Notice of Privacy Practices
RILEY F UGLUM, OD, PC
(dba EYE CARE ASSOCIATES of New Hampton)
8 E Spring St New Hampton, IA 50659
Brian Uglum, Privacy Official
IN COMPLIANCE WITH THE FEDERAL REGULATIONS OF HIPAA’S PRIVACY RULE, THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED AND HOW YOU CAN OBTAIN ACCESS TO IT
We respect our legal obligation to keep health information that might identify you private. We are obligated by law to provide you with notice of our privacy practices. This notice describes how we protect your health information and what rights you have regarding it.
TREATMENT, PAYMENT, AND HEALTH CARE OPERATIONS
The most common reasons we would use or disclose your health information is for treatment, payment, or business operations. We routinely use and disclose your medical information within the office on a daily basis. We do not need specific permission to use or disclose your medical information in the following matters, although you have the right to request that we do not.
Examples of how we might use or disclose health information for treatment purposes might include:
Setting up or changing appointments including leaving messages with those at your home or office who may answer the phone or leaving messages on answering machines, voice mails or emails; calling your name out in a reception room environment; prescribing glasses, contact lenses, or medications as well as relaying this information to suppliers by phone, fax or other electronic means including initial prescriptions and requests from suppliers for refills; notifying you that your ophthalmic goods are ready, including leaving messages with those at your home or office who may answer the phone, or leaving messages on answering machines, voice mails or emails; referring you to another doctor for care not provided by this office; obtaining copies of health information from doctors you have seen before us; discussing your care with you directly or with family or friends you have inferred or agreed may listen to information about your health; sending you postcards or letters or leaving messages with those at your home who may answer the phone or on answering machines, voice mails or emails reminding you it is time for continued care; at your request, we can provide you with a copy of your medical records via our secure patient portal.
Examples of how we might use or disclose health information for payment purposes might include:
Asking you about your vision or medical insurance plans or other sources of payment; preparing and sending bills to your insurance provider or to you; providing any information required by third party payors in order to insure payment for services rendered to you; sending notices of payment due on your account to the person designated as responsible party or head of household on your account with fee explanations that could include procedures performed and for what diagnosis: collecting unpaid balances either ourselves or through a collection agency, attorney, or district attorney’s office
Examples of how we might use or disclose health information for business operations might include:
Financial or billing audits; internal quality assurance programs; participation in managed care plans; defense of legal matters; business planning; certain research functions; informing you of products or services offered by our office; compliance with local, state, or federal government agencies request for information; oversight activities such as licensing of our doctors; Medicare or Medicaid audits; providing information regarding your vision status to the Department of Public Safety, a school nurse, or agency qualifying for disability status
USES AND DISCLOSURES FOR OTHER REASONS NOT NEEDING PERMISSION
In some other limited situations, the law allows us to use or disclose your medical information without your specific permission. Most of these situations will never apply to you but they could.
- When a state or federal law mandates that certain health information be reported for a specific purpose
- For public health reasons, such as reporting of a contagious disease, investigations or surveillance, and notices to and from the federal Food and Drug Administration regarding drugs or medical devices
- Disclosures to government or law authorities about victims of suspected abuse, neglect, domestic violence, or when someone is or suspected to be a victim of a crime
- Disclosures for judicial and administrative proceedings, such as in response to subpoenas or orders of courts or administrative hearings
- Disclosures to a medical examiner to identify a deceased person or determine cause of death or to funeral directors to aid in burial
- Disclosures to organizations that handle organ or tissue donations
- Uses or disclosures for health related research
- Uses or disclosures to prevent a serious threat to health or safety of an individual or individuals
- Uses or disclosures to aid military purposes or lawful national intelligence activities
- Disclosures of de-identified information
- Disclosures related to a workman’s compensation claim
- Disclosures of a “limited data set” for research, public health, or health care operations
- Incidental disclosures that are an unavoidable by-product of permitted uses and disclosures
- Disclosure of information needed in completing form from a school related vision screening, information to the Department of Public Safety, information related to certification for occupational or recreational licenses such as pilots license.
- Disclosures to business associates who perform health care operations for RILEY F UGLUM, OD, PC and who commit to respect the privacy of your information
- Unless you object, disclosure of relevant information to family members or friends who are helping you with your care or by their allowed presence cause us to assume you approve their exposure to relevant information about your health
USES OR DISCLOSURES TO PATIENT REPRESENTATIVES
It is the policy of RILEY F UGLUM, OD, PC for our staff to take phone calls from individuals on a patients behalf requesting information about making or changing an appointment; the status of eyeglasses, contact lenses, or other optical goods ordered by or for the patient. RILEY F UGLUM, OD, PC staff will also assist individuals on a patient’s behalf in the delivery of eyeglasses, contact lenses, or other optical goods. During a telephone or in person contact, every effort will be made to limit the encounter to only the specifics needed to complete the transaction required. No information about the patient’s vision or health status may be disclosed without proper patient consent. RILEY F UGLUM, OD, PC staff and doctors will also infer that if you allow another person in an examination room, treatment room, dispensary, or any business area within the office with you while testing is performed or discussions held about your vision or health care or your account that you consent to the presence of that individual.
