Health Insurance Portability and Accountability Act (HIPAA) Notice of Privacy Practices
The Rose uses and discloses health information about you for treatment, to obtain payment for treatment, for administrative purposes, and to evaluate the quality of care that you receive.
This notice describes our privacy practices. We may change our policies and this notice at any time and have those revised policies apply to all the protected health information we maintain. If or when we change our notice, we will post the new notice in the office where it can be seen. You can request a paper copy of this notice, or any revised notice, at any time (even if you have allowed us to communicate with you electronically). For more information about this notice or our privacy practices and policies, please contact the person listed at the end of this document.
A. Treatment, Payment, Health Care Operations
Treatment - We are permitted to use and disclose your medical information to those involved in your treatment, for example, your physician. We will share some or all of your medical information with your physician/clinic to facilitate the delivery of care.
Payment - We are permitted to use and disclose your medical information to bill and collect payment for the services we provide to you. For example, we may complete a claim form to obtain payment from your insurer, HMO, other third party payor, or guarantor. That form will contain medical information, such as a description of the medical services provided to you, that your insurer or HMO needs to approve payment to us.
Health Care Operations - We are permitted to use or disclose your medical information for the purposes of health care operations. This may include business management activities, general administrative functions and clinical management, such as to obtain a referral, quality assurance, quality improvement, case management, training programs, licensing, credentialing, certification, accreditation, compliance programs, research, fundraising and marketing activities that support the Rose and ensure that quality care is delivered.
B. Disclosures That Can Be Made Without Your Authorization
There are situations in which we are permitted to disclose or use your medical information without your written authorization or an opportunity to object. In other situations, we will ask for your written authorization before using or disclosing any identifiable health information about you. If you choose to sign an authorization to disclose information, you can later revoke that authorization, in writing, to stop future uses and disclosures. However, any revocation will not apply to disclosures or uses already made or that rely on that authorization.
Public Health, Abuse or Neglect, and Health Oversight - We may disclose your medical information for public health activities. Public health activities are mandated by federal, state, or local government for the collection of information about disease, vital statistics (like births and death), or injury by a public health authority. We may disclose medical information, if authorized by law, to a person who may have been exposed to a disease or may be at risk for contracting or spreading a disease or condition. We may disclose your medical information to report reactions to medications, problems with products, or to notify people of recalls of products they may be using.
Because Texas law requires physicians to report child abuse or neglect, we may disclose medical information to a public agency authorized to receive reports of child abuse or neglect. Texas law also requires a person having cause to believe that an elderly or disabled person is in a state of abuse, neglect, or exploitation to report the information to the state, and HIPAA privacy regulations permit the disclosure of information to report abuse or neglect of elders or the disabled.
We may disclose your medical information to a health oversight agency for those activities authorized by law. Examples of these activities are audits, investigations, licensure applications and inspections, which are all government activities undertaken to monitor the health care delivery system and compliance with other laws, such as civil rights laws.
Legal Proceedings and Law Enforcement - We may disclose your medical information in the course of judicial or administrative proceedings in response to an order of the court (or the administrative decision-maker) or other appropriate legal process. Certain requirements must be met before the information is disclosed.
If asked by a law enforcement official, we may disclose your medical information under limited circumstances provided:
We also may release information if we believe the disclosure is necessary to prevent or lessen an imminent threat to the health or safety of a person.
Workers' Compensation - We may disclose your medical information as required by workers' compensation law.
Inmates - If you are an inmate or under the custody of law enforcement, we may release your medical information to the correctional institution or law enforcement official. This release is permitted to allow the institution to provide you with medical care, to protect your health or the health and safety of others, or for the safety and security of the institution.
Military, National Security and Intelligence Activities, Protection of the President - We may disclose your medical information for specialized governmental functions such as separation or discharge from military service, requests as necessary by appropriate military command officers (if you are in the military), authorized national security and intelligence activities, as well as authorized activities for the provision of protective services for the President of the United States, other authorized government officials, or foreign heads of state.
Research, Organ Donation, Coroners, Medical Examiners, and Funeral Directors When a research project and its privacy protections have been approved by an institutional review board or privacy board, we may release medical information to researchers for research purposes. We may release medical information to organ procurement organizations for the purpose of facilitating organ, eye, or tissue donation if you are a donor. Also, we may release your medical information to a coroner or medical examiner to identify a deceased person or a cause of death. Further, we may release your medical information to a funeral director when such a disclosure is necessary for the director to carry out his duties.
Required by Law - We may release your medical information when the disclosure is required by law.
C. Your Rights Under Federal Law
The U. S. Department of Health and Human Services created regulations intended to protect patient privacy as required by the Health Insurance Portability and Accountability Act (HIPAA). Those regulations create several privileges that patients may exercise. We will not retaliate against patients who exercise their HIPAA rights.
Requested Restrictions - You may request that we restrict or limit how your protected health information is used or disclosed for treatment, payment, or health care operations. We do NOT have to agree to this restriction, but if we do agree, we will comply with your request except under emergency circumstances.
You also may request that we limit disclosure to family members, other relatives, or close personal friends who may or may not be involved in your care.
