This Notice describes how medical information about you may be used and disclosed and how you can get access to this information. Please review it carefully.
We care about our patients’ privacy and strive to protect the confidentiality of your medical information at this practice. Federal legislation requires that we issue this official notice of our privacy practices. You have the right to the confidentiality of your medical information, and this practice is required by law to maintain the privacy of that protected health information. We will only use or disclose your PHI as permitted or required by applicable state law. This Notice applies to our use and disclosure of your PHI for purposes of enrollment, eligibility and payment under Nephrology Associates of Dayton, Inc. Nephrology Associates of Dayton, Inc. understands that your health information is highly personal, and we are committed to safeguarding your privacy. Please read this Notice of Privacy Practices thoroughly. It describes how we will use and disclose your PHI.
I. PERMITTED OR REQUIRED USE OR DISCLOSURE
The following lists various ways in which we may use or disclose your PHI:
- For Treatment. We will use and disclose your PHI in providing you with treatment and services and coordinating your care and may disclose information to other providers involved in your care. Your PHI may be used by doctors involved in your care and by nurses and home health aides as well as by physical therapists, social workers, personal care attendants or other persons involved in your care. For example, members of the multidisciplinary team (which includes your primary care provider, a registered nurse, a social worker, physical and occupational therapists, and other care givers) will discuss your plan of care and contact any specialists regarding care provided to you. We may use or disclose your PHI to inform you about treatment alternatives and health-related benefits and services that may be of interest to you.
- For Payment. We may use and disclose your PHI for billing and payment purposes. We may disclose your PHI to your personal representative, or to an insurance or managed care company.
- For Health Care Operations. We may use and disclose your PHI as necessary for health care operations, such as management, personnel evaluation, education, and training and to monitor quality of care. For example, we will use data about your treatment to conduct quality assessment activities. We may disclose your PHI to another entity with which you have or had a relationship if that entity requests your information for certain of its health care operations or health care fraud and abuse detection or compliance activities. We may use or disclose your information, as necessary, to contact you to remind you of an appointment. We will share your information with third party “business associates” that perform various activities (e.g., billing, software assistance) for Nephrology Associates of Dayton, Inc.
- Emergencies. We may use or disclose your PHI as necessary in emergency treatment situations.
- Law Enforcement Purposes. We will disclose your PHI to the police or other law enforcement officials as required by law, such as identifying a criminal suspect or a missing person or providing information about a crime victim or criminal conduct.
- Required by Law. We will disclose PHI about you when required by federal, state, or local law. Examples include disclosures in response to a court order / subpoena, mandatory state reporting (e.g., gunshot wounds, victims of elder abuse or neglect). or information necessary to comply with other laws.
- Coroners, Medical Examiners, Funeral Directors, Organ Procurement Organizations. We may release PHI to a coroner, medical examiner, funeral director or, if you are an organ donor, to an organization involved in the donation of organs and tissue.
- Specialized Government Functions. We will disclose your PHI regarding government functions such as military, national security and intelligence activities, as authorized by law. We will use and disclose PHI to the Department of Veterans Affairs to determine whether you are eligible for certain benefits.
- Public Health Oversight or Safety. We may use and disclose PHI to avert a serious threat to health and safety of a person or the public. Examples include disclosures of PHI to state investigators regarding quality of care or to public health agencies regarding immunizations, communicable diseases, etc. We will use and disclose PHI for activities related to the quality, safety or effectiveness of FDA regulated products or activities, including collecting, and reporting adverse events, tracking, and facilitating product recalls, etc.
- More Stringent State and Federal Laws. State law is more stringent than HIPAA in several areas. Certain federal laws also are more stringent than HIPAA. Nephrology Associates of Dayton, Inc. will continue to abide by these more stringent state and federal laws.
- More Stringent Federal Laws. The federal laws include applicable internet privacy laws, such as the Children’s Online Privacy Protection Act and the federal laws and regulations governing the confidentiality of PHI regarding substance abuse treatment.
- More Stringent State Laws. State law is more stringent when the individual is entitled to greater access to records than under HIPAA. State law also is more restrictive when the records are more protected from disclosure by state law than under HIPAA. In cases where we provide treatment to a patient who resides in a neighboring state, we will abide by the more stringent applicable state law.
II. PERMITTED USE OR DISCLOSURE WITH AN OPPORTUNITY FOR YOU TO AGREE OR OBJECT
- Individuals Involved in Your Care or Payment for Your Care. We may disclose your PHI to a friend or family member who is involved in your medical care. This would include persons named in any durable health care power of attorney or similar document provided to us. You have a right to request that your information not be shared with some or all your family or friends. In addition, we may disclose your PHI to an entity assisting in a disaster relief effort so that your family can be notified about your condition, status, and location.
- Reporting Victims of Abuse, Neglect or Domestic Violence. If we believe that you have been a victim of abuse, neglect, or domestic violence, we may use and disclose your PHI to notify a government authority, if authorized by law or if you agree to the report.
- Health Information Exchange. If a statewide or regional Health Information Exchange (“HIE”) operates in this state we will share your health records electronically with the exchange for the purposes of improving the overall quality of health care services provided to you (e.g., avoids unnecessary duplicate testing). The electronic health records will include sensitive diagnosis such as HIV/AIDS, sexually transmitted diseases, genetic information, and mental health substance abuse, etc. The HIE is functioning as our business associate and, in acting on our behalf, the HIE will transmit, maintain, and store your PHI for treatment, payment and health care operation purposes. The HIE has a duty to implement administrative, physical, and technical safeguards that reasonably and appropriately protect the confidentiality and integrity of your medical information. State law may provide you rights to restrict, opt-in or opt-out of the exchange.
