HIPAA Notice of Privacy Practices
Last updated: June 30, 2026
Important: This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
Our commitment to your privacy
Heart of a Giant Foundation (“we,” “our,” or “us”) is committed to protecting the privacy of your health information. We are required by law to maintain the privacy of Protected Health Information (PHI) and to provide you with this Notice of our legal duties and privacy practices.
What is Protected Health Information (PHI)?
PHI is information about you, including demographic information, that may identify you and relates to:
- Your past, present, or future physical or mental health or condition
- The provision of health care to you
- The past, present, or future payment for the provision of health care to you
How we may use and disclose your PHI
Treatment
We may use and disclose your PHI to provide, coordinate, or manage your health care and related services, including health education and wellness programs.
Payment
We may use and disclose your PHI to obtain payment for services provided to you or to determine your eligibility for benefits.
Health care operations
We may use and disclose your PHI for our health care operations, including quality improvement, program evaluation, and training.
Other permitted uses and disclosures
- Public health activities
- Health oversight activities
- Judicial and administrative proceedings (when required by court order)
- Law enforcement purposes (when required by law)
- To avert serious threat to health or safety
- Military and veterans affairs
- Workers’ compensation programs
Uses and disclosures requiring your authorization
For uses and disclosures beyond treatment, payment, and health care operations, we will obtain your written authorization before using or disclosing your PHI. You may revoke your authorization at any time by providing written notice.
Your individual rights
Right to access
You have the right to inspect and obtain a copy of your PHI that we maintain, with certain exceptions.
Right to amend
You have the right to request that we amend your PHI if you believe it is incorrect or incomplete.
Right to restrict
You have the right to request restrictions on how we use or disclose your PHI for treatment, payment, or health care operations.
Right to confidential communications
You have the right to request that we communicate with you about your PHI in a certain way or at a certain location.
Right to an accounting
You have the right to receive an accounting of certain disclosures of your PHI that we have made.
Right to file a complaint
You have the right to file a complaint if you believe your privacy rights have been violated.
Our responsibilities
- Maintain the privacy and security of your PHI
- Provide you with this Notice of our privacy practices
- Follow the terms of this Notice
- Notify you if we cannot accommodate a requested restriction
- Accommodate reasonable requests for confidential communications
- Notify you of breaches of your unsecured PHI
Changes to this Notice
We reserve the right to change the terms of this Notice and to make new provisions effective for all PHI we maintain. If we make material changes, we will post the revised Notice on our website and make copies available upon request.
Contact information
To exercise your rights or for questions about this Notice:
Privacy OfficerHeart of a Giant Foundation
Email: privacy@heartofagiant.org
Phone: (617) 294-9617
524 River Street, Suite 800, Mattapan, MA 02126
File a complaint
You may file a complaint with us or with the U.S. Department of Health and Human Services:
U.S. Department of Health and Human ServicesOffice for Civil Rights
Website: hhs.gov/ocr/privacy/hipaa/complaints
Phone: 1-800-368-1019
