Great River Health Systems

Notice of Privacy Practices

Download as PDF

---

Notice of Privacy Practices

This notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully. If you have any questions about this notice, please call Great River Health Systems’ Privacy Officer at (319) 768-3292.

Purpose of This Privacy Notice

This Notice of Privacy Practices describes how Great River Health Systems (including Great River Medical Center, Klein Care Center, Dallas City Clinic, Mediapolis Clinic, Morning Sun Clinic, Wapello Clinic, West Point Clinic, Great River Medicine Specialists, Great River Center for Rehabilitation, Great River Cancer Care Center, Great River Home Health, Great River Hospice, Great River Mental Health Care Associates, Great River Occupational Medicine, Burlington Area Family Practice Center, Heritage Family Pharmacy, Heritage Park Pharmacy, Heritage Partners Pharmacy, Heritage Medical Equipment and Supplies, Southeastern Iowa Medical Services emergency department physicians) and independent providers of anesthesia services, diagnostic-imaging services and pathology services at Great River Medical Center, all collectively referred to as Great River Health Systems, may use and disclose your protected health information to carry out treatment, initiate payment or conduct healthcare operations and for other purposes that are permitted or required by law. Great River Health Systems reserves the right to make changes in the Notice of Privacy Practices. The notice describes your rights to access and control your protected health information. “Protected health information” is information about you, including demographic information, that may identify you and that relates to your past, present or future physical or mental health or condition and related health-care services.

Who Will Follow This Notice

This notice describes the privacy policies of:

• Health-care professionals who enter and are authorized to enter information into your medical record at Great River Health Systems
• All employees of Great River Health Systems, including Great River Medical Center, Klein Care Center, Dallas City Clinic, Mediapolis Clinic, Morning Sun Clinic, Wapello Clinic, West Point Clinic, Great River Medicine Specialists, Great River Mental Health Care Associates, Great River Occupational Medicine, Burlington Area Family Practice Center, Heritage Family Pharmacy, Heritage Park Pharmacy, Heritage Partners Pharmacy, Heritage Medical Equipment and Supplies, Southeastern Iowa Medical Services emergency department physicians.
• Any member of the volunteer group at Great River Health Systems who helps you while you are on our campuses
• The providers of anesthesia, diagnostic imaging, and pathology services on our campuses

Our Pledge Regarding Medical Information

We understand that medical information about you and your health is personal, and we are committed to protecting it. A record of the care and services you receive through Great River Health Systems is created and maintained at the site of treatment on one of our campuses. We need this record to provide you with quality care and to comply with certain legal requirements. This notice applies to all of those records of your care, whether made by Great River Health Systems personnel or your personal physician. Your personal physician may have different policies or notices regarding the physician’s use and disclosure of your medical information created in the physician’s office or clinic that may not be associated with Great River Health Systems.

This notice will tell you about the ways in which Great River Health Systems may use and disclose medical information about you. We also describe your rights and certain obligations we have regarding the use and disclosure of medical information.

Law requires us to:

• Make sure that medical information that identifies you is kept private
• Provide you this notice of our legal duties and privacy practices regarding your medical information
• Follow the terms of the notice that is in effect

We may change the terms of our notice at any time. The new notice will be effective for all protected health information that we maintain at that time. On your request, we will provide you with any revised Notice of Privacy Practices. You may obtain a copy by calling our office and requesting that a revised copy be sent to you in the mail or asking for one at the time of your next appointment.

How We May Use and Disclose Medical Information About You

The following categories describe ways that we use and disclose medical information without your written authorization. Examples of each category are included. Not every use or disclosure in each category is listed; however, all of the ways we are permitted to use and disclose information falls into one of these categories:

• For treatment: We may use medical information about you to provide, coordinate, or manage your medical treatment or services. We may disclose medical information about you to physicians, nurses, technicians, or other health care providers who are or will be involved in taking care of you. For example, a physician treating you for a broken leg may need to know if you have diabetes because diabetes may slow the healing process. In addition, the physician may need to tell the dietitian if you have diabetes so that we can arrange for appropriate meals. Different departments of the hospital also may share medical information about you to coordinate the different things you need such as prescriptions, laboratory work and X-rays. Another example is that your protected health information may be provided to a physician to whom you have been referred to ensure that the physician has the necessary information to diagnose or treat you.
  