To request a restriction, submit the following in writing: (a) the information to be restricted, (b) what kind of restriction you are requesting (i.e., on the use of information, disclosure of information, or both), and (c) to whom the limits apply. Please send the request to the address and person listed at the end of this document.
Receiving Confidential Communications by Alternative Means - You may request that we send communications of protected health information by alternative means or to an alternative location. This request must be made in writing to the person listed below. We are required to accommodate only reasonable requests. Please specify in your correspondence exactly how you want us to communicate with you and, if you are directing us to send it to a particular place, the contact/address information.
Inspection and Copies of Protected Health Information - You may inspect and/or copy health information that is within the designated record set, which is information that is used to make decisions about your care. Texas law requires that requests for copies be made in writing, and we ask that requests for inspection of your health information also be made in writing. Please send your request to the person listed at the end of this document.
We may ask that a narrative of that information be provided rather than copies. However, if you do not agree to our request, we will provide copies.
We can refuse to provide some of the information you ask to inspect or ask to be copied for the following reasons:
We can refuse to provide access to or copies of some information for other reasons, provided that we arrange for a review of our decision on your request. Any such review will be made by another licensed health care provider who was not involved in the prior decision to deny access.
Texas law requires us to be ready to provide copies or a narrative within 15 days of your request. We will inform you when the records are ready or if we believe access should be limited. If we deny access, we will inform you in writing.
HIPAA permits us to charge a reasonable cost-based fee.
Amendment of Medical Information - You may request an amendment of your medical information in the designated record set. Any such request must be made in writing to the person listed at the end of this document. We will respond within 60 days of your request. We may refuse to allow an amendment for the following reasons:
Even if we refuse to allow an amendment, you are permitted to include a patient statement about the information at issue in your medical record. If we refuse to allow an amendment, we will inform you in writing.
If we approve the amendment, we will inform you in writing, allow the amendment to be made and tell others that we now have the incorrect information.
Accounting of Certain Disclosures - HIPAA privacy regulations permit you to request, and us to provide, an accounting of disclosures that are other than for treatment, payment, health care operations, or made via an authorization signed by you or your representative. Please submit any request for an accounting to the person at the end of this document. Your first accounting of disclosures (within a 12-month period) will be free. For additional requests within that period we are permitted to charge for the cost of providing the list. If there is a charge we will notify you, and you may choose to withdraw or modify your request before any costs are incurred.
D. Appointment Reminders, Treatment Alternatives, and Other Benefits
We may contact you by (telephone, mail, or both) to provide appointment reminders, information about treatment alternatives, or other health-related benefits and services that may be of interest to you.
If you are concerned that your privacy rights have been violated, you may contact the person listed below. You may also send a written complaint to the U.S. Department of Health and Human Services. We will not retaliate against you for filing a complaint with us or the government.
F. Our Promise to You
We are required by law and regulation to protect the privacy of your medical information, to provide you with this notice of our privacy practices with respect to protected health information, and to abide by the terms of the notice of privacy practices in effect.
G. Questions and Contact Person for Requests - If you have any questions or want to make a request pursuant to the rights described above, please contact:
Brahana Howard, The Rose Privacy Officer
12700 N. Featherwood, Ste. 260, Houston, TX 77034
This notice is effective April 14, 2003.
Aviso Abreviado de las Prácticas de Privacidad
The Rose siempre se ha comprometido a mantener la privacidad y la protección de información de salud (PHI), mientras provea cuidado médico de alta calidad. Los pacientes quieren confiar en que el sistema del cuidado de salud mantendrá privado su información personal de salud. El 14 de abril del 2003, seremos exigidos por ley estar en conformidad con la regulación conocida como el Acto de Portabilidad de Segúro Médico y Rendición de Cuentas de 1996 (HIPAA). La aprobación de HIPAA habilitó al gobierno federal controlar como planes de segúro, proveedores, y los centros de intercambio de información almacenan y trasmiten información personal de cuidado médico. De acuerdo con las reglas de HIPAA, durante su primera visita empezando el día 14 de abril del 2003, usted recibirá un Aviso Completo de las Prácticas de Privacidad que explicarán:
Podemos usar y revelar su PHI para el trato, el pago, y las operaciones de cuidado de salud (TPO) tanto como en otras ocasiones con el fin de proveerle servicio exelente.
Usted tiene el derecho de presentar un pedido por escrito para inspeccionar, obtener una copia y corregir su PHI. Usted tiene el derecho a pedir restricciones en el uso de su PHI. Usted tiene el derecho a solicitar por escrito una rendición de cuentas sobre las revelaciones de nuestro PHI por razones ajenas al TPO.
Usted tiene el derecho a presentar una queja acerca de una supuesta violación de sus derechos de privacidad por escrito a The Rose Privacy Officer y al Departamento de Salud y Servicios Humanos de Estados Unidos.
Por favor dirija sus preguntas a The Rose Privacy Officer a traves de correo electrónico a firstname.lastname@example.org o por escrito a The Rose Privacy Officer, 12700 North Featherwood #260, Houston, TX 77034.