THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN GET ACCESS TO THIS INFORMAT/ON. PLEASE REVIEW IT CAREFULLY.
What is HIPAA?
• HIPAA stands for Health Insurance Portability and Accountability Act of 1996.
Who administers HIPAA?
• The Department of Health and Human Services (HHS) wrote the final Privacy Rule, and is responsible for future modifications and revisions.
Who must comply with HIPAA?
• HIPAA applies to all health plans, health care clearinghouses, and health care providers who create, maintain, or transmit any health information in electronic form. Because these business entities are covered by the regulation, the Privacy Rule refers to them as covered entities.
• HIPAA also applies to any business associates of a covered entity that use, request, or disclose health information.
When must covered entities comply with HIPAA?
• Health care providers must comply with the Privacy Rule by April 14, 2003
The Privacy Rule permits a covered entity to use or disclose protected health information:
• To the individual (the patient).
• After the patient signs a Consent form, to carry out
• For instance, to disclose information to another health care provider (e.g., a nurse, a physical therapist etc.) who will treat the patient.
• For instance, an itemized list of services provided may be disclosed to a billing service.
• Health care operations
• For instance, some information may be disclosed in a prescription to assure that it is filled correctly by a pharmacist
• After the patient has had an opportunity to agree or object (and has agreed), for facility directories and for notification and involvement of others in the patient's care and for payment.
• As required by law, such as for public health activities, judicial proceedings, and law enforcement purposes.
• In emergency situations.
The Privacy Rule requires a covered entity to disclose protected health information:
• To the individual (the patient) when the individual requests access to his/her health information, and when the individual requests an accounting of disclosures of his/her health information.
• To the Department of Health and Human Services to investigate a complaint or to determine compliance.
• Other uses and disclosures of protected health information will be made by the covered entity only with the individual's written authorization, which written authorization may be revoked by the individual, in writing. Such written revocation shall be immediately effective, except to the extent that the covered entity has already taken action in reliance upon the written authorization.
Rights of Patients
The Privacy Rule grants the individual (the patient) specific rights with regard to the individual's protected health information. These rights include:
• The right to request a restriction to the uses and disclosures of protected health information, though the covered entity is not required to agree to such restriction.
• The right to request that communications of protected health information be by alternative means or at alternative locations.
• The right of access to inspect and obtain a copy of protected health information, except for:
• Psychotherapy notes
• Information compiled for a civil, criminal or administrative proceeding
• Information access to which is otherwise prohibited by law.
• The right to request an amendment to protected health information records.
• If the covered entity denies a request for amendment, the right to submit a written statement of disagreement with the denial.
• The right to receive an accounting of disclosures of protected health information, made after the effective date of this notice.
• The right to complain to the covered entity and to the Dept. of HHS if the patient believes that the covered entity is not complying with the Privacy Rule.
Responsibilities of Health Care Providers
• Thomas W. Lewis, M.D., Curtis Dalili, M.D. and William A. Arnold, M.D. are required by law to maintain the privacy of protected health information and to provide patients with notice of its legal duties and privacy practices with respect to protected health information.
• Thomas W. Lewis, M.D., Curtis Dalili, M.D. and William A. Arnold, M.D. are required to abide by the terms of the notice currently in effect (this Notice)
• Thomas W. Lewis, M.D., Curtis Dalili, M.D. and William A. Arnold, M.D. reserve the right to revise this Notice, and to make such revised Notice applicable to all protected health information that it maintains as such revision may become necessary due to changes in law or due to the needs of its patients and its health care operations. Such revised Notice shall be made available to each patient no later than the date of the first service delivery to such patient after the effective date of the revised Notice. Such revised Notice shall also be posted in a clear and prominent location at its business location.
• The Contact person at Thomas W. Lewis, M.D., Curtis Dalili, M.D. and William A. Arnold, M.D. from whom an individual may request additional information about the privacy rule is:
Melissa Mullinax/ Front Office Manager/Privacy Officer
Phone Number 772 794-2222
• Privacy Notice Effective Date: April 1st, 2003
Individuals may complain to Amy Erling / Front Office Manager/Privacy Officer (772) 794-2222 if they believe their privacy rights have been violated, such complaint may be oral or written. No individual will be retaliated against in any way for such a complaint. They may also file any such complaints with The Secretary of the Department of Health and Human Services.