NOTICE OF PRIVACY POLICY
OF
BATON ROUGE RADIOLOGY GROUP, INC.
This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
This privacy policy is adopted to ensure that BATON ROUGE RADIOLOGY GROUP, INC. (“BRRG”) fully complies with all federal and state privacy protection laws and regulations in particular the Health Insurance Portability and Accountability Act of 1996. Protection of patient privacy is of utmost importance to BRRG. Violations of any of these provisions may result in disciplinary action which may include termination of employment and possible referral for criminal prosecution.
BRRG is required by law to maintain the privacy of your health information and
to provide you with notice of its legal duties and privacy practices with
respect to your health information. If you have any questions or comments
concerning this policy, you should contact the Chief Privacy Officer, Baton
Rouge Radiology Group, Inc.,
This notice shall amend BRRG’s prior notice and shall become effective as of August 1, 2006 and shall remain in effect until it is either amended or cancelled.
DEFINITIONS
For the purposes of this notice, the following defined terms shall have the following definitions.
a. “HHS” shall mean the United States Department of Health and Human Services.
b. “Health Information”, “Protected Health Information” or “PHI” shall mean, certain Individually Identifiable Health Information, as defined in 45 C.F.R. § 164.501 of the Privacy Standards.
I. INFORMATION COLLECTED
In the ordinary course of business we may receive personal information such as:
▪ Patient’s name, address, and telephone number;
▪ Information relating to treatment, diagnose or other medical information;
▪ Patient’s insurance information and coverage;
▪ Information concerning the ordering doctor or other medical provider.
In addition, other information may be gathered about a patient and we will create a record of the care and or services provided to the patient. Some of the information also may be provided to us by other individuals or organizations that are part of the patient’s “circle of care”- such as referring physician, other doctors, their health plan, family members, hospitals or other health care providers.
II. USES OR DISCLOSURES FOR TREATMENT, PAYMENT OR HEALTHCARE OPERATIONS
BRRG collects information from you and stores it in a film jacket and/or on a computer. This is your PHI. BRRG protects the privacy of your PHI. It is the policy of BRRG that all PHI may not be used or disclosed unless it meets at least one of the following conditions:
2.1 Treatment. BRRG may collect information from you regarding your past medical history, present medical problems and/or complaints, as well as any diagnose and/or treatment at BRRG. This information may be transmitted to various departments within our organization or affiliates. BRRG may also disclose your PHI to the ordering physician, other physicians who are involved with your treatment, nursing staff, nurse practitioners, physician assistants, radiology personnel, and other such entities or persons as are deemed related to treatment, payment, and health care operations, as determined by BRRG and their respective agents.
2.2 Payment. BRRG may collect billing information from you such as your address, social security number, date of birth, health insurance carrier, policy number and other related billing information. BRRG as a part of its payment operations may disclose your PHI for payment purposes to their billing personnel, billing agents, management company, your health insurance provider, Medicare and Medicaid, or any other payor of health care claims the minimum amount necessary of your PHI in order to process your health insurance claim.
2.3 Health Care Operations. BRRG may disclose your PHI to our doctors, technologists, billing clerks, administrative staff and other employees involved in your healthcare treatment.
2.4 Voice Mail. BRRG may call and leave a voice mail message at your home or other number you provide them regarding appointments, billing or payment issues, or other information related to treatment, payment, or health care operations.
2.5 No Objection From Patient. BRRG may discuss your PHI with any person that accompanies you to a visit or procedure or is present with you when the provider is present. If you are able and available to agree or object, we will give you the opportunity to object prior to discussing this information. If you are unable or unavailable to agree or object, our health professionals may use their best judgment in communication with family and others individuals who accompany you to a visit or procedure.
2.6 Patient Authorization. BRRG may disclose your PHI to third parties when you have authorized the release of PHI. This authorization may be revoked by you providing written notification to BRRG.
III. USES AND DISCLOSURES AS REQUIRED BY LAW
It is the policy of BRRG that we may disclose your PHI without your written authorization as required by law as follows:
3.1 Public Health Authorities. To public health authorities for the following purposes: preventing or controlling disease, injury, or disability; reporting child abuse or neglect; reporting domestic violence; reporting to the Food and Drug Administration problems with products and reactions to medications; and reporting disease or infection exposure.
