Last updated: June 1, 2026
Your Information. Your Rights. Our Responsibilities.
This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
This Notice of Privacy Practices applies to Essam Saad, MD and the affiliated weight management practice, including clinicians, workforce members, trainees, contractors, and business associates who may create, receive, maintain, or transmit protected health information on behalf of the practice.
Protected health information, or PHI, includes information that identifies you and relates to your past, present, or future physical or mental health, healthcare services, or payment for healthcare. This Notice applies to PHI in written, electronic, and verbal form.
We are required by law to maintain the privacy and security of your PHI, provide this Notice, follow the terms of the Notice currently in effect, notify affected individuals after a breach of unsecured PHI when required by law, and not retaliate against anyone for exercising privacy rights or filing a complaint.
Florida law may provide additional protections for patient records. When federal and Florida law both apply, we will follow the law that provides greater protection or gives you greater rights, unless another law requires a different result.
We may use and disclose your PHI to provide, coordinate, or manage your healthcare. For example, we may review your medical history, medications, labs, weight management progress, allergies, imaging, pharmacy records, or prior records; communicate with other clinicians involved in your care; send prescriptions to a pharmacy; or coordinate referrals, labs, or follow-up care.
We may use and disclose your PHI to bill and collect payment for healthcare services. For example, we may share information with insurance plans, payment processors, billing vendors, collection services, or others involved in determining eligibility, benefits, authorization, claims, invoices, or patient balances.
We may use and disclose your PHI to run the practice and improve care. For example, we may use information for quality review, case management, credentialing, training, compliance, audits, legal services, business planning, patient satisfaction, appointment reminders, care coordination, and evaluation of clinical outcomes.
We may use or disclose PHI without your written authorization when permitted or required by law, including for:
You may tell us how you want us to share information in certain situations. For example, you may ask us to share relevant information with a family member, friend, caregiver, or other person involved in your care or payment for your care. We may use professional judgment to share information that is directly relevant to that person's involvement unless you object or applicable law requires a different approach.
We may also contact you for appointment reminders, follow-up, care coordination, prescription issues, lab coordination, billing matters, or health-related benefits and services that may interest you.
We will obtain your written authorization before using or disclosing PHI for purposes that require authorization under HIPAA or other applicable law, including most uses and disclosures of psychotherapy notes, most marketing communications involving financial remuneration, and sale of PHI. You may revoke an authorization in writing at any time, except to the extent we have already relied on it.
You may request to inspect or receive a copy of medical and billing records that we maintain about you. We may charge a reasonable, cost-based fee when permitted by law. We may deny certain requests in limited circumstances allowed by law, and you may have a right to have the denial reviewed.
If you believe information in your record is incorrect or incomplete, you may request an amendment. We may deny the request in certain circumstances, but you may submit a written statement of disagreement when permitted by law.
You may ask us to contact you in a specific way or at a specific location. We will accommodate reasonable requests as required by law.
You may ask us not to use or disclose certain information for treatment, payment, or healthcare operations. We are not required to agree to most restriction requests, but if we agree, we will follow the restriction unless the information is needed for emergency treatment or another exception applies.
If you pay out of pocket in full for a specific healthcare item or service, you may request that we not share information about that item or service with your health plan for payment or healthcare operations, unless disclosure is required by law.
You may request a list of certain disclosures of your PHI made during a specified period. The accounting will not include every disclosure, such as disclosures for treatment, payment, healthcare operations, or disclosures you authorized, unless required by law.
You may request a paper copy of this Notice at any time, even if you agreed to receive it electronically.
If you have given someone medical power of attorney or if someone is your legal guardian, that person may be able to exercise your rights and make choices about your health information. We may require documentation before recognizing a personal representative.
You may complain if you believe your privacy rights have been violated. You may contact the practice using the information below or file a complaint with the U.S. Department of Health and Human Services Office for Civil Rights. We will not retaliate against you for filing a complaint.
We may use electronic health record systems, patient portals, telehealth tools, e-prescribing systems, laboratories, pharmacies, billing systems, secure messaging tools, and other technology to support care. Some vendors may handle PHI as business associates. Patients are responsible for keeping portal login information secure and promptly notifying the practice of suspected unauthorized access.
Email and text messaging may carry privacy risks. If you request communication by email or text, we may accommodate that request when reasonable and permitted by law, but you should avoid sending urgent or highly sensitive information through non-secure channels unless specifically instructed to do so through a secure method.
Certain categories of health information may receive additional protection under federal or state law. These may include reproductive health information, substance use disorder treatment records, mental health records, HIV/AIDS-related information, genetic information, and other sensitive records. We will use and disclose such information only as permitted or required by applicable law.
We may change this Notice at any time. Any revised Notice may apply to information we already have about you as well as information we receive in the future. The current Notice will be posted on this website and will be available upon request.
Patients may be asked to acknowledge receipt of this Notice at or before the first service delivery, electronically or on paper. If you decline or are unable to sign an acknowledgment, care may still be provided when appropriate, and the practice may document its good-faith effort to provide the Notice.
Privacy Officer: Essam Saad, MD / Practice Privacy Officer
Phone: (352) 669-3175
Mail: Umatilla Family Practice, 390 S Central Ave, Umatilla, FL 32784
You may also file a privacy complaint with the U.S. Department of Health and Human Services Office for Civil Rights. You will not be penalized or retaliated against for filing a complaint.