  
• For payment: We may use and disclose medical information about you so that the treatment and services you receive at our practice may be billed to and payment may be collected from you, an insurance company or a third party. We also may tell your health plan about a treatment that you are going to receive to obtain prior approval, determine whether your plan will cover the treatment and for undertaking utilization-review activities. For example, obtaining approval for a hospital stay may require that your relevant protected health information be disclosed to the health plan to obtain approval for the hospital admission.
  
  
• For health-care operations: We may use or disclose, as needed, your protected health information to support the business activities of Great River Health Systems. These uses and disclosures are necessary to run the hospital and make sure that all of our patients receive quality care. These uses may include, but are not limited to, quality-assessment activities, employee review activities, training of nurses or other students in the medical field and conducting or arranging for other business activities. For example, we may use medical information to review our treatment and services, and evaluate the performance of our staff in caring for you. We also may combine medical information about many patients to decide what additional services the hospital should offer, what services are not needed and whether certain new treatments are effective. We also may combine the medical information that we have with medical information from other hospitals to compare how we are doing and see where we can make improvements in the care and services we offer. We may remove information that identifies you from this set of medical information so others may use it to study health care and health-care delivery without learning who the specific patients are. We also may share your protected health information with third party “business associates” that perform various activities (e.g., billing, transcription services) for Great River Health Systems. Whenever an arrangement between our office and a business associate involves the use or disclosure of your protected health information, we will have a written contract that contains terms that will protect the privacy of your protected health information.
  
  
• Appointment reminders: We may use or disclose your protected health information, as necessary, to contact you to remind you of an appointment.
  
  
• Treatment alternatives and health-related benefits and services: We may use or disclose your protected health information, as necessary, to provide you with information about treatment alternatives or other health-related benefits and services that may be of interest to you. For example, your name and address may be used to send you a newsletter about our hospital and the services we offer. You may contact our Privacy Officer to request that these materials not be sent to you.
  
  
• Hospital directory: Unless you object, we may include certain limited information about you in the hospital directory while you are a patient in Great River Medical Center. This information may include your name, location in the hospital, your general condition (e.g., fair, stable, good, etc.) and your religious affiliation. This directory information, except for your religious affiliation, will be released only to people who ask for you by name. Your religious affiliation may be given to a member of the clergy, even if they do not ask for you by name.

Other Permitted and Required Uses and Disclosures That May Be Made Without Your Authorization or Opportunity to Object

We may use or disclose your protected health information in the following situations without your consent or authorization:

• Required by law: We may use or disclose your protected health information to the extent that law requires the use or disclosure. The use or disclosure will be made in compliance with the law and will be limited to the relevant requirements of the law. You will be notified, as required by law, of any such uses or disclosures.
  
  
• Public health: We may disclose your protected health information for public-health activities and purposes to a public-health authority that is permitted by law to collect or receive the information. The disclosure will be made for the purpose of: controlling disease, injury or disability; reporting births and deaths; reporting child abuse or neglect; reporting reactions to medications or problems with products; and notifying patients of recalls of products they may be using. We also may disclose your protected health information, if directed by the public-health authority, to a foreign government agency that is collaborating with the public-health authority.
  
  
• Communicable diseases: We may disclose your protected health information, if authorized by law, to a person who may have been exposed to a communicable disease or may otherwise be at risk of contracting or spreading the disease or condition.
  
  
• Health oversight: We may disclose protected health information to a health-oversight agency for activities authorized by law, such as audits, investigations and inspections. Oversight agencies seeking this information include government agencies that oversee the health-care system, government benefit programs, other government regulatory programs and civil rights laws.
  
  
• Abuse or neglect: We may disclose your protected health information to a public-health authority that is authorized by law to receive reports of child abuse or neglect. In addition, we may disclose your protected health information if we believe that you have been a victim of abuse, neglect or domestic violence to the governmental entity or agency authorized to receive such information. In this case, the disclosure will be made consistent with the requirements of applicable federal and state laws.
  
  
• Food and Drug Administration: We may disclose your protected health information to a person or company required by the Food and Drug Administration to: report adverse events, product defects or problems; report biologic product deviations; track products; enable product recalls; make repairs or replacements; or conduct post-marketing surveillance, as required.
  
