MedCare Pediatric Group, LP - Notice of Privacy Practices
PLEASE REVIEW IT CAREFULLY.
Who Will Follow This Notice
This notice describes the medical information practices of MedCare Pediatric Group, LP health and welfare plan (the “Plan”) under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and the Health Information Technology for Economic and Clinical Health Act (“HITECH”) and describes how the Plan will use or disclose your Protected Health Information (“PHI”) to carry out treatment, payment, or healthcare operations, or for any other purpose permitted or required by law.
We are required by law to maintain the privacy of your PHI, to provide you with a notice of our legal duties and privacy practices with respect to your PHI, and to follow the terms of the notice that is currently in effect. We are also required to notify affected individuals in the case of a breach of unsecured PHI.
Our Pledge Regarding Protected Health Information
We understand that your PHI and your health is personal and are committed to safeguarding your PHI. We create a record of the health care claims reimbursed under the Plan for Plan administrative purposes. This notice applies to all of the medical records, including claims records, the Plan maintains. Your personal doctor or health care provider may have different policies or notices regarding the doctor’s use and disclosure of your PHI created in the doctor’s office or clinic.
This notice will tell you about the ways in which we may use and disclose your PHI. It also describes our obligations and your rights regarding the use and disclosure of protected health information.
We reserve the right to change the terms of this Notice and to make new revisions about your PHI that we maintain, as allowed or required by law. If we make any material change, we will provide you with a copy of our revised Notice of Privacy Practices by direct mail or hand delivery. A copy of the most current Notice will also be posted on our company website and intranet, with the effective date included.
How We May Use and Disclose Your Protected Health Information (“PHI”)
HIPAA only protects certain medical information known as protected health information (“PHI”). Generally, PHI is information created or received by a health care provider, a health care clearing house, a health plan, or your employer on behalf of your health plan, from which it is possible to identify you and which relates to: 1) your past, present, or future physical or mental health condition; 2) the provision of health care to you; or 3) the past, present, or future payment of health care claims on your behalf.
The following categories describe different ways that we use and disclose PHI. For each category of uses or disclosures, we will explain and give an example. Not every use or disclosure in a category will be listed. However, all of the ways we are permitted to use and disclose information will fall into one of these categories.
Treatment. We may use or disclose your PHI to staff members or other health care professionals for the purpose of facilitating medical treatment or services by providers. We may disclose PHI about you to providers, including doctors, nurses, therapists, medical students, MedCare administrative personnel, or other medical-related personnel who are involved in taking care of you. For example, we may use your PHI for case management or coordination of care with other providers that are associated with you.
Payment. We may use or disclose your PHI to determine eligibility for Plan benefits, to facilitate payment for the treatment and services you receive from health care providers, to determine benefit responsibility under the Plan or to coordinate Plan coverage. For example, your health plan may request and receive information on dates of ser¬vice, the services provided, and the medical condition being treated. We may also share medical information with a utilization review or re-credentialing representative in order to continue to receive payments for services that are rendered to you.
Health Care Operations. We may use or disclose your PHI to support the day-to-day activities and management of MedCare. For example, information on the services you received may be used to sup¬port budgeting and financial reporting, and activities to evaluate and promote quality.
As Required By Law. We may use or disclose your PHI to federal, state or local law enforce¬ment agencies to support government audits and inspections, to facilitate law-enforcement investigations, and to comply with government mandated reporting. For example, your PHI may be disclosed for a court ordered subpoena in a litigation proceeding.
To Avert a Serious Threat to Health and Safety. We may use or disclose your PHI to prevent a serious threat to your, another person’s, or the public’s health and safety. However, the disclosure would only be to someone able to help prevent the serious threat. For example, we are required to report certain communicable diseases to the state’s public health department.
To Business Associates. We may contract with individuals or entities known as Business Associates to perform various functions on behalf of the Plan or to provide certain types of services. In order to perform these functions or to provide these services, Business Associates may receive, create, maintain, transmit, use, and/or disclose your PHI, but only after they agree in writing to implement appropriate safeguards regarding your PHI. For example, we may disclose your PHI to a Business Associate that is providing electronic medical records support.
Prohibition on Use or Disclosure of Genetic Information. The Plan is prohibited from using or disclosing your genetic information for underwriting purposes.
Treatment Alternatives or Health-Related Benefits and Services. We may use and disclose your PHI to send you information about treatment and management alternatives or other health-related benefits and services that we believe may interest you.
Organ and Tissue Donation. If you are an organ donor, we may use or disclose your PHI to organizations that handle organ procurement or organ, eye or tissue transplantation or to an organ donation bank as necessary.
Military and Veterans. If you are a current member of the armed forces, we may release PHI as deemed necessary by military command authorities to ensure the proper execution of their military mission. We may release PHI about foreign military personnel to the appropriate foreign military authority.
