Patient Notification of Privacy Rights
At Holistic Integration, the protection of your personal information and data is of the utmost importance to us. Read below for information on your privacy rights when it comes to your medical history, records, appointments, and information and to learn more about the steps we take to protect you.
The Health Insurance Portability and Accountability Act (HIPAA) has created new patient protections surrounding the use of protected health information. Commonly referred to as the “medical records privacy law,” HIPAA provides patient protections related to the electronic transmission of data (“the transaction rules”); the keeping and use of patient records (“privacy rules”); and, storage and access to health care records (“the security rules”).
HIPAA applies to all health care providers. Providers and health care agencies throughout the country are required to provide patients a notification of their privacy rights as it relates to their health care records. You may have already received similar notices such as this one from your other health care providers.
As you might expect, the HIPAA law and regulations are extremely detailed and difficult to grasp if you don’t have formal legal training. Our Patient Notification of Privacy Rights is our attempt to inform you of your rights in a simple yet comprehensive fashion. The information regarding HIPAA was taken directly from the Department of Health Website. In health care, confidentiality and privacy are central to the success of the medical care relationship; and as such, you will find we do all we can to protect the privacy of your health records.
If you have any questions about any of the matters discussed in this information, please do not hesitate to ask our office staff for further clarification. Whether or not we file insurance claims on your behalf, we are required by law to secure your signature indicating you have received this Patient Notification of Privacy Rights document. Thank you for your thoughtful consideration of these matters.
This information describes how your health records may be used and disclosed, and how you can obtain access to this information. Please read it carefully.
WHAT IS HIPAA?
HIPAA is the federal Health Insurance Portability and Accountability Act of 1996. The primary goal of the law is to make it easier for people to keep health insurance, protect the confidentiality and security of healthcare information and help the healthcare industry control administrative costs.
HIPAA is divided into different titles or sections that address a unique aspect of health insurance reform. Two main sections are Title I dealing with Portability and Title II that focuses on Administrative Simplification.
This section allows individuals to carry their health insurance from one job to another so that they do not have a lapse in coverage. It also restricts health plans from requiring pre-existing conditions on individuals who switch from one health plan to another.
This section is the establishment of a set of standards for receiving, transmitting and maintaining healthcare information and ensuring the privacy and security of individual identifiable information.
The HIPAA electronic data requirements are meant to encourage the healthcare industry to move the handling and transmission of patient information from manual to electronic systems in order to improve security, lower costs, and lower the error rate. However, the main focus on this page is the Privacy provisions of HIPAA.
HIPAA provides for the protection of individually identifiable health information that is transmitted or maintained in any form or medium. The privacy rules affect the day-to-day business operations of all organizations that provide medical care and maintain personal health information.
Who Must Comply?
HIPAA requires the following entities to comply:
Health Care Providers: Any provider of medical or other health services that bills or is paid for healthcare in the normal course of business. Health care includes preventive, diagnostic, therapeutic, rehabilitative, maintenance, or palliative care, and counseling, services, assessment, or procedure with respect to the physical or mental condition, or functional status of an individual.
Health Care Clearinghouse: Businesses that process or facilitate the processing of health information received from other businesses. It includes groups such as physician and hospital billing services.
Health Plans: Individuals or group plans that provide or pay the cost of medical care, please note that this includes both Medicare and Medicaid programs.
What Health Information is Protected?
HIPAA protects an individual’s health information and his/her demographic information. This is called “protected health information” or “PHI.” Information meets the definition of PHI if, even without the patient’s name, if you look at certain information and you can tell who the person is then it is PHI. The PHI can relate to past, present or future physical or mental health of the individual. PHI describes a disease, diagnosis, procedure, prognosis, or condition of the individual and can exist in any medium –files, voice mail, email, fax, or verbal communications.
HIPAA defines information as protected health information if it contains the following information about the patient, the patient’s household members, or the patient’s employers:
- Dates relating to a patient , i.e. birthdates, dates of medical treatment, admission and discharge dates, and dates of death
- Telephone numbers, addresses (including city, county, or zip code) fax numbers and other contact information
- Social Security numbers
- Medical records numbers
- Finger and voice prints
- Any other unique identifying number
WHAT ARE A PATIENT’S RIGHTS UNDER HIPAA’S PRIVACY STANDARDS?
HIPAA stipulates the following patient’s right under its privacy rule:
- Patients have a right to receive a notice of the privacy practices of any healthcare provider, health clearing house, or health plan.
- Patients have a right to see their PHI and get a copy.
- Patients have a right to request that changes be made to correct errors in their records or to add information that has been omitted.
- Patients have a right to see a list of some of the disclosures that have been made of their PHI.
- Patients have a right to request that you give special treatment to their PHI.
- Patients have a right to request confidential communications.
- Patients have a right to complain.
A patient has the right to submit a complaint if he believes that the health provider has:
- Improperly used or disclosed their PHI
- Concerns about their HIPAA Privacy policies
- Concerns about the provider’s compliance of its privacy policies.
The patient may file the complaint with either of the following:
- The provider’s Chief Privacy Officer
- The US Department of Health and Human Services, Office of Civil Rights
At Holistic Integration, in accordance with federal medical record sharing options, we use a medical records sharing tool called OnPatient to allow you access to your health records online at any time. OnPatient allows you to securely connect with all your medical providers, and it grants you access to your medical information via web or on the OnPatient mobile app.
Through OnPatient you can:
- Fill out any paperwork you need to before your appointment to make check-in easier
- View your upcoming appointments and even check-in online
- View your medical records including appointment history, lab results, and referrals
- Manage your contact and insurance information
- Have educational material sent directly to your account
- Connect your child’s account and manage their health records with yours
To Connect with OnPatient:
When you schedule your New Patient Exam, we will send you a link via email to sign up with OnPatient. For security reasons, the sign up link is only active for 24 hours, so if you lose access or need the email resent, simply call our front desk (317-848-8048) or text us through our secure messaging system (317-526-4435) to verify your email address in our system and ask us to send you an email invitation to OnPatient.