HIPPA and Your
Privacy Rights
We strongly believe in
doing everything we possibly can to safeguard the privacy and security of
your health information and records.
As a result, we have made
some changes in our office management procedures to make sure we follow
the Health Information Portability and Accountability Act (HIPAA). Passed
into law in 1996, HIPAA sets federal standards for the privacy and
security of patient information for all healthcare providers, plans,
insurance companies and anyone they do business with.
HIPAA gives you
additional rights regarding control and use of your health information,
meaning you have more access and control than ever. Please take a
few minutes to review these new rights. We're happy to answer any
questions you may have.
Control Over
Your Health Information
All healthcare providers
(and health plans) are now required to give you a written explanation of
how they use and disclose your personal health information before they can
treat you. This way, you decide if a provider is doing everything they
should to protect your privacy before you choose them as your caregiver.
We must, by law, post a
Notice of Privacy Practices, which outlines how we secure the privacy of
patient information, in a place where you can easily see it.
We must get your
signature for non-routine uses and disclosures of your information. A
non-routine use is any situation not directly related to treatment,
payment or operations. For example, if your child is going to summer camp
and the camp needs a medical history, you will be asked to authorize us to
release it before we can send the information. You have the right to say
no, and you don't have to tell anyone why.
Authorizations of non
routine information are one-time-only, case by case, for the use defines
by you.
Access To Your
Health Information
You can get copies of
your medical records simply by asking for them. Healthcare providers are
required to get you a copy of your records within 60 days of your
request. There may be a cost for this service.
Providers also must give
you a history of non-routine disclosures if you ask for it. All you need
to do is ask for the record and it is provided to you - no justification
is needed.
You can also amend your
medical records. You cannot change the existing record, but you can add
notes or comment on any procedures, treatments, payments or operations.
The provider then has the
right to respond to your amendment. This way, you can be sure your
records reflect your side of the story about treatment and payment issues.
Patient Recourse
If Privacy Protections Are Violated
Every healthcare provider
must also inform you of grievance procedures. If your privacy is
violated, report the incident to our Privacy Officer immediately.
You also have the right to report any violation to the Department of
Health and Human Services, Office of Civil Rights, 200 Independence
Avenue, S.W., Washington, D.C. 20201
If you decide to file a
grievance either with us or with the Department of health and Human
Services, we re not allowed to discriminate or retaliate against you in
any way.
Aside from these new
rights to access and control of your medical information under HIPAA ,
there are also clear limits on all healthcare providers regarding how they
disclose medical information. Here are some of the key aspects of these
boundaries:
Providers must ensure
that health information is not used for non-health purposes. Health
information (covered by the privacy rules) generally may not be used for
purposes not related to health care-such as disclosures to employers to
make personnel decisions, or to financial institutions - without your
explicit authorization.
There are clear,
strong protections against using health information for marketing.
The privacy rules set new definitions, restrictions and limits on the use
of patient information for certain marketing purposes. Providers must get
your specific authorization before sending you any materials other than
those related to treatment.
Use only the minimum
amount of information necessary. In general, all uses or disclosures
of information will be limited to the minimum necessary. This does not
apply to disclosure of records for treatment purposes, because physicians,
specialists and other providers may need access to the full record to
provide quality care.
Exceptions
There are situations
where healthcare providers may not have to follow these privacy rules.
They include: emergency circumstances; identification of a body or the
cause of death; public health needs; judicial and administrative
proceedings; limited law enforcement activities; and activities related to
national defense and security.
We understand your right
to have your medical information kept confidential. Our compliance with
the Health Information Portability and Accountability Act is one example
of your advocacy and leadership on issues of patient's rights and privacy
of information. We encourage you to ask questions and look forward to
working together to improve the quality of your healthcare experience.