Workers’ Compensation. We may release your PHI to the extent necessary to comply with laws relating to workers’ compensation or similar programs, that provide benefits for work-related injuries or illness without regard to fault.
Public Health Risks. We may disclose your PHI to public health authorities. Reportable activities generally include the following:
- To prevent or control disease, injury or disability;
- To report births or deaths;
- To report child abuse or neglect;
- To conduct public health surveillance, investigation, or intervention;
- To notify a person who has been exposed to a disease or may be at risk for contracting or spreading a disease;
- To notify the appropriate government authority if we believe a patient has been the victim of abuse, neglect or domestic violence, but only if you agree to the disclosure, or the disclosure is required or authorized by law.
Health Oversight Activities. We may disclose your PHI to a health oversight agency for reasons authorized by law. For example, a health oversight agency may conduct audits, investigations, inspections, and licensure.
Lawsuits and Disputes. If you are Involved in a lawsuit or a legal dispute, we may disclose your PHI in response to a court or administrative order, a subpoena, discovery request, or other lawful process by someone else involved in the dispute. Prior to responding, we will attempt to inform you of the request or obtain an order protecting the health information requested.
Law Enforcement. We may release medical information if asked to do so by a law enforcement official:
- To report certain types of wounds or other physical injuries as required by law;
- In response to a court order, subpoena, court-ordered warrant, summons or similar process issued by a judicial officer;
- In response to a grand jury subpoena; or
- As otherwise permitted by HIPAA
Coroner, Medical Examiner and Funeral Directors. We may release your PHI to a coroner or medical examiner for the purposes of identifying a deceased person, determining the cause of death, or other duties authorized by law. We may also release PHI to funeral directors as necessary to carry out their duties.
National Security and Intelligence Activities. We may release your PHI to authorized federal officials for lawful Intelligence, counterintelligence, and other national security activities authorized by the National Security Act and Implementing regulations.
Uses and Disclosures for Which Your Written Authorization is Required. Disclosure of your health information or its use for any purpose other than those listed above will require your specific written authorization. If you change your mind after authorizing use or disclosure of your information, you may submit a writ¬ten revocation of the authorization. However, your decision to revoke the authorization will not affect or undo any use or disclosure of information that occurred before you notified us in writing of your decision to revoke your authorization. Below are other reasons your written authorization would be needed in order for us to use or disclose your PHI:
- Marketing or Advertising of Products or Services. Marketing includes circumstances when the Plan makes a communication about a product or service and then receives financial remuneration from a third party whose product or service is being marketed.
- Use or Disclosure or Disclosure of Psychotherapy Evaluations. Use or disclosure of psychotherapy information includes only the evaluations once your written authorization is received by MedCare. Due to psychological treatment session notes having stricter HIPAA protection, only the evaluation will be disclosed, unless authorized by law.
Other Uses of Medical Information. All other uses and disclosures of your medical information not described in this Notice of Privacy Practices or HIPAA and its implementing regulations will be made only with your written authorization. You have the right to revoke your written authorization at any time, but you must do so in writing, and we are required to comply with your request, except to the extent that we took prior action relying upon your authorization.
You have the following rights regarding protected health information we maintain about you:
- the right to inspect and copy PHI maintained, once a written request has been submitted to the Privacy Officer;
- the right to request to have inaccurate PHI amended, with the reason the PHI is inaccurate;
- the right to submit corrections to your PHI;
- the right to receive an accounting of disclosures (a list) of your PHI disclosures;
- the right to request restrictions on the use and disclosure of your protected health information;
- the right to receive confidential communications concerning your medical condition and treatment;
- the right to have your rights exercised through a legally appointed personal representative;
- the right to opt out of communications about Plan’s fundraising efforts;
- the right to request electronic copy of PHI maintained electronically;
- the right to be notified of any breach in your unsecured PHI; and
- the right to receive a printed copy of this notice.
Requests to Inspect Protected Health Information
All of the above rights will be honored once a written request is received by the Privacy Officer. You may obtain a form to request access to your records by contacting our Privacy Officer. Your request will be reviewed and will generally be approved unless there are legal or medical reasons to deny the request.
If you believe your privacy rights have been violated, you may file a complaint, in writing, with the Plan. To file a complaint with the Plan, contact the Privacy Officer:
Karyn Jolly, RN
Regulatory Compliance Director
12371 South Kirkwood Road
Stafford, TX 77477
In addition to filing a complaint with the Privacy Officer, you may file a complaint with the Secretary of the Department of Health and Human Services at:
Office for Civil Rights
U.S. Department of Health and Human Services
1301 Young Street, Suite 1169
Dallas, TX 75202
Voice Phone (214)767-4056
You will not be penalized or retaliated against for filing a complaint.