Notice of Privacy Practices

PRACTICE INFORMATION

• Practice Name: Yes I Doula! (a.k.a., Yes I Doula)

• Privacy Officer: Rae Banks Phone: 925-433-8877

• Email: DrRae@yesidoula.com

• Address: 1460 Maria Lane Ste #300, Walnut Creek, CA 94596

• Website: www.yesidoula.com

This notice describes how your health information may be used and disclosed and how you can get access to this information. Please review it carefully.

Yes I Doula! understands that health information about you and your health care is personal. We are committed to protecting health information about you. We create a record of the care and services you receive from us. We need this record to provide you with quality care and to comply with certain legal requirements.

For Treatment, Payment or Health Care Operations, Federal privacy regulations let health care providers who have direct treatment relationships with the patient/client use or share the patient/client’s PHI without the patient’s written authorization, to carry out the health care provider’s own treatment, payment or health care operations. This means we may share your protected health information (PHI) for the treatment activities of any health care provider. This too can be done without your written authorization. For example, if a health care provider were to consult with another licensed health care provider about your condition, we could use and share your PHI to assist the health care provider in diagnosis and treatment of your condition.

YOUR RIGHTS

• Get an electronic or paper copy of your doula care record. You can request a copy through your secure SimplePractice client portal or by contacting us. We will provide a copy or summary, usually within 30 days of your request. We may charge a reasonable, cost‑based fee.

• Ask us to correct your record if you think it is incorrect or incomplete. We may say no, but we’ll tell you why in writing within 60 days.

• Request confidential communication. You can ask us to contact you in a specific way (e.g., secure portal messages only, by text, or a different mailing address). We will say yes to all reasonable requests.

• Ask us to limit what we use or share. You can ask us not to use or share certain information for treatment, payment, or operations. We are not required to agree, and we may say no if it affects your care. If you pay in full out‑of‑pocket for a service, you can ask us not to share that information with your health plan; we will say yes unless a law requires us to share it.

• Get a list of disclosures. You can ask for an accounting of the times we’ve shared your information for six years prior to when you ask, who we shared it with, and why. We’ll provide one accounting a year for free; we may charge a reasonable, cost‑based fee for additional requests within 12 months.

• Get a copy of this notice at any time on our website. Even if you agree to receive it electronically, you may request a paper copy from our office.

• Choose someone to act for you. If you have given someone medical power of attorney or if someone is your legal guardian, that person can exercise your rights and make choices about your information. We will confirm their authority before acting.

• File a complaint if you feel your rights are violated. You can contact us using the information above. We will try to make things right. You can also file a complaint with your health plan or the U.S. Department of Health and Human Services, Office for Civil Rights. We will not retaliate against you for filing a complaint.

YOUR CHOICES

For certain health information, you can tell us your choices about what we share. If you have a clear preference for how we share your information in the situations below, tell us and we will follow your instructions.

• Share information with your partner, family, birthing support people, or others involved in your care (with your permission).

• Share information in a disaster‑relief situation to help notify or locate you.

• Contact you for appointment reminders and follow‑up via SimplePractice secure client portal, phone, text, or email (as you prefer).

• SMS consent is not shared with third parties.

Yes I Doula! is contracted with iPlum as our HIPAA-compliant phone system. Our office line has SMS/texting functionality between phones. This allows patients to communicate directly with Yes I Doula! employees, including their Doulas. When agreeing to communicate this way, note these additional guidelines:

• Messaging frequency may vary

• Message and data rates may apply

• To opt out at any time, text STOP

• For assistance, visit our website at www.yesidoula.com or call us at 925-441-4009

• Here are links to our Notice of Privacy Practices and Terms & Conditions documents for further information.

Yes I Doula! is contracted with SimplePractice as our HIPAA-compliant electronic medical records (EHR) system which empowers the Client Portal for patients. When agreeing to SMS/texting in your Client Portal, this communication is between the EHR system and your phone. You can expect to receive messages from Yes I Doula! (e.g., automated appointment reminders, appointment cancelations, invoice notices). You can change your preferences at any time in your Client Portal, including opting out of SMS/Texting.

If you cannot express your preference (for example, if you are unconscious), we may share information if we believe it is in your best interest. We may also share information when needed to lessen a serious and imminent threat to health or safety. We will never share your information for these purposes unless you give us written permission:

• Marketing purposes.

• Sale of your information.

• Sharing psychotherapy notes, unless required by law.

• SMS consent is not shared with third parties

OUR USES AND DISCLOSURES

How we typically use or share your health information:

• Treat you – We can use your health information and share it with other professionals who are treating you. Example: With your permission, we may share birth preferences or relevant information with your midwife or OB‑GYN.

• Run our organization – We use SimplePractice (a HIPAA‑compliant platform) to schedule visits, maintain your electronic health record, provide telehealth sessions, manage the client portal, securely communicate with you, and bill insurance for our services. We use your information to operate our practice, improve your care, and contact you when necessary.

• Bill for your services – We can use and share your information to bill and receive payment from health plans, including Medi‑Cal, managed care plan, commercial plans, or other payers. Example: We may send necessary information to your health plan so it will pay for your services.

How else can we use or share your health information? We are allowed or required to share your information in other ways—usually in ways that contribute to the public good, such as public health and research. We have to meet many conditions in the law before we can share your information for these purposes.

• Help with public health and safety issues – We can share information for preventing disease; reporting adverse events; reporting suspected abuse, neglect, or domestic violence; and preventing or reducing a serious threat to anyone’s health or safety.

• Do research – We can use or share your information for health research when permitted by law.

• Comply with the law – We will share information about you if state or federal law requires it, including with the Department of Health and Human Services to confirm compliance with federal privacy law.

• Respond to organ and tissue donation requests – We can share information with organ procurement organizations, if applicable.

• Work with a medical examiner or funeral director – We can share information when an individual dies.

• Address workers’ compensation, law enforcement, and other government requests – We can share information for workers’ compensation claims; for law enforcement purposes; with health oversight agencies; and for special government functions such as national security.

• Respond to lawsuits and legal actions – We can share information in response to a court or administrative order, or in response to a subpoena.

• Oversight – We can be asked to share information with health plans, Medi-Cal, or CMS as a part of our contractual obligations, audits, and/or investigations.

OUR RESPONSIBILITIES

• We are required by law to maintain the privacy and security of your protected health information (PHI).

• We will notify you promptly if a breach occurs that may have compromised the privacy or security of your information.

• We must follow the duties and privacy practices described in this notice and provide you with a copy.

• We will not use or share your information other than as described here unless you give us written permission. If you give permission, you may change your mind at any time by letting us know in writing.

We may change the terms of this notice, and the changes will apply to all information we have about you. The new notice will be available on request, in our office, and on our website.

This Notice of Privacy Practices applies to the following organization:

• Yes I Doula! is an independent doula practice contracted with specific health plans, managed care plans, and the California Department of Healthcare Services to provide doula services. We are not part of an Organized Health Care Arrangement (OHCA). If this changes in the future, we will update this Notice.

• California law may provide additional privacy protections for certain types of information. If California law provides stronger protection(s) than HIPAA in any situation, we will follow California law.

• Questions or complaints about privacy? Contact La Rae Banks at DrRae@yesidoula.com or 925-433-8877 or the U.S. Department of Health and Human Services, Office for Civil Rights at www.hhs.gov/ocr/privacy/hipaa/complaints/.

Your Information | Your Rights | Our Responsibilities

Last Update: September 1, 2025