3.2 Health Agencies. To health agencies during the course of audits, investigations, inspections, licensure and other proceedings.
3.3 Administrative or Judicial Proceedings. In the course of any administrative or judicial proceeding.
3.4 Law Enforcement Official. To a law enforcement official for purposes such as identifying or locating a suspect, fugitive, material witness or missing person, complying with a court order or subpoena and other law enforcement purposes.
3.5 Patient Victim of Crime. To a law enforcement official if the patient is suspected of being a victim of a crime and agrees to the release of said information. If the patient is incapacitated and can not agree to the release of said information, BRRG may release the information if the release of said information is in the best interest of the patient, or the investigation would be adversely affected by waiting for the patient to release said information or the information will not be used against the patient.
3.6 Law Enforcement-Deceased Patient. To a law enforcement official if BRRG suspects that a deceased person’s death may have been the result of criminal activity or if there is evidence of criminal conduct on the premises of BRRG.
3.7 Coroners, Medical Examiners and Funeral Directors. To coroners, medical examiners and funeral directors.
3.8 Procuring, Banking or Transplanting Organs and Tissues. To organizations involved in procuring, banking or transplanting organs and tissues.
3.9 Researchers. To researchers conducting research that has been approved by an Institutional Review Board or BRRG’s Board of Directors.
3.10 Prevent or Lessen a Serious and Imminent Threat. To appropriate persons in order to prevent or lessen a serious and imminent threat to the health or safety of a particular person or the general public.
3.11 Law Enforcement Agency or Correctional Institution. To a law enforcement agency or correctional institution as follows:
A. When it appears that the patient has escaped from a correctional institution or lawful custody;
B. To provide healthcare to the inmate, to ensure the health and safety of the patient and/or other inmates, to ensure the health and safety of the officers, employees or others at the correctional institution, to ensure the health and safety of individuals responsible for transporting the inmate, to ensure the health and safety of law enforcement officers or personnel on the premises of the institution and to maintain the safety and security of the facility.
3.12 Armed Forces. To the Armed Forces to ensure proper execution of a military mission if a notice has appeared in the Federal Register stating the military command authority and the purpose for the PHI.
3.13 Veterans Affairs. To the Department of Veterans Affairs, for a patient who is a member of the Armed Forces upon separation or discharge from the military service for the purpose of determining eligibility of benefits administered by the Secretary of Veteran Affairs.
3.14 Federal Officials-National Security. To federal officials to conduct intelligence, counter-intelligence or other national security activities authorized by the National Security Act.
3.15 Federal Officials – Protective Services. To federal officials to provide protective services to the President, foreign heads of state or for the conduct of investigations.
3.16 Department of State. To the Department of State to make medically suitability determinations for security clearance or for mandatory service abroad.
3.17 Worker’s Compensation. As necessary to comply with worker’s compensation laws.
3.18 Other Treatment or Health Related Benefits. To inform you about other treatments or health-related benefits and services that may be of interest to you.
3.19 Transfer Ownership. To transfer ownership of a patient’s record in the event that BRRG is sold or merged with another provider or organization.
IV. OTHER DISCLOSURES OF YOUR HEALTH INFORMATION
4.1 Except for the disclosures described hereinabove, BRRG may not use or disclose your PHI without your written authorization.
4.2 DNA. BRRG may not use or disclose your PHI concerning DNA, DNA analysis, dental records or samples, typing or analysis of body tissues or fluids without your written authorization.
4.3 Psychotherapy Notes. BRRG may not use or disclosure your Psychotherapy notes without a written authorization except under the following conditions:
A. The notes are needed for treatment, payment or health care operations.
B. To the originator of the notes.
C. If the notes are to be used in the course of training students, trainees or practitioners in mental health.
D. To defend a legal action or any other legal proceeding brought forth by the patient.
E. To be used by a medical examiner or coroner.
V. OTHER POLICIES
5.1 Notice of Privacy Practices. It is the policy of BRRG that privacy practices must be published and that all uses and disclosures of PHI are done in accordance with this organization’s privacy policy. BRRG is required by law to abide by the terms of its Notice of Privacy Practices.
5.2 Deceased Individuals. It is the policy of BRRG that privacy protections extend to information concerning deceased individuals.