OTHER USES AND DISCLOSURES
We will not make any other uses or disclosures of your health information unless you sign a written Authorization for Release of Identifying Health Information. The content of this authorization is determined by federal law. The request for signing an authorization may be initiated by RILEY F UGLUM, OD, PC or by you as the patient. We will comply with your request if it is applicable to the federal policies regarding authorizations. If we ask you to sign an authorization, you may decline to do so. If you do not sign the authorization, we may not use or disclose the information we intended to use. If you do elect to sign the authorization, you may revoke it at any time. Revocation requests must be made in writing to the Privacy Officer named at the beginning of this Notice.
YOUR RIGHTS REGARDING YOUR HEALTH INFORMATION
The law gives you many rights regarding your personal health information.
You may ask us to restrict our uses and disclosures for purposes of treatment (except in emergency care), payment, or business operations. This request must be made in writing to Privacy Officer named at the beginning of this Notice. We do not have to agree to your request, but if we agree, must honor the restrictions you ask for.
You may ask us to communicate with you in a confidential manner. Examples might be only contacting you by telephone at your home or using some special email address. We will accommodate these requests if they are reasonable and if you agree to pay any additional cost, if any, incurred in accommodating your request. Requests for special communication requests must be made to the Privacy Officer named at the beginning of this Notice.
You may ask to review or get copies of your health information. There are a very few limited situations in which we may refuse your access to your health information. For the most part we are happy to provide you with the opportunity to either review or obtain a copy of your medical information. All requests for review or copy of medical information must be made in writing to the Privacy Officer named at the beginning of this Notice. While we usually respond to these requests in just a day or so, by law we have fifteen (15) days to respond to your request. We may request an additional thirty (30) day extension in certain situations.
You may ask us to amend or change your health care information if you think it is incorrect or incomplete. If we agree, we will make the amendment to your medical record within thirty (30) days of your written request for change sent to the Privacy Officer named at the beginning of this Notice. We will then send the corrected information to you or any other individual you feel needs a copy of the corrected information. If we do not agree, you will be notified in writing of our decision. You may then write a statement of your position and we will include it in your medical record along with any rebuttal statement we may wish to include.
You may request a list of any non-routine disclosures of your health information that we might have made within the past six (6) years (or a shorter period if you wish). Routine disclosures would include those used your treatment, payment, and business operations of RILEY F UGLUM, OD, PC. These routine disclosures will not be included in your list of disclosures. You are entitled to one such list per year without charge. If you want more frequent lists, you must pay for them in advance at a fee of $5.00 per list. We will usually respond to your written request (made to the Privacy Officer named at the beginning of this Notice) within thirty (30) days but we are allowed one thirty (30) day extension if we need the time to complete your request.
You may obtain additional copies of this Notice of Privacy Practices from our business office or online at our website address shown at the beginning of this Notice.
BREACH NOTIFICATION POLICY
In the event of a reportable breach of patient information, RILEY F UGLUM, OD, PC agrees to abide by the breach notification requirements as established by the HIPAA Breach Notification Rule. If a breach occurs, RILEY F UGLUM, OD, PC will consult with a HIPAA attorney and take all necessary steps to remain in compliance with this rule including notification of individuals, Business Associates, the Secretary of Health and Human Services and prominent media outlets.
WHISTLEBLOWER PROTECTION RULE
RILEY F UGLUM, OD, PC will take no action against any individual who provides information to the Office of Civil Rights, Office of the Inspector General or individual state Attorney General’s Office regarding concerns related to the privacy and security procedures or actions at RILEY F UGLUM, OD, PC.
CHANGING OUR NOTICE OF PRIVACY PRACTICES
By law, we must abide by the terms of this Notice of Privacy Practices until we choose to substantially change the Notice. We reserve the right to change this Notice at any time. If we change this Notice, the new privacy practices will apply to your existing health information as well as any additional information generated in the future. If we change this Notice, we will post a new Notice in our office and on our website.
If you think that anyone at RILEY F UGLUM, OD, PC has not respected the privacy of your health information, you are free to complain to the Privacy Officer named at the beginning of this Notice. We are more than happy to try to resolve any concern you may have in writing. If we cannot resolve your concern at that level, you may also file a complaint with the U.S. Department of Health and Human Services, Office of Civil Rights or the Iowa Attorney General’s Office. We will not retaliate against you if you make such a complaint.