

Other uses and disclosures of your protected health information will be made only with your written authorization, unless otherwise permitted or required by law as described below. You may revoke your authorization, at any time, in writing, except to the extent that Noom has taken an action in reliance on the use or disclosure indicated in the authorization.

OTHER USES AND DISCLOSURES THAT MAY BE MADE AND TO WHICH YOU MAY AGREE OR OBJECT

In the circumstances listed below, you may agree or object to the use or disclosure of the protected health information in the manner described. In the absence of agreement or objection, Noom may, using professional judgment, determine whether the disclosure of health information is in your best interest. If such a determination is made, only the protected health information that is relevant to your health care will be disclosed.

Others Involved in Your Healthcare: Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your protected health information that directly relates to that person’s involvement in your health care. If you are unable to agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interests, based on our professional judgment. We may use or disclose protected health information to notify or assist in notifying a family member, personal representative or any other person that is responsible for your care of your location, general condition or death. Finally, we may use or disclose your protected health information to an authorized public or private entity to assist in disaster relief efforts and to coordinate uses and disclosures to family or other individuals involved in your health care.

Emergencies: In an emergency treatment situation, we may have to use or disclose your protected health information in a context in which consent for the release of information has not already been given. If this happens, Noom will try to obtain your consent to the release of information as soon as reasonably practicable after the delivery of the treatment. If Noom is required to treat you and has attempted to obtain your consent but is unable to obtain your consent, it may still use or disclose your protected health information to treat you.

OTHER PERMITTED AND REQUIRED USES AND DISCLOSURES THAT MAY BE MADE WITHOUT YOUR CONSENT, AUTHORIZATION OR OPPORTUNITY TO OBJECT

There are other circumstances in which we may have to use or disclose your protected health information, even without your consent or authorization. These situations include:

Communication Barriers: If Noom attempts to obtain consent from you but is unable to do so due to substantial communication barriers and Noom determines, using professional judgment, that you would consent to the use or disclosure under the circumstances, we may use and disclose your protected health information.

Disclosure Required By Law: We may use or disclose your protected health information to the extent that the use or disclosure is required by law. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. You will be notified, as required by law, of any such uses or disclosures.

Public Health: We may disclose your protected health information for public health activities and purposes to a public health authority that is permitted by law to collect or receive the information. The disclosure will be made for the purpose of controlling disease, injury or disability. We may also disclose your protected health information, if directed by the public health authority, to a government agency that is collaborating with the public health authority.

Communicable Diseases: We may disclose your protected health information, if authorized by law, to a person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading the disease or condition.

Health Oversight: We may disclose protected health information to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies that oversee the health care system, government benefit programs, other government regulatory programs and civil rights laws.

Abuse or Neglect: We may disclose your protected health information to a government authority that is authorized by law to receive reports of child abuse or neglect. In addition, we may disclose your protected health information if we believe that you has been a victim of abuse, neglect or domestic violence to the governmental entity or agency authorized to receive such information. In this case, the disclosure will be made consistent with the requirements of applicable federal and state laws.

Food and Drug Administration: We may disclose your protected health information to a person or company required by the Food and Drug Administration to report adverse events, product defects or problems, biologic product deviations, track products; to enable product recalls; to make repairs or replacements; or to conduct post marketing surveillance, as required.

Legal or Administrative Proceedings or Investigations: We may disclose protected health information in the course of any judicial or administrative proceeding or investigation, in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized), in certain conditions in response to a subpoena, discovery request or other lawful process or request.

Law Enforcement: We may disclose protected health information, so long as applicable legal requirements are met, for law enforcement purposes. These law enforcement purposes include requests: (1) pursuant to legal processes or as otherwise required by law; (2) for limited information for identification and location purposes; (3) pertaining to potential victims of a crime; (4) relating to suspicion that a death has occurred as a result of criminal conduct; (5) in the event that a crime occurs at Noom ; or (6) relating to a medical emergency (not at Noom ) and it is necessary to alert law enforcement regarding a potential crime.

