Rockland Hospital Guild
Notice of Privacy Practices
THIS NOTICE DESCRIBES HOW MEDICAL INFORMATION ABOUT YOU MAY BE USED AND DISCLOSED, AND HOW YOU CAN GET ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS NOTICE CAREFULLY.
We keep a record of the care and services you receive at this facility. We need this record to provide you with quality care and to comply with certain legal requirements. We are committed to protecting your health information and to following all state and federal laws regarding the protection of your health information.
Your health record contains personal information about you and your health. This information about you that may identify you and that relates to your past, present, or future physical or mental health or condition, and related health care services is referred to as Protected Health Information (PHI). This Notice of Privacy Practices (NoPP) describes how we may use and disclose your PHI in accordance with applicable law, including the Health Insurance Portability and Accountability Act (HIPAA). It also describes your rights regarding how you may gain access to and control your PHI.
The Rockland Hospital Guild (RHG) is required by law to maintain the privacy of PHI and to provide you with notice of our legal duties and privacy practices with respect to PHI. We are required to abide by the terms of this NoPP. We reserve the right to change the terms of our NoPP at any time. Any new NoPP will be effective for all PHI that we maintain at that time. We will provide you with a copy of the revised NoPP by giving you a copy or sending one to you in the mail upon your request.
HOW WE MAY USE AND DISCLOSE HEALTH INFORMATION ABOUT YOU
For Treatment. Your PHI may be used and disclosed by those RHG staff who are involved in your care for the purpose of providing, coordinating, or managing your residential treatment and related services. This includes consultation with supervisors or other residence staff. We may disclose PHI to any other consultant only with your authorization.
For Payment. We may use and disclose PHI so that we can receive payment for the Restorative Services provided to you. Examples of payment-related activities are: making a determination of eligibility or coverage for insurance benefits, processing claims with CMS, reviewing services provided to you to determine medical necessity, or undertaking utilization review activities. We will only disclose the minimum amount of PHI necessary for purposes of collection.
For Health Care Operations. We may use or disclose, as needed, your PHI in order to support our business activities, including, but not limited to, quality assessment activities, employee review activities, licensing, and conducting or arranging for other business activities. For example, we may share your PHI with third parties that perform various business activities (e.g., billing services) provided we have a written contract with the business that requires it to safeguard the privacy of your PHI. For training or teaching purposes PHI will be disclosed only with your authorization.
Required by Law. Under the law, we must disclose your PHI to you upon your request. In addition, we must make disclosures to the Secretary of the Department of Health and Human Services for the purpose of investigating or determining our compliance with the requirements of the Privacy Rule.
Disclosure Without Authorization.
Following is a list of the categories of uses and disclosures permitted by HIPAA without an authorization. Applicable law and ethical standards permit us to disclose information about you without your authorization only in a limited number of situations.
- Medical Emergencies. We may use or disclose your PHI in a medical emergency situation to medical personnel only in order to prevent serious harm. Our staff will try to provide you a copy of this notice as soon as reasonably practicable after the resolution of the emergency
- Child Abuse or Neglect. We may disclose your PHI to a state or local agency that is authorized by law to receive reports of child abuse or neglect.
- Health Oversight. If required, we may disclose PHI to a health oversight agency for activities authorized by law, such as audits, investigations, and inspections. Oversight agencies seeking this information include government agencies and organizations that provide financial assistance to the program (such as third-party payers based on your prior consent) and peer review organizations performing utilization and quality control.
- Law Enforcement. We may disclose PHI to a law enforcement official as required by law, in compliance with a subpoena (with your written consent), court order, administrative order or similar document, for the purpose o fidentifying a suspect, material witness or missing person, in connection with the victim of a crime, in connection with a deceased person, in connection with the reporting of a crime in an emergency, or in connection with a crime on the premises. We may disclose your PHI pursuant to a subpoena (with your written consent), court order, administrative order or similar process.
- Public Safety. We may disclose your PHI if necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public. If information is disclosed to prevent or lessen a serious threat it will be disclosed to a person or persons reasonably able to prevent or lessen the threat, including the target of the threat.
Disclosure With Authorization. Uses and disclosures not specifically permitted by applicable law will be made only with your written authorization, which may be revoked at any time by you, except to the extent that we have already made a use or disclosure based upon your authorization.
What is Not Covered Under This Notice
- Confidential HIV Related Information (requires a separate consent)
- Alcohol/Substance Abuse treatment information (requires a separate consent)
YOUR RIGHTS REGARDING YOUR PHI
You have the following rights regarding PHI we maintain about you. To exercise any of these rights, please submit your request in writing to our Executive Director at Rockland Hospital Guild.
- Right of Access to Inspect and Copy. You have the right, which may be restricted only in exceptional circumstances, to inspect and copy PHI that is maintained in a “designated record set”. A designated record set contains mental health/medical and billing records and any other records that are used to make decisions about your care. Your right to inspect and copy PHI will be restricted only in those situations where there is compelling evidence that access would cause serious harm to you. We may charge a reasonable, cost-based fee for copies. If your records are maintained electronically, you may also request an electronic copy of your PHI. You may also request that a copy of your PHI be provided to another person.
- Right to Amend. If you feel that the PHI we have about you is incorrect or incomplete, you may ask us to amend the information although we are not required to agree to the amendment. If we deny your request for amendment, you have the right to file a statement of disagreement with us. We may prepare a rebuttal to your statement and will provide you with a copy. Please contact the Privacy Officer if you have any questions.
- Right to an Accounting of Disclosures. You have the right to request an accounting of certain of the disclosures that we make of your PHI. We may charge you a reasonable fee if you request more than one accounting in any 12-month period.
- Right to Request Restrictions. You have the right to request a restriction or limitation on the use or disclosure of your PHI for treatment, payment, or health care operations. We are not required to agree to your request unless the request is to restrict disclosure of PHI to a health plan for purposes of carrying out payment or health care operations, and the PHI pertains to a health care item or service that you paid for out of pocket. In that case, we are required to honor your request for a restriction.
- Right to Request Confidential Communication. You have the right to request that we communicate with you about health matters in a certain way or at a certain location. We will accommodate reasonable requests. We may require information regarding how payment will be handled or specification of an alternative address or other method of contact as a condition for accommodating your request. We will not ask you for an explanation of why you are making the request.
- Breach Notification. If there is a breach of unsecured PHI concerning you, we may be required to notify you of this breach, including what happened and what you can do to protect yourself.
- Right to a Copy of this Notice. You have the right to a paper copy of this notice.
If you believe we have violated your privacy rights, you have the right to file a complaint with our Compliance Officer at Rockland Hospital Guild at 845-680-6226 ext 104, or with the Secretary of Health and Human Services at 200 Independence Avenue, S.W. Washington, D.C. 20201 or by calling (202) 619-0257. We will not retaliate against you for filing a complaint.