  
• Legal Proceedings: We may disclose protected health information in the course of any judicial or administrative proceeding in response to an order of a court or administrative tribunal (to the extent such disclosure is expressly authorized). We also may disclose medical information about you in response to a subpoena, discovery request or other lawful process by someone else involved in the dispute, but only if efforts have been made to tell you about the request or to obtain an order protecting the information requested.
  
  
• Law enforcement: We also may disclose protected health information, so long as applicable legal requirements are met, for law enforcement purposes. These law enforcement purposes include: response to a court order, subpoena, warrant, summons or similar process; limited information requests for identification and location purposes to identify or locate a suspect, fugitive, material witness or missing person; pertaining to victims of a crime; suspicion that death has occurred as a result of criminal conduct; if a crime occurs on the premises of the practice; medical emergency to report a crime, the location of the crime or victims; or the identity, description or location of a person who committed the crime.
  
  
• Coroners, funeral directors and organ donation: We may disclose protected health information to a coroner or medical examiner for identification purposes, determining cause of death, or for the coroner or medical examiner to perform other duties authorized by law. We also may disclose protected health information to a funeral director, as authorized by law, to permit the funeral director to carry out his or her duties. We may disclose such information in reasonable anticipation of death. Protected health information may be used and disclosed for cadaveric organ, eye or tissue donation purposes.
  
  
• Workers’ compensation: We may disclose your protected health information as authorized to comply with workers’ compensation laws and other similar legally established programs.
  
  
• Military or national security: We may disclose your health information to the proper authorities so they may carry out their duties under the law if you are involved with the military, national security or intelligence activities.
  
  
• Inmates: We may use or disclose your protected health information if you are an inmate of a correctional facility and your physician created or received your protected health information in the course of providing care to you. This release would be necessary for the institution to provide you with health care, to protect your health and safety or the health and safety of others, or for the safety and security of the correctional institution.
  
  
• Required uses and disclosures: Under the law, we must make disclosures to you and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of Section 164.500 et. seq.

Other Permitted and Required Uses and Disclosures That May Be Made With Your Authorization or Opportunity to Object

We may use and disclose your protected health information in the following instances. You have the opportunity to agree or object to the use or disclosure of all or part of your protected health information. If you are not present or unable to agree or object to the use or disclosure of the protected health information, then your physician may, using professional judgment, determine whether the disclosure is in your best interest. In this case, only the protected health information that is relevant to your health care will be disclosed.

• Others Involved in Your Health Care: Unless you object, we may disclose to a member of your family, a relative, a close friend or any other person you identify, your protected health information that directly relates to that person’s involvement in your health care. If you cannot agree or object to such a disclosure, we may disclose such information as necessary if we determine that it is in your best interest based on our professional judgment. We may use or disclose protected health information to notify or help notify a family member, personal representative or any other person responsible for your
  care of your location, general condition or death. Finally, we may use or disclose your protected health information to an authorized public or private entity to help in disaster-relief efforts and to coordinate uses and disclosures to family or other individuals involved in your health care.
  
  
• Emergencies: We may use or disclose your protected health information in an emergency treatment situation. If this happens, your physician will try to obtain your acknowledgment of receipt of the Notice of Privacy Practices as soon as reasonably practicable after the delivery of treatment.
  
  
• Research: Under certain circumstances, and only after a special approval process, we may use and disclose your health information to help conduct research. Such research might try to find out whether a certain treatment is effective in curing an illness.

Uses and Disclosures of Protected Health Information Based on Your Written Authorization

Other uses and disclosures of your protected health information will be made only with your written authorization, unless otherwise permitted or required by law as described below. You may revoke this authorization at any time in writing, except to the extent that Great River Health Systems has taken an action in reliance on the use or disclosure indicated in the authorization.

Your Rights

Following is a statement of your rights with respect to your protected health information and a brief description of how you may exercise these rights:

• You have the right to inspect and copy your protected health information: This means you may inspect and obtain a copy of protected health information about you that is contained in a designated record set for as long as we maintain the protected health information. A “designated record set” contains medical and billing records and any other records that our staff uses for making decisions about you.
  
  Under federal law, however, you may not inspect or copy the following records: psychotherapy notes; information compiled in reasonable anticipation of, or use in, a civil, criminal, or administrative action or proceeding; and protected health information that is subject to law that prohibits access to protected health information.
  
