Patient Privacy Policy (HIPPA) & Patients’ Rights
my clinic protects your health information and privacy
Here is my office’s policy for how medical information about you may be used and disclosed, how you can get access to this information, how your privacy is being protected, and your patient rights.
My Clinic's Legal Responsibility:
I value and respect your right to privacy. As required by law, I strive to protect the privacy of your health information to the best of my ability. I adhere to my legal obligation to keep health information that identifies you private, and will only use and share information about you with your written consent.
In some limited cases, the law may require me to disclose your health care information without either a written or verbal consent (such as if requested by a court of law). Here is how I am legally required to maintain your privacy and how I may use and disclose your health care information.
What is the Health Insurance Portability and Accountability Act (HIPPA) of 1996?
HIPPA is a federal program that requires all medical records and other individually identifiable health information used or disclosed by my clinic in any form be kept confidential. This act provides the patient’s rights to understand and control how your health information is used. HIPPA provides penalties for covered entities that misuse personal health information.
My clinic gathers personal information and health information in several ways:
Information I receive directly from you, verbally or from the information you provide on forms, through emails, etc.
Information I receive from other health care providers, such as lab tests from your doctor’s office, etc.
Protected Health Information:
Protected health information is any information that includes details about your health status, provision of health care, or payment for health care that can be linked to you as a specific individual.
Safeguards in place at my clinic include:
Limited access to facilities where information is stored.
All of your health information is kept online or on my computer in your electronic medical record, including all health care forms, all of which are password protected and only accessed by me.
Policies and procedures for handling and storing information.
Third parties such as your health insurance company have agreed contractually to comply with privacy laws.
All medical files and records (including email, regular mail, and faxes sent) are kept on file in my clinic for 7 years.
How I may use and share health data about you:
This is the type of “sharing health data” that is referred to in the Notice of Privacy Practices you would sign before your first treatment. Please feel free to request a paper copy.
Medical practitioners - to give you the best acupuncture treatments or other health services, I may discuss your health status with other medical practitioners that you authorize (such as your doctor).
Payment - In order to maintain the level of service that you expect from my office, I may need to share limited personal medical and financial information with your insurance company, with Worker’s Compensation (and your employer as well in this instance) to obtain payment for your treatments.
Health care operations of my clinic - quality control, compliance monitoring, audit, etc.
Use and disclosures without consent:
In some limited situations, the law requires me to use and disclose your health information without your permission. Some examples include:
As required by federal, state or local law, such as when state, local or federal law mandates certain health information be reported for a specific purpose.
Public health purposes, such as contagious disease reporting and notices to and from the FDA regarding drugs and medical devices.
Lawsuits and disputes (from a court or administrative order).
If child or elder abuse or neglect is suspected, or domestic violence.
Uses and disclosures for health oversight, such as for the audits by insurance companies, or for investigation of possible violations of health care laws.
Law enforcement (to help law enforcement officers respond to criminal activities).
Coroners, medical examiners and funeral directors’ requests.
Types of information that I gather and use:
In administering your health care, I gather and maintain information that may include non-public personal information:
About your financial transactions with me (billing transactions, checks and EFTs - luckily I do not take credit card information).
From your medical history, treatment notes, all test results, and any letters, faxes, emails or notes from telephone conversations to or from other health care practitioners.
From health care providers, insurance companies, workman’s comp and your employer, and other third part administrators (e.g. requests for medical records, claim payment information).
You can request access and correct personal information I have collected about you, (information that can identify you - e.g. your name, address, insurance number, date of birth, etc.), most of which you can view and correct any information online in your patient account.
Patient Rights:
As a patient you have the following rights:
Right to insect and copy - upon written request you have the right to access, review or receive copies of your health care records.
Right to a complete account of disclosures - upon written request you have the right to receive a complete list of items this office has disclosed about your Protected Health Information.
Right to request specific restrictions on sharing - you have the right to request that my clinic place additional restrictions on the disclosure of your Protected Health Information.
Right to request confidential communications - you have the right to have your Protected Health Information received or communicated through an alternative method or sent to an alternative location other than the usual method of communication or delivery, upon your request. For example, you can ask that we only contact you at work or by mail.
Right to amend your health information - you have the right to request that I amend your Protected Health Information, in the event that you believe the health information I have is incorrect or incomplete. This request must be in writing. Please be advised, however, that I am not required to agree to amend Protected Health Information. I may deny the request for an amendment if it is not in writing or does not include a reason to support the request. In addition, I may deny the request if you ask us to amend information that:
I did not create, unless the person or entity that created the information is no longer available to make the amendment.
Is not part of the health information that I keep.
If your request to amend health information has been denied, you will be provided with a explanation of my denial reason(s) and information about how to disagree with the denial.
Right to a paper copy - you have the right to receive a paper copy of this Notice of Privacy Practices at any time upon request.
Questions and Complaints
If you have any questions, complaints, or want more information, please contact my clinic. If you believe that your privacy rights have been violated, you may file a complaint with me here:
Laura Stropes, L.Ac., 396 Colusa Avenue, Kensington, CA 94707
If you are not satisfied with the manner in which my clinic handles your complaint, you also have the right to file a formal, written complaint with the Secretary of the US Department of Public Health and Human Services here:
U.S. Department of Health and Human Services (DHHS), Office of Civil Rights, 200 Independence Ave SW, Room 509 F HHH Building, Washington, DC 20201
I value our relationship, and respect your right to protect the privacy of your health and financial information. I will not retaliate in any way if you choose to file a complaint with me or the Department of Health and Human Services.
If you have questions about my privacy guidelines, please feel free to talk with me about them during our visit, call me at 510-326-9597, or email me at: laura@laurastropes.com.