Explanation of Notice of Privacy Practices
Under a federal law called the Health Insurance Portability and Accountability Act of 1996, (HIPAA), covered health care organizations across the nation must have a Notice of Privacy Practices, and provide you with a copy.
HIPAA is a part of the Federal Government’s regulatory effort that has many complex purposes. One part of HIPAA, called the Administrative Simplification, concerns standards for health care administration and the transmission of health information. HIPAA focuses on the privacy and security of your health information.
The Federal Department of Health and Human Services (DHHS) oversees HIPAA. One of DHHS’ responsibilities is to issue the regulations under HIPAA Administrative Simplification. The Privacy Rule is a HIPAA regulation that took effect on April 14, 2003.
Even though there are other state and federal laws that cover health care organizations, the HIPAA Privacy Rule provides comprehensive standards of the use and disclosure of protected health information by these organizations. The HIPAA Privacy Rule also provides the consumer with rights and protects you as well. For example, HIPAA gives you the right to receive a Notice of Privacy Practices from covered health organizations. There is more information concerning your rights in our Privacy Notice.
Other ways in which we are making sure your information is protected is by currently following state and federal patient confidentiality laws; and taking appropriate steps to protect the privacy of our patients, and our patient’s protected health information. We keep our medical records and patient information in secure areas with limited access. Personnel with access to protected health information (PHI) are trained and monitored to make sure they are in compliance with our confidentiality and security policies. We are evaluating our policies and procedures to see if we are currently up-to-date with HIPAA regulations.
The HIPAA Privacy Rule applies to protected health information. Protected health information (PHI) is health information that contains information like a name or Social Security number that reveals who the patient is. PHI is detailed information concerning a patient’s past, present, or future physical or mental health condition; the provision of health care to the person, or past, present, or future payment for that health care. HIPAA privacy requirements apply to protected health information in written, electronic, or oral form. You can be identified from the following information:
- Name, address, and phone numbers
- Names of relatives and employers
- Birth date
- Email addresses and fax numbers
- Social Security Number
- Medical Record Number
We are often required to get your written permission to use or disclose your protected health information for other purposes, but not always. That’s because certain uses and disclosures of protected health information are authorized by law without your written permission. For example, if you become ill with a contagious disease or other reportable condition (such as measles), we are required by law to report these conditions to state public health agencies.
The HIPAA Privacy Rule doesn’t change where or from whom you receive your health care. It is only meant to provide you with rights regarding your protected health information. The HIPAA Privacy will improve health care between hospitals, provider groups, and health insurers. Many of the new requirements affect the operations of these health care organizations, and are not intended to reach the consumer directly; so you may not even be aware of them.
If you have a complaint regarding our compliance with HIPAA privacy regulations, you can contact Dr. Katrina Platt, DO, to file a complaint.