Summary Notice of Privacy Practices for Protected Health Information
Effective Date: January 1, 2020
This summary describes how your health information may be used and disclosed and how you can get access to it. Please read carefully. This is an abbreviated version of our HIPAA Compliance Plan which is available upon request.
Rumer Cosmetic Surgery (the “Practice”) is committed to using your health information responsibly. This Notice of Privacy Practices (“Notice”) describes the nature of your protected health information (“PHI”), and how and when we use or disclose that PHI. It also describes your rights as they relate to your PHI.
We are required by the Health Insurance Portability & Accountability Act of 1996 (“HIPAA”) to maintain the security and confidentiality of PHI obtained or created by us in any form. As required by HIPAA, we prepared this Notice to explain how we maintain the privacy of your PHI and how we may disclose your PHI. We are required by HIPAA to abide by the terms of this Notice. We reserve the right to amend this Notice at any time and such amended Notice shall apply to all PHI maintained by the Practice at that time. We will post and you may request a written copy of the revised Notice from our office.
UNDERSTANDING YOUR PHI
PHI is any information that relates to your past, present, or future physical or mental health, including treatment and payment therefor. Each time you come to the Practice, we create a record of your visit. This record may contain information about your personal demographics, medical exam, diagnoses, test results, treatment, and other pertinent data.
HOW WE MAY USE AND/OR DISCLOSE YOUR PHI
Treatment. Your PHI may be used by the Practice or disclosed to other health care professionals for the purpose of evaluating your health, diagnosing medical conditions, providing treatment, and coordinating your care. An example of this would include referring you to a specialist.
Payment. Your health insurance plan may request and receive information on dates of service, services provided, and the medical conditions(s) being treated in order to make payment, confirm coverage, billing or collection activities and utilization review under the relevant insurance policy. An example of this would include sending your insurance company a bill for your visit and/or verifying coverage prior to a surgery.
Health Care Operations. Your PHI may be used, as necessary, to support the day-to-day activities and management of the Practice. These activities include, but are not limited to, quality assessments, employee training and reviews and other business and health operations. Examples of this include requesting your completion of patient surveys or a sign-in sheet at the registration desk. We may also call you by name in the waiting room when your physician is ready to see you.
- Appointment Reminders. By phone or in writing via a non-specific message.
Health Related Benefits and Services. We may contact you to provide information about treatment alternatives or other health-related benefits and services that may be of interest to you.
- Communication with Family/Friends. Generally, we will only disclose your PHI to family/friends when authorized by you. However, unless you direct us otherwise, we may disclose PHI to a family member or other person that is involved in your care (e.g., transporting you home after surgery).
- Public Health Reporting. Your PHI may be disclosed to public health agencies as required by law, including to report child abuse, communicable diseases and reactions to drugs or medical devices.
- Healthcare Oversight. Your PHI may be disclosed to health oversight agencies for activities authorized by law. Examples include audits, surveys, licensure and disciplinary actions, etc.
- Legal Proceedings. The Practice may disclose your PHI in response to a court or administrative order; discovery request; subpoena or other lawful process. We will seek assurances from the party requesting your PHI that he/she/it has informed you of the request or obtained a protective order for the PHI.
- Law Enforcement. The Practice may also disclose your PHI for law enforcement purposes, although we shall do our best to ensure its continued confidentiality to the extent possible.
- Deceased Patients. The Practice may release PHI to a medical examiner to identify a deceased individual or cause of death, or to organizations handling organ donation if you are an organ donor.
- Research. There are certain circumstances in which we may use your limited PHI for the purpose of research. Unless such information is appropriately limited or its use is approved by an IRB, we will obtain your authorization for such research.
- Threats to Health and Safety; National Security. The Practice may disclose your PHI to the appropriate person or organization as necessary to reduce or prevent a serious threat to your health or safety, or the health or safety of others. The Practice may also disclose your PHI to federal officials for intelligence and national security activities authorized by law.
- Military. Your PHI may be disclosed if you are a member of the U.S. or foreign military (including veterans), to the extent required by the appropriate authorities.
- Inmates. Your PHI may be disclosed to correctional institutions or law enforcement officials if you are any inmate or under the custody of a law enforcement official.
- Workers’ Compensation. Your PHI may be disclosed for workers’ compensation and similar programs.
YOUR RIGHTS REGARDING YOUR PHI
You have the following rights under HIPAA with respect to your PHI:
- The right to receive confidential communications of PHI from us by reasonable alternative means or at alternative locations;
- The right to request restrictions on certain uses and disclosures of PHI, including those related to disclosures to family members, friends, or any other person identified by you. The Practice is not required to honor a request restriction except in limited circumstances. If we do agree to the restriction, we must abide by it unless otherwise required by law, in emergencies or you agree in writing to remove the restriction;
- The right to inspect and/or receive a copy of your PHI;
- The right to amend your PHI where such is incorrect or incomplete;
- The right to receive an accounting of the Practice’s or our business associates’ disclosures of your PHI;
- The right to obtain a paper copy of this Notice from us upon request;
- The right to file a complaint for suspected violations of your rights; and
- The right to be advised if your unprotected PHI is intentionally or unintentionally disclosed.
FOR MORE INFORMATION OR TO REPORT A PROBLEM
If you have questions, complaints or would like additional information regarding this Notice or our privacy practices, please contact:
Jen Palladino, HIPAA Compliance Officer
Rumer Cosmetic Surgery
105 Ardmore Avenue
Ardmore, PA 19003
If you believe that your privacy rights have been violated, please contact the Practice’s HIPAA Compliance Officer listed above. You may also file a complaint with the U.S. Department of Health and Human Services – Office for Civil Rights. There will be no retaliation for filing a complaint with either the Practice’s HIPAA Compliance Officer or with the Office for Civil Rights.