Patient Privacy

This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.

This Notice of Privacy Practices is NOT an authorization. This Notice of Privacy Practices describes how we, our Business Associates and their subcontractors, may use and disclose your protected health information (PHI) to carry out treatment, payment or health care operations (TPO) and for other purposes that are permitted or required by law. It also describes your rights to access and control your protected health information. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health condition and related health care services.

Uses And Disclosures of Protected Health Information

Your protected health information may be used and disclosed by your physician, our office staff and others outside of our office that are involved in your care and treatment for the purpose of providing health care services to you, to pay your health care bills, to support the operation of the physician’s practice, and any other use required by law.

Treatment: We will use and disclose your protected health information to provide, coordinate, or manage your health care and any related services. This includes the coordination or management of your health care with a third party. For example, your protected health information may be provided to a physician to whom you have been referred, DME vendors, surgery centers/hospitals, referring physicians, family practitioner, physical therapists, home health providers, laboratories, worker comp adjusters and nurse case managers, etc. to ensure that the healthcare provider has the necessary information to diagnose or treat you.

Payment: Your protected health information will be used, as needed, to obtain payment for your health care services. For example, obtaining approval for a hospital stay, surgery, MRI or other diagnostic test, injection procedures, injection series, physical therapy, etc., may require that your relevant protected health information be disclosed to your health plan to obtain approval for the procedure.

Healthcare Operations: We may use or disclose, as-needed, your protected health information in order to support the business activities of your physician’s practice. These activities include, but are not limited to, quality assessment, employee review, training of medical students, licensing, fundraising, and conducting or arranging for other business activities. For example, we may disclose your protected health information to medical school students that see patients at our office. In addition, we may use a sign-in sheet at the registration desk where you will be asked to sign your name and indicate your physician. We may also call you by name in the waiting room when your physician is ready to see you. We may use or disclose your protected health information, as necessary, to contact you to remind you of your appointment, and inform you about treatment alternatives or other health-related benefits and services that may be of interest to you. If we use or disclose your protected health information for fundraising activities, we will provide you the choice to opt out of those activities. You may also choose to opt back in. We may use or disclose your protected health information in the following situations without your authorization. These situations include: as required by law, public health issues as required by law, communicable diseases, health oversight, abuse or neglect, food and drug administration requirements, legal proceedings, law enforcement, coroners, funeral directors, organ donation, research, criminal activity, military activity and national security, workers’ compensation, inmates, and other required uses and disclosures. Under the law, we must make disclosures to you upon your request. Under the law, we must also disclose your protected health information when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements under Section 164.500.

Uses And Disclosures That Require Your Authorization

Other Permitted and Required Uses and Disclosures will be made only with your consent, authorization or opportunity to object unless required by law. Without your authorization, we are expressly prohibited to use or disclose your protected health information for marketing purposes. 

We may not sell your protected health information without your authorization. We may not use or disclose most psychotherapy notes contained in your protected health information. We will not use or disclose any of your protected health information that contains genetic information that will be used for underwriting purposes.

You may revoke the authorization, at any time, in writing, except to the extent that your physician or the physician’s practice has taken an action in reliance on the use or disclosure indicated in the authorization.

Your Rights

The following are statements of your rights with respect to your protected health information.

You have the right to inspect and copy your protected health information (fees may apply) – Pursuant to your written request, you have the right to inspect or copy your protected health information whether in paper or electronic format. Under federal law, however, you may not inspect or copy the following records: Psychotherapy notes, information compiled in reasonable anticipation of, or used in, a civil, criminal, or administrative action or proceeding, protected health information restricted by law, information that is related to medical research in which you have agreed to participate, information whose disclosure may result in harm or injury to you or to another person, or information that was obtained under a promise of confidentiality.

You have the right to request a restriction of your protected health information – This means you may ask us not to use or disclose any part of your protected health information for the purposes of treatment, payment or healthcare operations. You may also request that any part of your protected health information not be disclosed to family members or friends who may be involved in your care or for notification purposes as described in this Notice of Privacy Practices. Your request must state the specific restriction requested and to whom you want the restriction to apply. Your physician is not required to agree to your requested restriction except if you request that the physician not disclose protected health information to your health plan with respect to healthcare for which you have paid in full out of pocket.

You have the right to request confidential communications – You have the right to request confidential communication from us by alternative means or at an alternative location. You have the right to obtain a paper copy of this notice from us, upon request, even if you have agreed to accept this notice alternatively i.e. electronically.

You have the right to request an amendment to your protected health information – If we deny your request for amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal.

You have the right to receive an accounting of certain disclosures – You have the right to receive an accounting of disclosures, paper or electronic, except for disclosures: pursuant to an authorization, for purposes of treatment, payment, healthcare operations; required by law, that occurred prior to April 14, 2003, or six years prior to the date of the request.

You have the right to receive notice of a breach – We will notify you if your unsecured protected health information has been breached.

You have the right to obtain a paper copy of this notice from us even if you have agreed to receive the notice electronically. We reserve the right to change the terms of this notice and we will notify you of such changes on the following appointment. We will also make available copies of our new notice if you wish to obtain one.

E-Mail Terms of Use

E-mail Disclaimer

Hillside Family Medicine will use reasonable means to protect the privacy of your health information sent by e-mail. However, because of the risks outlined below, Hillside Family Medicine cannot guarantee that e-mail communications will be confidential. Additionally, Hillside Family Medicine will not be liable in the event that you or anyone else inappropriately uses your e-mail. Hillside Family Medicine will not be liable for improper disclosure of your health information that is not caused by Hillside Family Medicine’s intentional misconduct.

E-mail Risks And Your Responsibility

At the discretion of the Hillside Family Medicine, its staff, physicians and agents (Hillside Family Medicine) and upon your agreement to the terms outlined within this consent form, you may use e-mail to communicate with Hillside Family Medicine. These e-mails may contain your personal health information. If you decide to use e-mail to communicate with Hillside Family Medicine, you should be aware of the following risks and/or your responsibilities:

  • As the Internet is not secure or private, unauthorized people may be able to intercept, read and possibly modify e-mail you send or are sent by Hillside Family Medicine.
  • You must protect your e-mail account, password and computer against access by unauthorized people.
  • Since e-mail can be used to spread viruses, some which cause e-mail messages to be sent to people who you do not intend to send e-mail messages to, you should install and maintain virus protection software on your PC.
  • Since e-mails can be copied, printed and forwarded by people to whom you send e-mails, you should be careful regarding whom you send e-mails.
  • As your employer may claim ownership of, or the right to access, the e-mail account issued to you by your e-mail, you should avoid using an employer issued e-mail account to communicate with Hillside Family Medicine.
  • If you do provide an employer-issued email account to communicate with Hillside Family Medicine, you understand and agree that your employer may have the right to access to all email sent by Hillside Family Medicine to the account.

COMPLAINTS

You may complain to us or to the Secretary of Health and Human Services if you believe your privacy rights have been violated by us. You may file a complaint with us by notifying our HIPAA Compliance Officer of your complaint. We will not retaliate against you for filing a complaint.

HIPAA COMPLIANCE OFFICER

Jamie Casassa (907)344-0200 jcasassa@hillsidemedicine.com

We are required by law to maintain the privacy of, and provide individuals with, this notice of our legal duties and privacy practices with respect to protected health information. We are also required to abide by the terms of the notice currently in effect. If you have any questions in reference to this form, please ask to speak with our HIPAA Compliance Officer in person or by phone at our main phone number.

Click Here to download a printable pdf of this policy