III. USE OR DISCLOSURE REQUIRING YOUR AUTHORIZATION
- Research. We will obtain your written authorization to use or disclose your PHI for research purposes when required by HIPAA.
- Psychotherapy Notes. Most uses and disclosures of psychotherapy notes require your written authorization.
- Sale of PHI. Subject to certain limited exceptions, disclosures that constitute a sale of PHI requires your written authorization.
- Other Uses & Disclosures. Any other uses and disclosures of PHI not covered by this notice or the laws that apply to us will be made only with your written authorization. You may revoke that authorization in writing, at any time. You understand that we are unable to take back any disclosures we have already made with your authorization.
IV. YOUR HEALTH INFORMATION RIGHTS
You have the following individual rights concerning your PHI: Exercise of these rights may require submitting a written request to the Nephrology Associates of Dayton, Inc. At your request, Nephrology Associates of Dayton, Inc. will supply you with the appropriate form to complete.
- Right to Inspect & Copy. Subject to certain limited exceptions, you have the right to access your PHI and to inspect and copy your PHI if we maintain the data. You will be charged a reasonable copying fee in accordance with applicable federal or state law. You also have the right to request your PHI in electronic format in cases where we utilize electronic health records.
- If we deny your request for access to your PHI, we will notify you in writing with the reason for the denial. For example, you do not have the right to psychotherapy notes or to inspect the information which is subject to law prohibiting access. You have the right to have this decision reviewed.
- Right to Amend. You have the right to amend your PHI for as long as Nephrology Associates of Nephrology maintain the data. Your request must state the reason for the requested amendment. We may deny your request for changes if:
- Nephrology Associates of Dayton, Inc. did not create the information.
- The information is not part of the designated record set.
- The information would not be available for your inspection (due to its condition or nature) or
- The information is accurate and complete.
- If we deny your request for amendment, we will give you a written denial including the reasons for the denial and the right to submit a written statement disagreeing with the denial.
- Right to an Account of Disclosures. You have a right to receive an accounting of the disclosures of your PHI that we have made, except for the following disclosures:
- To carry out treatment, payment of health care operations
- To you
- To persons involved in your care
- For national security or intelligence purposes
- To correctional institutions or law enforcement official
- Your written request must include a time-period that is within 6 years from the date of your request. In any given 12-month period, we will provide you with an accounting of the disclosures off your PHI at no charge. Any additional requests for an accounting within that time-period will be subject to a reasonable fee for preparing the accounting.
- Right to Request Restrictions. You have the right to request restrictions on certain uses and disclosures of your PHI to carry out treatment, payment, or health care operations functions or to prohibit such disclosure. However, Nephrology Associates of Dayton, Inc. will consider your request but is not required to agree to the requested restrictions.
- Right to Confidential Communications. You have the right to receive confidential communications of your PHI by alternative means or at alternative locations.
- Right to a Paper Copy of This Notice. You have the right to a paper copy of this Notice of Privacy Practices upon request.
V. BREACH OF UNSECURED PHI
If a breach of unsecured PHI affecting you occurs, Nephrology Associates of Dayton, Inc. is required to notify you of the breach.
VI. SHARING AND JOINT USE OF YOUR PHI
In the course of providing care to you and in furtherance of Nephrology Associates of Dayton, Inc. mission to improve the health of the community, we will share your PHI with other organizations as described below who have agreed to abide by the terms described below:
- Nephrology Associates of Dayton, Inc. is a community partner with Premier Health and participate together to deliver health care to you, for utilization review and quality assessment activities. We have agreed to abide by the terms of this Notice with respect to PHI created or received as part of delivery of healthcare to you, utilization review and quality assessment activities of Nephrology Associates of Dayton, Inc. and its patients Premier Health will abide by the terms of their Notice of Privacy Practices in using your PHI for treatment, payment, or healthcare operations. Premier Health also use your PHI for your treatment, payment for healthcare operations permitted by HIPAA with respect to your mutual patients.
- Business Associates. We will share your PHI with Business Associates and their Subcontractors contracted to perform business functions on Nephrology Associates of Dayton, Inc.’s behalf.
VII. CHANGES TO THIS NOTICE
We will abide by the terms of the Notice currently in effect. We reserve the right to change this notice. We reserve the right to make the revised or changed notice effective for the PHI we already have about you as well as any information we receive in the future. We will post a copy of the current notice in the Center and on our web site. You can also ask for a current copy of the Notice at any time.
VIII. FOR FURTHER INFORMATION OR TO FILE A COMPLAINT
If you have any questions about this Notice or would like further information concerning your privacy rights, please contact the Nephrology Associates of Dayton, Inc. Privacy Official.
If you believe that your privacy rights have been violated, you may file a complaint in writing with Nephrology Associates of Dayton, Inc. Privacy Official or with the Secretary of the Department of Health and Human Services.
You will not be retaliated against for filing a complaint.
Nephrology Associates of Dayton, Inc. Compliance Official
7700 Washington Village Drive, Suite 230
Dayton, Ohio 45459