Coroners, Funeral Directors, and Organ Donation: We may disclose protected health information to a coroner or medical examiner for identification purposes, determining cause of death or for the coroner or medical examiner to perform other duties authorized by law. We may also disclose protected health information to a funeral director, as authorized by law, in order to permit the funeral director to carry out his/her duties. We may disclose such information in reasonable anticipation of death. protected health information may be used and disclosed for cadaveric organ, eye or tissue donation purposes.

Threat to Public Safety: Consistent with applicable federal and state laws, we may disclose your protected health information, if we believe that the use or disclosure is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. We may also disclose protected health information if it is necessary for law enforcement authorities to identify or apprehend an individual.

Research. We may use or disclose your protected health information without your consent or authorization if an Institutional Review Board or Privacy Board approves a waiver of authorization for such disclosure.

Information Not Personally Identifiable.  We may use or disclose your protected health information in ways that do not personally reveal your identity.

2. Your Rights

Set forth below is a statement of your rights with respect to your protected health information and a brief description of how you may exercise these rights.

You have the right to inspect and copy your protected health information. This means you may inspect and obtain a copy of protected health information about you that is contained in a designated record set for as long as we maintain the protected health information. A “designated record set” contains medical and billing records and any other records that Noom uses regarding your care.

Under federal law, however, you may not inspect or copy the following records: psychotherapy notes; information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding, and protected health information that is subject to law that prohibits access to protected health information. In some circumstances, you may have a right to review a decision that denies you access to information. Please contact our Privacy Contact if you have questions about access to your health information.

You have the right to request a restriction on the use or disclosure of your protected health information. This means you may ask us not to use or disclose any part of your protected health information for the purposes of treatment, payment or healthcare operations. You may also request that any part of your protected health information not be disclosed to family members or friends who may be involved in your care or for notification purposes as described in this Notice of Privacy Practices. Your request must state the specific restriction requested and to whom you want the restriction to apply. However, Noom is not required to agree to a restriction that you request. If Noom believes it is in your best interest to permit use and disclosure of your protected health information, your protected health information will not be restricted. If Noom does agree to a requested restriction, we may not use or disclose your protected health information in violation of that restriction unless it is needed to provide emergency treatment for you. With this in mind, please discuss any restriction you wish to request in advance with the Privacy Contact listed below.

You have the right to request to receive confidential communications of your protected health information from Noom by alternative means or at an alternative location. We will accommodate reasonable requests. We also may condition this accommodation by asking you for information as to how payment will be handled or specification of an alternative address or other method of contact. We will not request an explanation from you as to the basis for the request. Please make such requests in writing to our Privacy Officer.

You may have the right to have Noom amend your protected health information. This means you may request an amendment of protected health information about you in a designated record set for as long as we maintain this information. In certain cases, we may deny your request for an amendment. If we deny your request for amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal. Please contact our Privacy Contact below if you have questions about amending your medical record.

You have the right to receive an accounting of certain disclosures we have made, if any, of your protected health information. This right does not apply to all disclosures; in particular, it does not apply to disclosures for purposes necessary to carry out treatment, payment or healthcare operations as described in this Notice of Privacy Practices. It excludes disclosures we may have made to you, you, for a facility directory, to family members or friends involved in your care, or for notification purposes. The right to receive this information is subject to additional exceptions, restrictions and limitations. We also are required to notify you following a breach of your health information, if that information is unsecured.

3. Electronic Communications

You may always contact us at support@noom.com and choose to communicate with us electronically. However, we warn you that we can make no guarantee that the email will be or will remain encrypted during the data transfer, and that there may be some level of risk that the information in the email could be read by a third party. By communicating with us via email, and, especially by making a request(s) to receive your information via unencrypted email, you acknowledge that you are aware that email is not a secure method of communication, and that you agree to the risks.

4. Complaints

You may complain to us or to the Secretary of Health and Human Services if you believe your privacy rights have been violated by us. You may file a complaint with us by notifying our Privacy Contact of your complaint. We will not retaliate against you or you for the filing of such a complaint.

You may reach our Privacy Officer at Noom, Inc., 450 West 33rd Street, New York, NY 10001 (Attention: Privacy Officer) or contact us at support@noom.com, and we can provide further information about this Notice and the policies and procedures set forth herein.

Last Updated: April 29, 2016