  To inspect and copy medical information that may be used to make decisions about you and your care, you must submit your request in writing to our Department of Health Information Management. If you request a copy of the information, we may charge you a fee for the costs of copying, mailing or other supplies associated with your request.
  
  We may deny your request to inspect and copy in a certain very limited number of instances. You may have a right to have this decision reviewed. The person conducting the review will not be the person who denied your request. We will comply with the outcome of the review. Please contact our Privacy Officer if you have questions about a denial of access to your medical record.
  
  
• You have the right to request a restriction of your protected health information: This means you may ask us not to use or disclose any part of your protected health information for the purposes of treatment, payment or health-care operations. You also may request that any part of your protected health information not be disclosed to family members or friends who may be involved in your care or for notification purposes as described in this Notice of Privacy Practices. Your request must be in writing, state the specific restriction requested and to whom you want the restriction to apply. For example, you can request that we not use or disclose information about a surgery that you had.
  
  Great River Health Systems is not required to agree to a restriction that you may request. If Great River Health Systems believes it is in your best interest to permit use and disclosure of your protected health information, your protected health information will not be restricted. If Great River Health Systems does not agree to your requested restriction, it will give you written notice of such decision. If Great River Health Systems does agree to the requested restriction, we may not use or disclose your protected health information in violation of that restriction unless it is needed to provide
  emergency treatment. With this in mind, please discuss any restriction you wish to request with our Privacy Officer. You may request a restriction by contacting and discussing the issue with the Privacy Officer.
  
  
• You have the right to request to receive confidential communications from us by alternative means or at an alternative location: This means that you can request us to communicate with you about medical matters in a certain way or at a certain location. For example, you can request that we only contact you at work or at home.
  
  We will accommodate reasonable requests. We also may condition this accommodation by asking you for information as to how payment will be handled or specification of an alternative address or other method of contact. We will not request an explanation from you as to the basis for the request. Please make this request in writing to our Department of Health Information Management.
  
  
• You may have the right to have your protected health information amended: This means you may request an amendment of protected health information about you in a designated record set for as long as we maintain this information. Please make this request in writing to our Department of Health Information Management. In addition, you must provide a reason that supports your request.
  
  We may deny your request for an amendment if it is not in writing or does not include a reason to support the request. In addition, we may deny your request if you ask us to amend information that was not created by us (unless the person or entity that created the information is no longer available to make the amendment), is not part of the medical information kept by or for the hospital, is not part of the information that you would be permitted to inspect and copy, or the information is accurate and correct.
  
  If we deny your request for amendment, you have the right to file a statement of disagreement with us and we may prepare a rebuttal to your statement and will provide you with a copy of any such rebuttal.
  
  
• You have the right to receive an accounting of certain disclosures we have made, if any, of your protected health information: This right applies to disclosures for purposes other than treatment, payment or health-care operations as described in this Notice of Privacy Practices. It excludes disclosures we may have made to you, for a facility directory, to family members or friends involved in your care, for national security, law enforcement/corrections or certain health oversight activities. You have the right to receive specific information regarding these disclosures that occurred after April 14, 2003. The list will include the date of each disclosure, who received the disclosed health information, a brief description of the health information disclosed and why the disclosure was made.
  
  To request a list or accounting of disclosures, you must submit your request in writing to our Department of Health Information Management. Your request must state a time period that may not be longer than six years and may not include dates fore April 14, 2003. Your request should state in what form you want the list (for example, in writing or electronically). The first list you receive in a 12-month period is free. For additional lists, we may charge you for the costs of providing the list. We will notify you of the cost involved and you may choose to withdraw or modify your request at that time before any costs are incurred.
  
  
• You will receive a paper copy of this notice from us, on request, even if you have agreed to accept this notice electronically.

Complaints

You may complain to us or to the United States Secretary of Health and Human Services if you believe we have violated your privacy rights. You may file a complaint with us by notifying our Privacy Officer of your complaint. We will not retaliate against you for filing a complaint.

For further information about the complaint process, you may contact our Privacy Officer at (319) 768-3292, or 1221 S. Gear Ave., West Burlington, IA 52655.

This notice was published and becomes effective on April 14, 2003.