We intend to abide by the Final Omnibus Rule of the HIPAA regulations regarding your Protected Health Information, hereafter abbreviated as PHI. The term PHI refers to your medical records, billing and payment records, your name, address, date of birth, social security number, payment history, the name of your health plan and account number, and other data that identifies you.
We are permitted by law to disclose PHI to you and to anyone who needs it to carry out treatment, payment, or healthcare operations. We will be required to obtain your signature for authorization to release PHI for most uses unrelated to treatment, payment, and healthcare operations. We will retain your authorization and provide you a copy if you wish to have it. PHI will be provided within 30 days of the written request in hard copy form. Information may be available for transfer onto USB media if the media is provided by the patient. You may revoke your authorization in writing at any time.
We may disclose PHI as required by law to entities including, but not limited to the following:
- Public Health activities
- Victim of abuse, neglect, or domestic violence
- Reportable diseases
- Adverse events to medicines
- Work related injuries may be reported to OSHA or your employer
- Criminal investigations
- Orders by the court or law
- Organ donation data
- Coroners, medical examiners, and funeral directors requests
- Certain military or veterans activities
- Schools (childhood immunizations only)
- Family of the deceased, according to previously signed authorizations
We may use your PHI to contact you for appointment reminders or health information we believe will be of interest to you.
We DO NOT sell or disclose PHI for the purpose of marketing or fundraising.
We may transmit PHI via email to you, if requested. This will only be done after discussing the risk to you and only after a signed consent is received.
You have the right to:
- Request restrictions on uses and disclosures to your healthcare plan for those services paid out of your pocket.
- Request restrictions on uses and disclosures. Other than the above, we are not required to agree with the restrictions.
- Receive confidential communications of PHI.
- Inspect and copy PHI.
- Request amendments to PHI by submitting the desired changes in writing.
- Receive an accounting of disclosures of PHI.
You may complain if you believe your privacy rights have been violated. You may call (479) 521-3363 and ask to speak to the Privacy Compliance Officer. We will not retaliate against you for filing a complaint. You may complain directly to the Secretary of Health and Human Services.
We have a legal obligation to maintain the privacy of your PHI and abide by the terms of the notice currently in effect.
We have a legal obligation to notify you in the event of a breach of PHI, unless, after completing a risk analysis as outlined by the Omnibus Rule, it is determined that there is a low probability of PHI compromise.
We have the right to change the terms of this notice. The revised notice will be posted in our lobby and on our website. You may also request a hard copy.
Details of the HIPAA Privacy and Omnibus Rules are available in the Federal Register at your public library.