5.3 Restriction Requests. It is the policy of BRRG that serious consideration must be given to all requests for restrictions on uses and disclosures of PHI as published in this privacy policy. It is furthermore the policy of BRRG that if a particular restriction is agreed to, then BRRG is bound by that restriction.
5.4 Minimum Necessary Disclosure. It is the policy of BRRG that it shall make reasonable efforts to limit the disclosures of PHI to the minimum amount of information needed to accomplish the purpose of the disclosure. It is also the policy of BRRG to the extent possible, that requests for PHI must be limited to the minimum amount of information needed to accomplish the purpose of the request.
5.5 Access to Information by Employees. It is the policy of BRRG that access to PHI must be granted to each employee based on the assigned job functions of the employee. It is also the policy of BRRG that such access privileges should not exceed those necessary to accomplish the assigned job function.
5.6
Access to PHI It is the policy of
BRRG that access to PHI must be granted to the person who is the subject
of such information when such access is requested. Such request shall be
submitted in writing by completing BRRG’s form
entitled “Request for Inspection and/or Copy of PHI”. It is the policy of
BRRG that the identity of all persons who request access to PHI be verified
before such access is granted. The charge for copies of PHI shall be in
accordance with
5.7 Designation of Personal Representative It is the policy of BRRG that access to PHI must be granted to your designated personal representative as specified by you when such access is requested. This designation of personal representative must be made in writing by completing BRRG’s form entitled “Designation of Personal Representative.”
5.8 Amendment of Protected Health Information It is BRRG’s policy that PHI maintained by this organization may be amended only by the Patient and/or his/her personal representative completing BRRG’s form entitled “Request for Amendment of Protected Health Care Information”. BRRG will review the request and will either grant the request or they will explain the reason why said request will not be granted. In the event that the said amendment is not granted, the patient has a right to submit a statement of disagreement that will accompany the information in question for all future disclosures.
5.9 Confidential Communications Channels. It is the policy of BRRG that confidential communications channels can be used within the reasonable capabilities of BRRG (ie. do not call me at work, call me at home), as requested by the patient.
5.10 Disclosure Accounting. It is BRRG’s policy that an accounting of disclosures of PHI made by BRRG is given to subject individuals whenever such an accounting is requested in writing. Such written request for an accounting shall be forwarded to BRRG’s Chief Privacy Officer for proper handling.
5.11 Complaints. It is BRRG’s policy that all complaints by employees, patients, providers or other entities relating to the protection of Health Information be investigated and resolved in a timely fashion. Complaints about this Notice of Privacy Practices or how BRRG handles your Health Information should be directed to:
Chief Privacy Officer
Baton Rouge Radiology Group, Inc.
If you are not satisfied with the manner in which this office handles a compliant, you may submit a formal compliant to:
Department of Health and Human Services
Office of Civil Rights
Hubert H. Humphrey Bldg.
Room 509F
5.12 Prohibited Activities. It is BRRG’s policy that no employee may engage in any intimidating or retaliatory acts or actions against persons who file complaints or otherwise exercise their rights under HIPAA regulations. It is also the policy of BRRG that no disclosure of PHI may be withheld as a condition for payment from the patient, entity, etc., or other action by the patient, entity, etc.
5.13 Responsibility. It is BRRG’s policy that the responsibility for designing and implementing procedures related to its privacy policies lies with the Chief Privacy Officer.
5.14 Mitigation. It is the policy of BRRG that the effects of any unauthorized use or disclosure of PHI be mitigated (to decrease the damage caused by the action) to the extent possible.
5.15 Business Associates. It is the policy of BRRG that business associates must be contractually bound to protect health information to the same degree as set forth in this policy.
5.16 Preemption of State
Law. It is the policy of BRRG that the federal HIPAA privacy
regulations are the minimum standard to be used regarding the privacy of a
patient’s PHI. If the laws of the State of
5.17 Cooperation with Privacy Oversight Authorities. It is the policy of BRRG that oversight agencies such as the Office for Civil Rights of the Department of Health and Human Services cooperation in their efforts to ensure the protection of PHI within this organization. It is also the policy of BRRG that all personnel cooperate fully with all privacy compliance reviews and investigations.
5.18 Changes to Notice of Privacy Practices. BRRG reserves the right to amend this Notice of Privacy Practices at any time in the future and will provide a copy of such amendment to you upon request or upon your next office visit. Until such amendment is made, BRRG is required by law to comply with this notice.